From 9bfa366a8f23124c6b2baf91deb662db62a0cdb2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pavel=20B=C5=99ezina?= Date: Tue, 10 Dec 2024 14:36:25 +0100 Subject: [PATCH] po: update pot files --- po/bg.po | 699 +++++----- po/ca.po | 709 +++++----- po/cs.po | 728 ++++++----- po/de.po | 704 +++++----- po/es.po | 723 +++++----- po/eu.po | 698 +++++----- po/fi.po | 707 +++++----- po/fr.po | 726 ++++++----- po/hu.po | 699 +++++----- po/id.po | 699 +++++----- po/it.po | 701 +++++----- po/ja.po | 724 +++++----- po/ka.po | 704 +++++----- po/ko.po | 726 ++++++----- po/nb.po | 698 +++++----- po/nl.po | 703 +++++----- po/pl.po | 727 ++++++----- po/pt.po | 701 +++++----- po/pt_BR.po | 698 +++++----- po/ru.po | 727 ++++++----- po/sssd.pot | 698 +++++----- po/sv.po | 726 ++++++----- po/tg.po | 698 +++++----- po/tr.po | 721 +++++----- po/uk.po | 727 ++++++----- po/zh_CN.po | 724 +++++----- po/zh_TW.po | 699 +++++----- src/man/po/br.po | 2637 +++++++++++++++++++------------------ src/man/po/ca.po | 2645 +++++++++++++++++++------------------ src/man/po/cs.po | 2641 +++++++++++++++++++------------------ src/man/po/de.po | 2656 +++++++++++++++++++------------------ src/man/po/es.po | 2670 +++++++++++++++++++------------------ src/man/po/eu.po | 2635 +++++++++++++++++++------------------ src/man/po/fi.po | 2639 +++++++++++++++++++------------------ src/man/po/fr.po | 2664 +++++++++++++++++++------------------ src/man/po/ja.po | 2645 +++++++++++++++++++------------------ src/man/po/lv.po | 2635 +++++++++++++++++++------------------ src/man/po/nl.po | 2637 +++++++++++++++++++------------------ src/man/po/pt.po | 2641 +++++++++++++++++++------------------ src/man/po/pt_BR.po | 2635 +++++++++++++++++++------------------ src/man/po/ru.po | 2685 +++++++++++++++++++------------------ src/man/po/sssd-docs.pot | 2637 +++++++++++++++++++------------------ src/man/po/sv.po | 2685 +++++++++++++++++++------------------ src/man/po/tg.po | 2635 +++++++++++++++++++------------------ src/man/po/uk.po | 2686 ++++++++++++++++++++------------------ src/man/po/zh_CN.po | 2635 +++++++++++++++++++------------------ 46 files changed, 36110 insertions(+), 33427 deletions(-) diff --git a/po/bg.po b/po/bg.po index 41c7c76fa91..2e3e1e3ac0d 100644 --- a/po/bg.po +++ b/po/bg.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2024-10-15 11:45+0200\n" +"POT-Creation-Date: 2024-12-10 14:35+0100\n" "PO-Revision-Date: 2014-12-14 11:44-0500\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Bulgarian (http://www.transifex.com/projects/p/sssd/language/" @@ -591,1266 +591,1285 @@ msgid "Whether to automatically update the client's DNS entry" msgstr "" #: src/config/SSSDConfig/sssdoptions.py:200 -#: src/config/SSSDConfig/sssdoptions.py:233 +msgid "" +"Whether DNS update of A and AAAA record should be performed in one update or " +"in two separate updates" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:202 +#: src/config/SSSDConfig/sssdoptions.py:238 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:201 -#: src/config/SSSDConfig/sssdoptions.py:234 +#: src/config/SSSDConfig/sssdoptions.py:203 +#: src/config/SSSDConfig/sssdoptions.py:239 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "Интерфейсът, чийто IP да се ползва за динамични DNS обновявания" -#: src/config/SSSDConfig/sssdoptions.py:202 +#: src/config/SSSDConfig/sssdoptions.py:204 msgid "How often to periodically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:203 +#: src/config/SSSDConfig/sssdoptions.py:205 msgid "Maximum period deviation when updating the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:204 +#: src/config/SSSDConfig/sssdoptions.py:206 msgid "Whether the provider should explicitly update the PTR record as well" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:205 +#: src/config/SSSDConfig/sssdoptions.py:207 msgid "Whether the nsupdate utility should default to using TCP" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:206 +#: src/config/SSSDConfig/sssdoptions.py:208 msgid "What kind of authentication should be used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:207 +#: src/config/SSSDConfig/sssdoptions.py:209 msgid "Override the DNS server used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:208 +#: src/config/SSSDConfig/sssdoptions.py:210 +msgid "The file of the certificate authorities certificates for DoT" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:211 +#, fuzzy +msgid "The certificate(s) file for authentication for the DoT transport" +msgstr "Изисква TLS проверка на сертификат" + +#: src/config/SSSDConfig/sssdoptions.py:212 +msgid "The key file for authenticated encryption for the DoT transport" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:213 msgid "Control enumeration of trusted domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:209 +#: src/config/SSSDConfig/sssdoptions.py:214 msgid "How often should subdomains list be refreshed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:210 +#: src/config/SSSDConfig/sssdoptions.py:215 msgid "Maximum period deviation when refreshing the subdomain list" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:211 +#: src/config/SSSDConfig/sssdoptions.py:216 msgid "List of options that should be inherited into a subdomain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:212 +#: src/config/SSSDConfig/sssdoptions.py:217 msgid "Default subdomain homedir value" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:213 +#: src/config/SSSDConfig/sssdoptions.py:218 msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:214 +#: src/config/SSSDConfig/sssdoptions.py:219 msgid "Whether to automatically create private groups for users" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:215 +#: src/config/SSSDConfig/sssdoptions.py:220 msgid "Display a warning N days before the password expires." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:216 +#: src/config/SSSDConfig/sssdoptions.py:221 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:217 +#: src/config/SSSDConfig/sssdoptions.py:222 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:219 +#: src/config/SSSDConfig/sssdoptions.py:224 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:221 +#: src/config/SSSDConfig/sssdoptions.py:226 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " "(long term password) must have to be saved as SHA512 hash into the cache." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:225 +#: src/config/SSSDConfig/sssdoptions.py:230 msgid "Local authentication methods policy " msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:228 +#: src/config/SSSDConfig/sssdoptions.py:233 msgid "IPA domain" msgstr "IPA домейн" -#: src/config/SSSDConfig/sssdoptions.py:229 +#: src/config/SSSDConfig/sssdoptions.py:234 msgid "IPA server address" msgstr "Адрес на IPA сървър" -#: src/config/SSSDConfig/sssdoptions.py:230 +#: src/config/SSSDConfig/sssdoptions.py:235 msgid "Address of backup IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:231 +#: src/config/SSSDConfig/sssdoptions.py:236 msgid "IPA client hostname" msgstr "Име на хост на IPA клиент" -#: src/config/SSSDConfig/sssdoptions.py:232 +#: src/config/SSSDConfig/sssdoptions.py:237 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "Дали автоматично да се обновява клиентския DNS запис във FreeIPA" -#: src/config/SSSDConfig/sssdoptions.py:235 +#: src/config/SSSDConfig/sssdoptions.py:240 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:236 +#: src/config/SSSDConfig/sssdoptions.py:241 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:237 +#: src/config/SSSDConfig/sssdoptions.py:242 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:239 +#: src/config/SSSDConfig/sssdoptions.py:244 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:240 +#: src/config/SSSDConfig/sssdoptions.py:245 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:241 +#: src/config/SSSDConfig/sssdoptions.py:246 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:242 +#: src/config/SSSDConfig/sssdoptions.py:247 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:243 -#: src/config/SSSDConfig/sssdoptions.py:299 +#: src/config/SSSDConfig/sssdoptions.py:248 +#: src/config/SSSDConfig/sssdoptions.py:304 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:244 +#: src/config/SSSDConfig/sssdoptions.py:249 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:245 +#: src/config/SSSDConfig/sssdoptions.py:250 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:246 +#: src/config/SSSDConfig/sssdoptions.py:251 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:247 +#: src/config/SSSDConfig/sssdoptions.py:252 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:248 +#: src/config/SSSDConfig/sssdoptions.py:253 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:249 +#: src/config/SSSDConfig/sssdoptions.py:254 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:250 +#: src/config/SSSDConfig/sssdoptions.py:255 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:251 +#: src/config/SSSDConfig/sssdoptions.py:256 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:252 +#: src/config/SSSDConfig/sssdoptions.py:257 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:254 +#: src/config/SSSDConfig/sssdoptions.py:259 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:257 +#: src/config/SSSDConfig/sssdoptions.py:262 msgid "Search base for SUBID ranges" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:258 -#: src/config/SSSDConfig/sssdoptions.py:503 +#: src/config/SSSDConfig/sssdoptions.py:263 +#: src/config/SSSDConfig/sssdoptions.py:508 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:259 +#: src/config/SSSDConfig/sssdoptions.py:264 msgid "The LDAP attribute that contains FQDN of the host." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:260 -#: src/config/SSSDConfig/sssdoptions.py:283 +#: src/config/SSSDConfig/sssdoptions.py:265 +#: src/config/SSSDConfig/sssdoptions.py:288 msgid "The object class of a host entry in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:261 +#: src/config/SSSDConfig/sssdoptions.py:266 msgid "Use the given string as search base for host objects." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:262 +#: src/config/SSSDConfig/sssdoptions.py:267 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:263 +#: src/config/SSSDConfig/sssdoptions.py:268 msgid "The LDAP attribute that contains NIS domain name of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:264 +#: src/config/SSSDConfig/sssdoptions.py:269 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:265 +#: src/config/SSSDConfig/sssdoptions.py:270 msgid "" "The LDAP attribute that lists FQDNs of hosts and host groups that are " "members of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:267 +#: src/config/SSSDConfig/sssdoptions.py:272 msgid "" "The LDAP attribute that lists hosts and host groups that are direct members " "of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:269 +#: src/config/SSSDConfig/sssdoptions.py:274 msgid "The LDAP attribute that lists netgroup's memberships." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:270 +#: src/config/SSSDConfig/sssdoptions.py:275 msgid "" "The LDAP attribute that lists system users and groups that are direct " "members of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:272 +#: src/config/SSSDConfig/sssdoptions.py:277 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:273 +#: src/config/SSSDConfig/sssdoptions.py:278 msgid "The object class of a netgroup entry in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:274 +#: src/config/SSSDConfig/sssdoptions.py:279 msgid "" "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:275 +#: src/config/SSSDConfig/sssdoptions.py:280 msgid "" "The LDAP attribute that contains whether or not is user map enabled for " "usage." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:277 +#: src/config/SSSDConfig/sssdoptions.py:282 msgid "The LDAP attribute that contains host category such as 'all'." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:278 +#: src/config/SSSDConfig/sssdoptions.py:283 msgid "" "The LDAP attribute that contains all hosts / hostgroups this rule match " "against." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:280 +#: src/config/SSSDConfig/sssdoptions.py:285 msgid "" "The LDAP attribute that contains all users / groups this rule match against." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:282 +#: src/config/SSSDConfig/sssdoptions.py:287 msgid "The LDAP attribute that contains the name of SELinux usermap." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:284 +#: src/config/SSSDConfig/sssdoptions.py:289 msgid "" "The LDAP attribute that contains DN of HBAC rule which can be used for " "matching instead of memberUser and memberHost." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:286 +#: src/config/SSSDConfig/sssdoptions.py:291 msgid "The LDAP attribute that contains SELinux user string itself." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:287 +#: src/config/SSSDConfig/sssdoptions.py:292 msgid "The LDAP attribute that contains user category such as 'all'." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:288 +#: src/config/SSSDConfig/sssdoptions.py:293 msgid "The LDAP attribute that contains unique ID of the user map." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:289 +#: src/config/SSSDConfig/sssdoptions.py:294 msgid "" "The option denotes that the SSSD is running on IPA server and should perform " "lookups of users and groups from trusted domains differently." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:291 +#: src/config/SSSDConfig/sssdoptions.py:296 msgid "Use the given string as search base for trusted domains." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:294 +#: src/config/SSSDConfig/sssdoptions.py:299 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:295 +#: src/config/SSSDConfig/sssdoptions.py:300 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:296 +#: src/config/SSSDConfig/sssdoptions.py:301 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:297 +#: src/config/SSSDConfig/sssdoptions.py:302 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:298 +#: src/config/SSSDConfig/sssdoptions.py:303 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:300 -#: src/config/SSSDConfig/sssdoptions.py:501 +#: src/config/SSSDConfig/sssdoptions.py:305 +#: src/config/SSSDConfig/sssdoptions.py:506 msgid "LDAP filter to determine access privileges" msgstr "LDAP филтър за определяне права на достъп" -#: src/config/SSSDConfig/sssdoptions.py:301 +#: src/config/SSSDConfig/sssdoptions.py:306 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:302 +#: src/config/SSSDConfig/sssdoptions.py:307 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:303 +#: src/config/SSSDConfig/sssdoptions.py:308 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:304 +#: src/config/SSSDConfig/sssdoptions.py:309 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:306 +#: src/config/SSSDConfig/sssdoptions.py:311 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:308 +#: src/config/SSSDConfig/sssdoptions.py:313 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:309 +#: src/config/SSSDConfig/sssdoptions.py:314 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:310 +#: src/config/SSSDConfig/sssdoptions.py:315 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:311 +#: src/config/SSSDConfig/sssdoptions.py:316 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:312 +#: src/config/SSSDConfig/sssdoptions.py:317 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:313 +#: src/config/SSSDConfig/sssdoptions.py:318 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:314 +#: src/config/SSSDConfig/sssdoptions.py:319 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:315 +#: src/config/SSSDConfig/sssdoptions.py:320 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:317 +#: src/config/SSSDConfig/sssdoptions.py:322 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:318 +#: src/config/SSSDConfig/sssdoptions.py:323 msgid "Whether to update the machine account password in the Samba database" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:320 +#: src/config/SSSDConfig/sssdoptions.py:325 msgid "Use LDAPS port for LDAP and Global Catalog requests" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:321 +#: src/config/SSSDConfig/sssdoptions.py:326 msgid "Do not filter domain local groups from other domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:324 -#: src/config/SSSDConfig/sssdoptions.py:325 +#: src/config/SSSDConfig/sssdoptions.py:329 +#: src/config/SSSDConfig/sssdoptions.py:330 msgid "Kerberos server address" msgstr "Адрес на Kerberos сървър" -#: src/config/SSSDConfig/sssdoptions.py:326 +#: src/config/SSSDConfig/sssdoptions.py:331 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:327 +#: src/config/SSSDConfig/sssdoptions.py:332 msgid "Kerberos realm" msgstr "Kerberos област" -#: src/config/SSSDConfig/sssdoptions.py:328 +#: src/config/SSSDConfig/sssdoptions.py:333 msgid "Authentication timeout" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:329 +#: src/config/SSSDConfig/sssdoptions.py:334 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:330 +#: src/config/SSSDConfig/sssdoptions.py:335 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:333 +#: src/config/SSSDConfig/sssdoptions.py:338 msgid "Directory to store credential caches" msgstr "Директория за съхранение на кеша за данни за удостоверяване" -#: src/config/SSSDConfig/sssdoptions.py:334 +#: src/config/SSSDConfig/sssdoptions.py:339 msgid "Location of the user's credential cache" msgstr "Местоположение на кеша за данни за удостоверяване на потребители" -#: src/config/SSSDConfig/sssdoptions.py:335 +#: src/config/SSSDConfig/sssdoptions.py:340 msgid "Location of the keytab to validate credentials" msgstr "Местоположение на keytab за валидиране на данните за удостоверяване" -#: src/config/SSSDConfig/sssdoptions.py:336 +#: src/config/SSSDConfig/sssdoptions.py:341 msgid "Enable credential validation" msgstr "Разреши проверката на данните за удостоверяване" -#: src/config/SSSDConfig/sssdoptions.py:337 +#: src/config/SSSDConfig/sssdoptions.py:342 msgid "Store password if offline for later online authentication" msgstr "Записва паролата ако е офлайн за по-късно удостоверяване" -#: src/config/SSSDConfig/sssdoptions.py:338 +#: src/config/SSSDConfig/sssdoptions.py:343 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:339 +#: src/config/SSSDConfig/sssdoptions.py:344 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:340 +#: src/config/SSSDConfig/sssdoptions.py:345 msgid "Time between two checks for renewal" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:341 +#: src/config/SSSDConfig/sssdoptions.py:346 msgid "Enables FAST" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:342 +#: src/config/SSSDConfig/sssdoptions.py:347 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:343 +#: src/config/SSSDConfig/sssdoptions.py:348 msgid "Use anonymous PKINIT to request FAST credentials" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:344 +#: src/config/SSSDConfig/sssdoptions.py:349 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:345 +#: src/config/SSSDConfig/sssdoptions.py:350 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:346 +#: src/config/SSSDConfig/sssdoptions.py:351 msgid "Enables using of subdomains realms for authentication" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:347 +#: src/config/SSSDConfig/sssdoptions.py:352 msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:350 -#: src/config/SSSDConfig/sssdoptions.py:351 +#: src/config/SSSDConfig/sssdoptions.py:355 +#: src/config/SSSDConfig/sssdoptions.py:356 msgid "Server where the change password service is running if not on the KDC" msgstr "Сървърът, на който работи услугата за смяна на парола ако не е на KDC" -#: src/config/SSSDConfig/sssdoptions.py:354 +#: src/config/SSSDConfig/sssdoptions.py:359 msgid "ldap_uri, The URI of the LDAP server" msgstr "ldap_uri, URI на LDAP сървъра" -#: src/config/SSSDConfig/sssdoptions.py:355 +#: src/config/SSSDConfig/sssdoptions.py:360 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:356 +#: src/config/SSSDConfig/sssdoptions.py:361 msgid "The default base DN" msgstr "Базовият DN по подразбиране" -#: src/config/SSSDConfig/sssdoptions.py:357 +#: src/config/SSSDConfig/sssdoptions.py:362 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "Използваният тип схема на LDAP сървъра, rfc2307" -#: src/config/SSSDConfig/sssdoptions.py:358 +#: src/config/SSSDConfig/sssdoptions.py:363 msgid "Mode used to change user password" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:359 +#: src/config/SSSDConfig/sssdoptions.py:364 msgid "The default bind DN" msgstr "Подразбиращият се bind DN" -#: src/config/SSSDConfig/sssdoptions.py:360 +#: src/config/SSSDConfig/sssdoptions.py:365 msgid "The type of the authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:361 +#: src/config/SSSDConfig/sssdoptions.py:366 msgid "The authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:362 +#: src/config/SSSDConfig/sssdoptions.py:367 msgid "Length of time to attempt connection" msgstr "Продължителност на опитите за свързване" -#: src/config/SSSDConfig/sssdoptions.py:363 +#: src/config/SSSDConfig/sssdoptions.py:368 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Продължителност на опитите за синхронни LDAP операции" -#: src/config/SSSDConfig/sssdoptions.py:364 +#: src/config/SSSDConfig/sssdoptions.py:369 msgid "Length of time between attempts to reconnect while offline" msgstr "Продължителност на времето между опитите за връзка докато е офлайн" -#: src/config/SSSDConfig/sssdoptions.py:365 +#: src/config/SSSDConfig/sssdoptions.py:370 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:366 +#: src/config/SSSDConfig/sssdoptions.py:371 msgid "File that contains CA certificates" msgstr "Файл, съдържащ CA сертификати" -#: src/config/SSSDConfig/sssdoptions.py:367 +#: src/config/SSSDConfig/sssdoptions.py:372 msgid "Path to CA certificate directory" msgstr "Път до директорията на CA сертификат" -#: src/config/SSSDConfig/sssdoptions.py:368 +#: src/config/SSSDConfig/sssdoptions.py:373 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:369 +#: src/config/SSSDConfig/sssdoptions.py:374 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:370 +#: src/config/SSSDConfig/sssdoptions.py:375 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:371 +#: src/config/SSSDConfig/sssdoptions.py:376 msgid "Require TLS certificate verification" msgstr "Изисква TLS проверка на сертификат" -#: src/config/SSSDConfig/sssdoptions.py:372 +#: src/config/SSSDConfig/sssdoptions.py:377 msgid "Specify the sasl mechanism to use" msgstr "Задава за използване механизма sasl" -#: src/config/SSSDConfig/sssdoptions.py:373 +#: src/config/SSSDConfig/sssdoptions.py:378 msgid "Specify the sasl authorization id to use" msgstr "Задаване на sasl authorization id за употреба" -#: src/config/SSSDConfig/sssdoptions.py:374 +#: src/config/SSSDConfig/sssdoptions.py:379 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:375 +#: src/config/SSSDConfig/sssdoptions.py:380 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:376 +#: src/config/SSSDConfig/sssdoptions.py:381 msgid "Specify the maximal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:377 +#: src/config/SSSDConfig/sssdoptions.py:382 msgid "Kerberos service keytab" msgstr "keytab на Kerberos услуга" -#: src/config/SSSDConfig/sssdoptions.py:378 +#: src/config/SSSDConfig/sssdoptions.py:383 msgid "Use Kerberos auth for LDAP connection" msgstr "Ползвай Kerberos auth за LDAP връзка" -#: src/config/SSSDConfig/sssdoptions.py:379 +#: src/config/SSSDConfig/sssdoptions.py:384 msgid "Follow LDAP referrals" msgstr "Следвай LDAP референциите" -#: src/config/SSSDConfig/sssdoptions.py:380 +#: src/config/SSSDConfig/sssdoptions.py:385 msgid "Lifetime of TGT for LDAP connection" msgstr "Продължителност на живот на TGT за LDAP връзка" -#: src/config/SSSDConfig/sssdoptions.py:381 +#: src/config/SSSDConfig/sssdoptions.py:386 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:382 +#: src/config/SSSDConfig/sssdoptions.py:387 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:383 +#: src/config/SSSDConfig/sssdoptions.py:388 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:384 +#: src/config/SSSDConfig/sssdoptions.py:389 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:385 +#: src/config/SSSDConfig/sssdoptions.py:390 msgid "Ignore unreadable LDAP references" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:386 +#: src/config/SSSDConfig/sssdoptions.py:391 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:388 +#: src/config/SSSDConfig/sssdoptions.py:393 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:391 +#: src/config/SSSDConfig/sssdoptions.py:396 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:392 +#: src/config/SSSDConfig/sssdoptions.py:397 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:394 +#: src/config/SSSDConfig/sssdoptions.py:399 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:397 +#: src/config/SSSDConfig/sssdoptions.py:402 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:398 +#: src/config/SSSDConfig/sssdoptions.py:403 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:399 +#: src/config/SSSDConfig/sssdoptions.py:404 msgid "Use the ppolicy extension" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:400 +#: src/config/SSSDConfig/sssdoptions.py:405 msgid "" "Force a password change when remaining grace logins reach or go below this " "threshold" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:403 +#: src/config/SSSDConfig/sssdoptions.py:408 msgid "Length of time to wait for a search request" msgstr "Продължителност на време за изчакване на заявка за търсене" -#: src/config/SSSDConfig/sssdoptions.py:404 +#: src/config/SSSDConfig/sssdoptions.py:409 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:405 +#: src/config/SSSDConfig/sssdoptions.py:410 msgid "Length of time between enumeration updates" msgstr "Продължителност на време между актуализации на изброяване" -#: src/config/SSSDConfig/sssdoptions.py:406 +#: src/config/SSSDConfig/sssdoptions.py:411 #, fuzzy msgid "Maximum period deviation between enumeration updates" msgstr "Продължителност на време между актуализации на изброяване" -#: src/config/SSSDConfig/sssdoptions.py:407 +#: src/config/SSSDConfig/sssdoptions.py:412 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:408 +#: src/config/SSSDConfig/sssdoptions.py:413 msgid "Maximum time deviation between cache cleanups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:409 +#: src/config/SSSDConfig/sssdoptions.py:414 msgid "Require TLS for ID lookups" msgstr "Изисква TLS за ИД справките" -#: src/config/SSSDConfig/sssdoptions.py:410 +#: src/config/SSSDConfig/sssdoptions.py:415 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:411 +#: src/config/SSSDConfig/sssdoptions.py:416 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:412 +#: src/config/SSSDConfig/sssdoptions.py:417 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:413 +#: src/config/SSSDConfig/sssdoptions.py:418 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:414 +#: src/config/SSSDConfig/sssdoptions.py:419 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:415 +#: src/config/SSSDConfig/sssdoptions.py:420 msgid "Username attribute" msgstr "атрибут Потребителско име" -#: src/config/SSSDConfig/sssdoptions.py:416 +#: src/config/SSSDConfig/sssdoptions.py:421 msgid "UID attribute" msgstr "атрибут UID" -#: src/config/SSSDConfig/sssdoptions.py:417 +#: src/config/SSSDConfig/sssdoptions.py:422 msgid "Primary GID attribute" msgstr "атрибут Първичен GID" -#: src/config/SSSDConfig/sssdoptions.py:418 +#: src/config/SSSDConfig/sssdoptions.py:423 msgid "GECOS attribute" msgstr "атрибут GECOS" -#: src/config/SSSDConfig/sssdoptions.py:419 +#: src/config/SSSDConfig/sssdoptions.py:424 msgid "Home directory attribute" msgstr "атрибут Домашна директория" -#: src/config/SSSDConfig/sssdoptions.py:420 +#: src/config/SSSDConfig/sssdoptions.py:425 msgid "Shell attribute" msgstr "атрибут Команден интерпретатор" -#: src/config/SSSDConfig/sssdoptions.py:421 +#: src/config/SSSDConfig/sssdoptions.py:426 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:422 -#: src/config/SSSDConfig/sssdoptions.py:461 +#: src/config/SSSDConfig/sssdoptions.py:427 +#: src/config/SSSDConfig/sssdoptions.py:466 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:423 +#: src/config/SSSDConfig/sssdoptions.py:428 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:424 +#: src/config/SSSDConfig/sssdoptions.py:429 msgid "User principal attribute (for Kerberos)" msgstr "атрибут User principal (за Kerberos)" -#: src/config/SSSDConfig/sssdoptions.py:425 +#: src/config/SSSDConfig/sssdoptions.py:430 msgid "Full Name" msgstr "Пълно име" -#: src/config/SSSDConfig/sssdoptions.py:426 +#: src/config/SSSDConfig/sssdoptions.py:431 msgid "memberOf attribute" msgstr "атрибут членНа" -#: src/config/SSSDConfig/sssdoptions.py:427 +#: src/config/SSSDConfig/sssdoptions.py:432 msgid "Modification time attribute" msgstr "атрибут Момент на промяна" -#: src/config/SSSDConfig/sssdoptions.py:428 +#: src/config/SSSDConfig/sssdoptions.py:433 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:429 +#: src/config/SSSDConfig/sssdoptions.py:434 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:430 +#: src/config/SSSDConfig/sssdoptions.py:435 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:431 +#: src/config/SSSDConfig/sssdoptions.py:436 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:432 +#: src/config/SSSDConfig/sssdoptions.py:437 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:433 +#: src/config/SSSDConfig/sssdoptions.py:438 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:434 +#: src/config/SSSDConfig/sssdoptions.py:439 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:435 +#: src/config/SSSDConfig/sssdoptions.py:440 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:436 +#: src/config/SSSDConfig/sssdoptions.py:441 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:437 +#: src/config/SSSDConfig/sssdoptions.py:442 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:438 +#: src/config/SSSDConfig/sssdoptions.py:443 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:439 +#: src/config/SSSDConfig/sssdoptions.py:444 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:440 +#: src/config/SSSDConfig/sssdoptions.py:445 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:441 +#: src/config/SSSDConfig/sssdoptions.py:446 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:442 +#: src/config/SSSDConfig/sssdoptions.py:447 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:443 +#: src/config/SSSDConfig/sssdoptions.py:448 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:444 +#: src/config/SSSDConfig/sssdoptions.py:449 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:445 +#: src/config/SSSDConfig/sssdoptions.py:450 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:446 +#: src/config/SSSDConfig/sssdoptions.py:451 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:447 +#: src/config/SSSDConfig/sssdoptions.py:452 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:448 +#: src/config/SSSDConfig/sssdoptions.py:453 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:449 +#: src/config/SSSDConfig/sssdoptions.py:454 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:450 +#: src/config/SSSDConfig/sssdoptions.py:455 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:451 +#: src/config/SSSDConfig/sssdoptions.py:456 msgid "attribute containing the passkey mapping data of the user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:452 +#: src/config/SSSDConfig/sssdoptions.py:457 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:454 +#: src/config/SSSDConfig/sssdoptions.py:459 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:455 +#: src/config/SSSDConfig/sssdoptions.py:460 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:456 +#: src/config/SSSDConfig/sssdoptions.py:461 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:457 +#: src/config/SSSDConfig/sssdoptions.py:462 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:458 +#: src/config/SSSDConfig/sssdoptions.py:463 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:459 +#: src/config/SSSDConfig/sssdoptions.py:464 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:460 +#: src/config/SSSDConfig/sssdoptions.py:465 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:462 +#: src/config/SSSDConfig/sssdoptions.py:467 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:463 +#: src/config/SSSDConfig/sssdoptions.py:468 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:464 +#: src/config/SSSDConfig/sssdoptions.py:469 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:465 +#: src/config/SSSDConfig/sssdoptions.py:470 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:466 +#: src/config/SSSDConfig/sssdoptions.py:471 msgid "Filter for group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:467 +#: src/config/SSSDConfig/sssdoptions.py:472 msgid "Scope of group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:469 +#: src/config/SSSDConfig/sssdoptions.py:474 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:470 +#: src/config/SSSDConfig/sssdoptions.py:475 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:471 +#: src/config/SSSDConfig/sssdoptions.py:476 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:472 +#: src/config/SSSDConfig/sssdoptions.py:477 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:473 +#: src/config/SSSDConfig/sssdoptions.py:478 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:474 +#: src/config/SSSDConfig/sssdoptions.py:479 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:476 +#: src/config/SSSDConfig/sssdoptions.py:481 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:477 +#: src/config/SSSDConfig/sssdoptions.py:482 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:478 +#: src/config/SSSDConfig/sssdoptions.py:483 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:479 +#: src/config/SSSDConfig/sssdoptions.py:484 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:480 +#: src/config/SSSDConfig/sssdoptions.py:485 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:482 +#: src/config/SSSDConfig/sssdoptions.py:487 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:483 +#: src/config/SSSDConfig/sssdoptions.py:488 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:484 +#: src/config/SSSDConfig/sssdoptions.py:489 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:485 +#: src/config/SSSDConfig/sssdoptions.py:490 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:486 +#: src/config/SSSDConfig/sssdoptions.py:491 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:487 +#: src/config/SSSDConfig/sssdoptions.py:492 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:488 +#: src/config/SSSDConfig/sssdoptions.py:493 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:490 +#: src/config/SSSDConfig/sssdoptions.py:495 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:491 +#: src/config/SSSDConfig/sssdoptions.py:496 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:492 +#: src/config/SSSDConfig/sssdoptions.py:497 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:493 +#: src/config/SSSDConfig/sssdoptions.py:498 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:494 +#: src/config/SSSDConfig/sssdoptions.py:499 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:495 +#: src/config/SSSDConfig/sssdoptions.py:500 msgid "Set libldap debug level" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:498 +#: src/config/SSSDConfig/sssdoptions.py:503 msgid "Policy to evaluate the password expiration" msgstr "Политика за определяне срок на валидност на парола" -#: src/config/SSSDConfig/sssdoptions.py:502 +#: src/config/SSSDConfig/sssdoptions.py:507 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:506 +#: src/config/SSSDConfig/sssdoptions.py:511 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:507 +#: src/config/SSSDConfig/sssdoptions.py:512 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:508 +#: src/config/SSSDConfig/sssdoptions.py:513 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:509 +#: src/config/SSSDConfig/sssdoptions.py:514 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:513 +#: src/config/SSSDConfig/sssdoptions.py:518 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:514 +#: src/config/SSSDConfig/sssdoptions.py:519 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:515 +#: src/config/SSSDConfig/sssdoptions.py:520 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:516 +#: src/config/SSSDConfig/sssdoptions.py:521 msgid "Smart and full refresh random offset" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:517 +#: src/config/SSSDConfig/sssdoptions.py:522 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:518 +#: src/config/SSSDConfig/sssdoptions.py:523 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:519 +#: src/config/SSSDConfig/sssdoptions.py:524 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:520 +#: src/config/SSSDConfig/sssdoptions.py:525 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:521 +#: src/config/SSSDConfig/sssdoptions.py:526 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:522 +#: src/config/SSSDConfig/sssdoptions.py:527 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:523 +#: src/config/SSSDConfig/sssdoptions.py:528 msgid "Name of attribute that is used as object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:524 +#: src/config/SSSDConfig/sssdoptions.py:529 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:525 +#: src/config/SSSDConfig/sssdoptions.py:530 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:526 +#: src/config/SSSDConfig/sssdoptions.py:531 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:527 +#: src/config/SSSDConfig/sssdoptions.py:532 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:528 +#: src/config/SSSDConfig/sssdoptions.py:533 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:529 +#: src/config/SSSDConfig/sssdoptions.py:534 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:530 +#: src/config/SSSDConfig/sssdoptions.py:535 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:531 +#: src/config/SSSDConfig/sssdoptions.py:536 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:532 +#: src/config/SSSDConfig/sssdoptions.py:537 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:533 +#: src/config/SSSDConfig/sssdoptions.py:538 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:534 +#: src/config/SSSDConfig/sssdoptions.py:539 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:537 +#: src/config/SSSDConfig/sssdoptions.py:542 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:538 +#: src/config/SSSDConfig/sssdoptions.py:543 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:539 +#: src/config/SSSDConfig/sssdoptions.py:544 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:540 +#: src/config/SSSDConfig/sssdoptions.py:545 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:541 +#: src/config/SSSDConfig/sssdoptions.py:546 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:542 +#: src/config/SSSDConfig/sssdoptions.py:547 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:543 +#: src/config/SSSDConfig/sssdoptions.py:548 msgid "The name of the automount master map in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:546 +#: src/config/SSSDConfig/sssdoptions.py:551 msgid "Base DN for IP hosts lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:547 +#: src/config/SSSDConfig/sssdoptions.py:552 msgid "Object class for IP hosts" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:548 +#: src/config/SSSDConfig/sssdoptions.py:553 msgid "IP host name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:549 +#: src/config/SSSDConfig/sssdoptions.py:554 msgid "IP host number (address) attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:550 +#: src/config/SSSDConfig/sssdoptions.py:555 msgid "IP host entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:551 +#: src/config/SSSDConfig/sssdoptions.py:556 msgid "Base DN for IP networks lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:552 +#: src/config/SSSDConfig/sssdoptions.py:557 msgid "Object class for IP networks" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:553 +#: src/config/SSSDConfig/sssdoptions.py:558 msgid "IP network name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:554 +#: src/config/SSSDConfig/sssdoptions.py:559 msgid "IP network number (address) attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:555 +#: src/config/SSSDConfig/sssdoptions.py:560 msgid "IP network entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:558 +#: src/config/SSSDConfig/sssdoptions.py:563 msgid "Comma separated list of allowed users" msgstr "Списък разрешени потребители, разделени със запетая" -#: src/config/SSSDConfig/sssdoptions.py:559 +#: src/config/SSSDConfig/sssdoptions.py:564 msgid "Comma separated list of prohibited users" msgstr "Списък забранени потребители, разделени със запетая" -#: src/config/SSSDConfig/sssdoptions.py:560 +#: src/config/SSSDConfig/sssdoptions.py:565 msgid "" "Comma separated list of groups that are allowed to log in. This applies only " "to groups within this SSSD domain. Local groups are not evaluated." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:562 +#: src/config/SSSDConfig/sssdoptions.py:567 msgid "" "Comma separated list of groups that are explicitly denied access. This " "applies only to groups within this SSSD domain. Local groups are not " "evaluated." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:566 +#: src/config/SSSDConfig/sssdoptions.py:571 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:569 +#: src/config/SSSDConfig/sssdoptions.py:574 msgid "The name of the NSS library to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:570 +#: src/config/SSSDConfig/sssdoptions.py:575 msgid "The name of the NSS library to use for hosts and networks lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:571 +#: src/config/SSSDConfig/sssdoptions.py:576 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:574 +#: src/config/SSSDConfig/sssdoptions.py:579 msgid "PAM stack to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:577 +#: src/config/SSSDConfig/sssdoptions.py:582 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:578 +#: src/config/SSSDConfig/sssdoptions.py:583 msgid "Path of group file sources." msgstr "" @@ -1904,76 +1923,72 @@ msgstr "" msgid "Can't read config: '%s'\n" msgstr "" -#: src/monitor/monitor.c:1953 +#: src/monitor/monitor.c:1956 #, c-format msgid "Failed to boostrap SSSD 'monitor' process: %s" msgstr "" -#: src/monitor/monitor.c:2050 +#: src/monitor/monitor.c:2053 msgid "Out of memory\n" msgstr "" -#: src/providers/krb5/krb5_child.c:4145 src/providers/ldap/ldap_child.c:994 -msgid "Allow core dumps" +#: src/providers/krb5/krb5_child.c:4113 src/providers/ldap/ldap_child.c:995 +msgid "Ignored, /proc/sys/fs/suid_dumpable setting is in force" msgstr "" -#: src/providers/krb5/krb5_child.c:4147 src/providers/ldap/ldap_child.c:996 -msgid "An open file descriptor for the debug logs" -msgstr "" - -#: src/providers/krb5/krb5_child.c:4150 -msgid "The user to create FAST ccache as" +#: src/providers/krb5/krb5_child.c:4115 src/providers/ldap/ldap_child.c:997 +msgid "Enable debug backtrace" msgstr "" -#: src/providers/krb5/krb5_child.c:4152 -msgid "The group to create FAST ccache as" +#: src/providers/krb5/krb5_child.c:4117 src/providers/ldap/ldap_child.c:999 +msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:4154 +#: src/providers/krb5/krb5_child.c:4120 msgid "Use anonymous PKINIT to request FAST armor ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:4156 +#: src/providers/krb5/krb5_child.c:4122 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:4158 +#: src/providers/krb5/krb5_child.c:4124 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:4160 +#: src/providers/krb5/krb5_child.c:4126 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:4162 +#: src/providers/krb5/krb5_child.c:4128 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:4165 +#: src/providers/krb5/krb5_child.c:4131 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:4167 +#: src/providers/krb5/krb5_child.c:4133 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/krb5/krb5_child.c:4169 +#: src/providers/krb5/krb5_child.c:4135 msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/krb5/krb5_child.c:4171 +#: src/providers/krb5/krb5_child.c:4137 msgid "Tevent chain ID used for logging purposes" msgstr "" -#: src/providers/krb5/krb5_child.c:4173 +#: src/providers/krb5/krb5_child.c:4139 msgid "Check PAC flags" msgstr "" -#: src/providers/krb5/krb5_child.c:4217 src/providers/ldap/ldap_child.c:1022 +#: src/providers/krb5/krb5_child.c:4187 src/providers/ldap/ldap_child.c:1029 msgid "talloc_asprintf failed.\n" msgstr "" -#: src/providers/krb5/krb5_child.c:4227 src/providers/ldap/ldap_child.c:1031 +#: src/providers/krb5/krb5_child.c:4197 src/providers/ldap/ldap_child.c:1038 msgid "set_debug_file_from_fd failed.\n" msgstr "" @@ -2138,7 +2153,7 @@ msgstr "" msgid "Current Password: " msgstr "Текуща парола:" -#: src/sss_client/pam_sss.c:3147 +#: src/sss_client/pam_sss.c:3150 msgid "Password expired. Change your password now." msgstr "Паролата Ви е остаряла. Сменете я сега." @@ -2803,24 +2818,28 @@ msgstr "" #: src/tools/sssctl/sssctl_config.c:120 #, c-format -msgid "Failed to read '%s': %s\n" +msgid "Configuration validation failed: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_config.c:129 +#: src/tools/sssctl/sssctl_config.c:121 +msgid "Run with high debug level to see details.\n" +msgstr "" + +#: src/tools/sssctl/sssctl_config.c:130 msgid "Failed to run validators" msgstr "" -#: src/tools/sssctl/sssctl_config.c:133 +#: src/tools/sssctl/sssctl_config.c:134 #, c-format msgid "Issues identified by validators: %zu\n" msgstr "" -#: src/tools/sssctl/sssctl_config.c:144 +#: src/tools/sssctl/sssctl_config.c:145 #, c-format msgid "Messages generated during configuration merging: %zu\n" msgstr "" -#: src/tools/sssctl/sssctl_config.c:157 +#: src/tools/sssctl/sssctl_config.c:158 #, c-format msgid "Used configuration snippet files: %zu\n" msgstr "" @@ -3313,11 +3332,11 @@ msgstr "" msgid " - no env -\n" msgstr "" -#: src/util/util.h:98 +#: src/util/util.h:91 msgid "Specify a non-default config file" msgstr "Задаване на друг (не подразбиращия се) конфиг файл" -#: src/util/util.h:105 +#: src/util/util.h:98 msgid "Informs that the responder has been socket-activated" msgstr "" diff --git a/po/ca.po b/po/ca.po index 9c776f6f540..8bd0990779e 100644 --- a/po/ca.po +++ b/po/ca.po @@ -14,7 +14,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2024-10-15 11:45+0200\n" +"POT-Creation-Date: 2024-12-10 14:35+0100\n" "PO-Revision-Date: 2017-10-15 03:02-0400\n" "Last-Translator: Robert Antoni Buj Gelonch \n" "Language-Team: Catalan (http://www.transifex.com/projects/p/sssd/language/" @@ -641,135 +641,154 @@ msgid "Whether to automatically update the client's DNS entry" msgstr "Si s'actualitza automàticament l'entrada DNS del client" #: src/config/SSSDConfig/sssdoptions.py:200 -#: src/config/SSSDConfig/sssdoptions.py:233 +msgid "" +"Whether DNS update of A and AAAA record should be performed in one update or " +"in two separate updates" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:202 +#: src/config/SSSDConfig/sssdoptions.py:238 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "El TTL per aplicar a l'entrada DNS del client després d'actualitzar-ho" -#: src/config/SSSDConfig/sssdoptions.py:201 -#: src/config/SSSDConfig/sssdoptions.py:234 +#: src/config/SSSDConfig/sssdoptions.py:203 +#: src/config/SSSDConfig/sssdoptions.py:239 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" "La interfície amb la IP que s'hauria d'utilitzar per a les actualitzacions " "dinàmiques DNS" -#: src/config/SSSDConfig/sssdoptions.py:202 +#: src/config/SSSDConfig/sssdoptions.py:204 msgid "How often to periodically update the client's DNS entry" msgstr "Cada quant s'actualitzarà automàticament l'entrada DNS del client" -#: src/config/SSSDConfig/sssdoptions.py:203 +#: src/config/SSSDConfig/sssdoptions.py:205 #, fuzzy msgid "Maximum period deviation when updating the client's DNS entry" msgstr "Cada quant s'actualitzarà automàticament l'entrada DNS del client" -#: src/config/SSSDConfig/sssdoptions.py:204 +#: src/config/SSSDConfig/sssdoptions.py:206 msgid "Whether the provider should explicitly update the PTR record as well" msgstr "Si el proveïdor ha d'actualitzar explícitament així el registre PTR" -#: src/config/SSSDConfig/sssdoptions.py:205 +#: src/config/SSSDConfig/sssdoptions.py:207 msgid "Whether the nsupdate utility should default to using TCP" msgstr "Si la utilitat nsupdate per defecte ha d'utilitzar TCP" -#: src/config/SSSDConfig/sssdoptions.py:206 +#: src/config/SSSDConfig/sssdoptions.py:208 msgid "What kind of authentication should be used to perform the DNS update" msgstr "" "Quin tipus d'autenticació s'ha d'utilitzar per realitzar l'actualització del " "DNS" -#: src/config/SSSDConfig/sssdoptions.py:207 +#: src/config/SSSDConfig/sssdoptions.py:209 msgid "Override the DNS server used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:208 +#: src/config/SSSDConfig/sssdoptions.py:210 +msgid "The file of the certificate authorities certificates for DoT" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:211 +#, fuzzy +msgid "The certificate(s) file for authentication for the DoT transport" +msgstr "Requereix verificació de certificat TLS" + +#: src/config/SSSDConfig/sssdoptions.py:212 +msgid "The key file for authenticated encryption for the DoT transport" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:213 msgid "Control enumeration of trusted domains" msgstr "Control de l'enumeració dels amfitrions de confiança" -#: src/config/SSSDConfig/sssdoptions.py:209 +#: src/config/SSSDConfig/sssdoptions.py:214 msgid "How often should subdomains list be refreshed" msgstr "Amb quina freqüència s'ha de refrescar la llista dels subdominis" -#: src/config/SSSDConfig/sssdoptions.py:210 +#: src/config/SSSDConfig/sssdoptions.py:215 msgid "Maximum period deviation when refreshing the subdomain list" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:211 +#: src/config/SSSDConfig/sssdoptions.py:216 msgid "List of options that should be inherited into a subdomain" msgstr "Llista de les opcions que han de ser inherents a un subdomini" -#: src/config/SSSDConfig/sssdoptions.py:212 +#: src/config/SSSDConfig/sssdoptions.py:217 msgid "Default subdomain homedir value" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:213 +#: src/config/SSSDConfig/sssdoptions.py:218 msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:214 +#: src/config/SSSDConfig/sssdoptions.py:219 msgid "Whether to automatically create private groups for users" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:215 +#: src/config/SSSDConfig/sssdoptions.py:220 msgid "Display a warning N days before the password expires." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:216 +#: src/config/SSSDConfig/sssdoptions.py:221 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:217 +#: src/config/SSSDConfig/sssdoptions.py:222 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:219 +#: src/config/SSSDConfig/sssdoptions.py:224 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:221 +#: src/config/SSSDConfig/sssdoptions.py:226 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " "(long term password) must have to be saved as SHA512 hash into the cache." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:225 +#: src/config/SSSDConfig/sssdoptions.py:230 msgid "Local authentication methods policy " msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:228 +#: src/config/SSSDConfig/sssdoptions.py:233 msgid "IPA domain" msgstr "Domini IPA" -#: src/config/SSSDConfig/sssdoptions.py:229 +#: src/config/SSSDConfig/sssdoptions.py:234 msgid "IPA server address" msgstr "Adreça del servidor IPA" -#: src/config/SSSDConfig/sssdoptions.py:230 +#: src/config/SSSDConfig/sssdoptions.py:235 msgid "Address of backup IPA server" msgstr "Adreça del servidor IPA de reserva " -#: src/config/SSSDConfig/sssdoptions.py:231 +#: src/config/SSSDConfig/sssdoptions.py:236 msgid "IPA client hostname" msgstr "Nom d'amfitrió del client IPA" -#: src/config/SSSDConfig/sssdoptions.py:232 +#: src/config/SSSDConfig/sssdoptions.py:237 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "Si s'actualitza automàticament l'entrada DNS del client a FreeIPA" -#: src/config/SSSDConfig/sssdoptions.py:235 +#: src/config/SSSDConfig/sssdoptions.py:240 msgid "Search base for HBAC related objects" msgstr "Base de cerca per als objectes relacionats amb HBAC" -#: src/config/SSSDConfig/sssdoptions.py:236 +#: src/config/SSSDConfig/sssdoptions.py:241 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" "Quantitat de temps entre recerques de les regles HBAC contra el servidor IPA" -#: src/config/SSSDConfig/sssdoptions.py:237 +#: src/config/SSSDConfig/sssdoptions.py:242 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" @@ -777,237 +796,237 @@ msgstr "" "Quantitat de temps en segons entre recerques de les assignacions SELinux " "contra el servidor IPA" -#: src/config/SSSDConfig/sssdoptions.py:239 +#: src/config/SSSDConfig/sssdoptions.py:244 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" "Si s'estableix a fals, s'ignorarà l'argument de l'amfitrió proporcionat amb " "PAM" -#: src/config/SSSDConfig/sssdoptions.py:240 +#: src/config/SSSDConfig/sssdoptions.py:245 msgid "The automounter location this IPA client is using" msgstr "" "La ubicació de l'eina de muntatge automàtic que aquest client IPA està " "utilitzant" -#: src/config/SSSDConfig/sssdoptions.py:241 +#: src/config/SSSDConfig/sssdoptions.py:246 msgid "Search base for object containing info about IPA domain" msgstr "" "Base de cerca per a l'objecte que conté la informació sobre el domini de " "l'IPA" -#: src/config/SSSDConfig/sssdoptions.py:242 +#: src/config/SSSDConfig/sssdoptions.py:247 msgid "Search base for objects containing info about ID ranges" msgstr "" "Base de cerca per als objectes que contenen informació sobre els intervals " "d'id." -#: src/config/SSSDConfig/sssdoptions.py:243 -#: src/config/SSSDConfig/sssdoptions.py:299 +#: src/config/SSSDConfig/sssdoptions.py:248 +#: src/config/SSSDConfig/sssdoptions.py:304 msgid "Enable DNS sites - location based service discovery" msgstr "" "Habilita els llocs DNS - el descobriment del servei es basa en la ubicació" -#: src/config/SSSDConfig/sssdoptions.py:244 +#: src/config/SSSDConfig/sssdoptions.py:249 msgid "Search base for view containers" msgstr "Base de cerca per als contenidors de la vista" -#: src/config/SSSDConfig/sssdoptions.py:245 +#: src/config/SSSDConfig/sssdoptions.py:250 msgid "Objectclass for view containers" msgstr "Objectclass per als contenidors de la vista" -#: src/config/SSSDConfig/sssdoptions.py:246 +#: src/config/SSSDConfig/sssdoptions.py:251 msgid "Attribute with the name of the view" msgstr "L'atribut amb el nom de la vista" -#: src/config/SSSDConfig/sssdoptions.py:247 +#: src/config/SSSDConfig/sssdoptions.py:252 msgid "Objectclass for override objects" msgstr "Objectclass per substituir els objectes" -#: src/config/SSSDConfig/sssdoptions.py:248 +#: src/config/SSSDConfig/sssdoptions.py:253 msgid "Attribute with the reference to the original object" msgstr "L'atribut amb la referència a l'objecte original" -#: src/config/SSSDConfig/sssdoptions.py:249 +#: src/config/SSSDConfig/sssdoptions.py:254 msgid "Objectclass for user override objects" msgstr "Objectclass per als objectes de substitució d'usuari" -#: src/config/SSSDConfig/sssdoptions.py:250 +#: src/config/SSSDConfig/sssdoptions.py:255 msgid "Objectclass for group override objects" msgstr "Objectclass per als objectes de substitució de grup" -#: src/config/SSSDConfig/sssdoptions.py:251 +#: src/config/SSSDConfig/sssdoptions.py:256 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:252 +#: src/config/SSSDConfig/sssdoptions.py:257 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:254 +#: src/config/SSSDConfig/sssdoptions.py:259 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:257 +#: src/config/SSSDConfig/sssdoptions.py:262 #, fuzzy msgid "Search base for SUBID ranges" msgstr "Base de cerca per als contenidors de la vista" -#: src/config/SSSDConfig/sssdoptions.py:258 -#: src/config/SSSDConfig/sssdoptions.py:503 +#: src/config/SSSDConfig/sssdoptions.py:263 +#: src/config/SSSDConfig/sssdoptions.py:508 msgid "Which rules should be used to evaluate access control" msgstr "Quines regles s'haurien d'utilitzar per avaluar el control d'accés" -#: src/config/SSSDConfig/sssdoptions.py:259 +#: src/config/SSSDConfig/sssdoptions.py:264 msgid "The LDAP attribute that contains FQDN of the host." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:260 -#: src/config/SSSDConfig/sssdoptions.py:283 +#: src/config/SSSDConfig/sssdoptions.py:265 +#: src/config/SSSDConfig/sssdoptions.py:288 msgid "The object class of a host entry in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:261 +#: src/config/SSSDConfig/sssdoptions.py:266 msgid "Use the given string as search base for host objects." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:262 +#: src/config/SSSDConfig/sssdoptions.py:267 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:263 +#: src/config/SSSDConfig/sssdoptions.py:268 msgid "The LDAP attribute that contains NIS domain name of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:264 +#: src/config/SSSDConfig/sssdoptions.py:269 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:265 +#: src/config/SSSDConfig/sssdoptions.py:270 msgid "" "The LDAP attribute that lists FQDNs of hosts and host groups that are " "members of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:267 +#: src/config/SSSDConfig/sssdoptions.py:272 msgid "" "The LDAP attribute that lists hosts and host groups that are direct members " "of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:269 +#: src/config/SSSDConfig/sssdoptions.py:274 msgid "The LDAP attribute that lists netgroup's memberships." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:270 +#: src/config/SSSDConfig/sssdoptions.py:275 msgid "" "The LDAP attribute that lists system users and groups that are direct " "members of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:272 +#: src/config/SSSDConfig/sssdoptions.py:277 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:273 +#: src/config/SSSDConfig/sssdoptions.py:278 msgid "The object class of a netgroup entry in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:274 +#: src/config/SSSDConfig/sssdoptions.py:279 msgid "" "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:275 +#: src/config/SSSDConfig/sssdoptions.py:280 msgid "" "The LDAP attribute that contains whether or not is user map enabled for " "usage." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:277 +#: src/config/SSSDConfig/sssdoptions.py:282 msgid "The LDAP attribute that contains host category such as 'all'." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:278 +#: src/config/SSSDConfig/sssdoptions.py:283 msgid "" "The LDAP attribute that contains all hosts / hostgroups this rule match " "against." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:280 +#: src/config/SSSDConfig/sssdoptions.py:285 msgid "" "The LDAP attribute that contains all users / groups this rule match against." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:282 +#: src/config/SSSDConfig/sssdoptions.py:287 msgid "The LDAP attribute that contains the name of SELinux usermap." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:284 +#: src/config/SSSDConfig/sssdoptions.py:289 msgid "" "The LDAP attribute that contains DN of HBAC rule which can be used for " "matching instead of memberUser and memberHost." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:286 +#: src/config/SSSDConfig/sssdoptions.py:291 msgid "The LDAP attribute that contains SELinux user string itself." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:287 +#: src/config/SSSDConfig/sssdoptions.py:292 msgid "The LDAP attribute that contains user category such as 'all'." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:288 +#: src/config/SSSDConfig/sssdoptions.py:293 msgid "The LDAP attribute that contains unique ID of the user map." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:289 +#: src/config/SSSDConfig/sssdoptions.py:294 msgid "" "The option denotes that the SSSD is running on IPA server and should perform " "lookups of users and groups from trusted domains differently." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:291 +#: src/config/SSSDConfig/sssdoptions.py:296 msgid "Use the given string as search base for trusted domains." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:294 +#: src/config/SSSDConfig/sssdoptions.py:299 msgid "Active Directory domain" msgstr "Domini Active Directory" -#: src/config/SSSDConfig/sssdoptions.py:295 +#: src/config/SSSDConfig/sssdoptions.py:300 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:296 +#: src/config/SSSDConfig/sssdoptions.py:301 msgid "Active Directory server address" msgstr "Adreça del servidor de l'Active Directory" -#: src/config/SSSDConfig/sssdoptions.py:297 +#: src/config/SSSDConfig/sssdoptions.py:302 msgid "Active Directory backup server address" msgstr "Adreça del servidor de l'Active Directory de reserva" -#: src/config/SSSDConfig/sssdoptions.py:298 +#: src/config/SSSDConfig/sssdoptions.py:303 msgid "Active Directory client hostname" msgstr "Nom d'amfitrió del client d'Active Directory" -#: src/config/SSSDConfig/sssdoptions.py:300 -#: src/config/SSSDConfig/sssdoptions.py:501 +#: src/config/SSSDConfig/sssdoptions.py:305 +#: src/config/SSSDConfig/sssdoptions.py:506 msgid "LDAP filter to determine access privileges" msgstr "Filtre LDAP per determinar els privilegis d'accés" -#: src/config/SSSDConfig/sssdoptions.py:301 +#: src/config/SSSDConfig/sssdoptions.py:306 msgid "Whether to use the Global Catalog for lookups" msgstr "Si s'utilitza el catàleg global per a les recerques" -#: src/config/SSSDConfig/sssdoptions.py:302 +#: src/config/SSSDConfig/sssdoptions.py:307 msgid "Operation mode for GPO-based access control" msgstr "Mode d'operació per al control d'accés basat en GPO" -#: src/config/SSSDConfig/sssdoptions.py:303 +#: src/config/SSSDConfig/sssdoptions.py:308 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" @@ -1015,7 +1034,7 @@ msgstr "" "Quantitat de temps entre recerques de fitxers de polítiques GPO contra el " "servidor d'AD" -#: src/config/SSSDConfig/sssdoptions.py:304 +#: src/config/SSSDConfig/sssdoptions.py:309 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" @@ -1023,7 +1042,7 @@ msgstr "" "Noms dels serveis del PAM que s'assignen als ajusts de les polítiques " "(Deny)InteractiveLogonRight del GPO" -#: src/config/SSSDConfig/sssdoptions.py:306 +#: src/config/SSSDConfig/sssdoptions.py:311 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" @@ -1031,297 +1050,297 @@ msgstr "" "Noms dels serveis del PAM que s'assignen als ajusts de les polítiques " "(Deny)RemoteInteractiveLogonRight del GPO" -#: src/config/SSSDConfig/sssdoptions.py:308 +#: src/config/SSSDConfig/sssdoptions.py:313 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" "Noms dels serveis del PAM que s'assignen als ajusts de les polítiques " "(Deny)NetworkLogonRight del GPO" -#: src/config/SSSDConfig/sssdoptions.py:309 +#: src/config/SSSDConfig/sssdoptions.py:314 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" "Noms dels serveis del PAM que s'assignen als ajusts de les polítiques " "(Deny)BatchLogonRight del GPO" -#: src/config/SSSDConfig/sssdoptions.py:310 +#: src/config/SSSDConfig/sssdoptions.py:315 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" "Noms dels serveis del PAM que s'assignen als ajusts de les polítiques " "(Deny)ServiceLogonRight del GPO" -#: src/config/SSSDConfig/sssdoptions.py:311 +#: src/config/SSSDConfig/sssdoptions.py:316 msgid "PAM service names for which GPO-based access is always granted" msgstr "" "Noms dels serveis del PAM als quals sempre se'ls garanteix l'accés basat en " "GPO" -#: src/config/SSSDConfig/sssdoptions.py:312 +#: src/config/SSSDConfig/sssdoptions.py:317 msgid "PAM service names for which GPO-based access is always denied" msgstr "" "Noms dels serveis del PAM als quals sempre se'ls denega l'accés basat en GPO" -#: src/config/SSSDConfig/sssdoptions.py:313 +#: src/config/SSSDConfig/sssdoptions.py:318 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" "Dret (permet o denega) predeterminat de l'inici de sessió a utilitzar per " "als noms dels serveis del PAM sense assignar" -#: src/config/SSSDConfig/sssdoptions.py:314 +#: src/config/SSSDConfig/sssdoptions.py:319 msgid "a particular site to be used by the client" msgstr "un lloc determinat per utilitzar amb el client" -#: src/config/SSSDConfig/sssdoptions.py:315 +#: src/config/SSSDConfig/sssdoptions.py:320 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:317 +#: src/config/SSSDConfig/sssdoptions.py:322 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:318 +#: src/config/SSSDConfig/sssdoptions.py:323 msgid "Whether to update the machine account password in the Samba database" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:320 +#: src/config/SSSDConfig/sssdoptions.py:325 msgid "Use LDAPS port for LDAP and Global Catalog requests" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:321 +#: src/config/SSSDConfig/sssdoptions.py:326 msgid "Do not filter domain local groups from other domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:324 -#: src/config/SSSDConfig/sssdoptions.py:325 +#: src/config/SSSDConfig/sssdoptions.py:329 +#: src/config/SSSDConfig/sssdoptions.py:330 msgid "Kerberos server address" msgstr "Adreça del servidor Kerberos" -#: src/config/SSSDConfig/sssdoptions.py:326 +#: src/config/SSSDConfig/sssdoptions.py:331 msgid "Kerberos backup server address" msgstr "Adreça del servidor Kerberos de reserva" -#: src/config/SSSDConfig/sssdoptions.py:327 +#: src/config/SSSDConfig/sssdoptions.py:332 msgid "Kerberos realm" msgstr "Reialme Kerberos" -#: src/config/SSSDConfig/sssdoptions.py:328 +#: src/config/SSSDConfig/sssdoptions.py:333 msgid "Authentication timeout" msgstr "Temps d'expiració de l'autenticació" -#: src/config/SSSDConfig/sssdoptions.py:329 +#: src/config/SSSDConfig/sssdoptions.py:334 msgid "Whether to create kdcinfo files" msgstr "Si es creen els fitxers kdcinfo" -#: src/config/SSSDConfig/sssdoptions.py:330 +#: src/config/SSSDConfig/sssdoptions.py:335 msgid "Where to drop krb5 config snippets" msgstr "Si es rebutgen les parts de la configuració del krb5" -#: src/config/SSSDConfig/sssdoptions.py:333 +#: src/config/SSSDConfig/sssdoptions.py:338 msgid "Directory to store credential caches" msgstr "Directori per emmagatzemar la memòria cau de les credencials" -#: src/config/SSSDConfig/sssdoptions.py:334 +#: src/config/SSSDConfig/sssdoptions.py:339 msgid "Location of the user's credential cache" msgstr "Ubicació de la memòria cau de les credencials de l'usuari" -#: src/config/SSSDConfig/sssdoptions.py:335 +#: src/config/SSSDConfig/sssdoptions.py:340 msgid "Location of the keytab to validate credentials" msgstr "Ubicació de la clau per validar les credencials" -#: src/config/SSSDConfig/sssdoptions.py:336 +#: src/config/SSSDConfig/sssdoptions.py:341 msgid "Enable credential validation" msgstr "Habilita la validació de credencials" -#: src/config/SSSDConfig/sssdoptions.py:337 +#: src/config/SSSDConfig/sssdoptions.py:342 msgid "Store password if offline for later online authentication" msgstr "" "Emmagatzema la contrasenya si s'està desconnectat per a l'autenticació " "posterior amb connexió" -#: src/config/SSSDConfig/sssdoptions.py:338 +#: src/config/SSSDConfig/sssdoptions.py:343 msgid "Renewable lifetime of the TGT" msgstr "Temps de vida renovable del TGT" -#: src/config/SSSDConfig/sssdoptions.py:339 +#: src/config/SSSDConfig/sssdoptions.py:344 msgid "Lifetime of the TGT" msgstr "Temps de vida del TGT" -#: src/config/SSSDConfig/sssdoptions.py:340 +#: src/config/SSSDConfig/sssdoptions.py:345 msgid "Time between two checks for renewal" msgstr "Temps entre les dues comprovacions per a la renovació" -#: src/config/SSSDConfig/sssdoptions.py:341 +#: src/config/SSSDConfig/sssdoptions.py:346 msgid "Enables FAST" msgstr "Habilita FAST" -#: src/config/SSSDConfig/sssdoptions.py:342 +#: src/config/SSSDConfig/sssdoptions.py:347 msgid "Selects the principal to use for FAST" msgstr "Selecciona el principal per utilitzar amb FAST" -#: src/config/SSSDConfig/sssdoptions.py:343 +#: src/config/SSSDConfig/sssdoptions.py:348 msgid "Use anonymous PKINIT to request FAST credentials" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:344 +#: src/config/SSSDConfig/sssdoptions.py:349 msgid "Enables principal canonicalization" msgstr "Habilita la canonització del principal" -#: src/config/SSSDConfig/sssdoptions.py:345 +#: src/config/SSSDConfig/sssdoptions.py:350 msgid "Enables enterprise principals" msgstr "Habilita els principals empresarials" -#: src/config/SSSDConfig/sssdoptions.py:346 +#: src/config/SSSDConfig/sssdoptions.py:351 msgid "Enables using of subdomains realms for authentication" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:347 +#: src/config/SSSDConfig/sssdoptions.py:352 msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:350 -#: src/config/SSSDConfig/sssdoptions.py:351 +#: src/config/SSSDConfig/sssdoptions.py:355 +#: src/config/SSSDConfig/sssdoptions.py:356 msgid "Server where the change password service is running if not on the KDC" msgstr "" "Servidor on es troba el servei de canvi de contrasenya si no està al KDC" -#: src/config/SSSDConfig/sssdoptions.py:354 +#: src/config/SSSDConfig/sssdoptions.py:359 msgid "ldap_uri, The URI of the LDAP server" msgstr "ldap_uri, L'URI del servidor LDAP" -#: src/config/SSSDConfig/sssdoptions.py:355 +#: src/config/SSSDConfig/sssdoptions.py:360 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "ldap_backup_uri, L'URI del servidor LDAP" -#: src/config/SSSDConfig/sssdoptions.py:356 +#: src/config/SSSDConfig/sssdoptions.py:361 msgid "The default base DN" msgstr "El DN base per defecte" -#: src/config/SSSDConfig/sssdoptions.py:357 +#: src/config/SSSDConfig/sssdoptions.py:362 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "El tipus d'esquema en ús al servidor LDAP, rfc2307" -#: src/config/SSSDConfig/sssdoptions.py:358 +#: src/config/SSSDConfig/sssdoptions.py:363 msgid "Mode used to change user password" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:359 +#: src/config/SSSDConfig/sssdoptions.py:364 msgid "The default bind DN" msgstr "El DN de creació del vincle per defecte" -#: src/config/SSSDConfig/sssdoptions.py:360 +#: src/config/SSSDConfig/sssdoptions.py:365 msgid "The type of the authentication token of the default bind DN" msgstr "" "El tipus del testimoni d'autenticació del DN de creació del vincle per " "defecte" -#: src/config/SSSDConfig/sssdoptions.py:361 +#: src/config/SSSDConfig/sssdoptions.py:366 msgid "The authentication token of the default bind DN" msgstr "El testimoni d'autenticació del DN de creació del vincle per defecte" -#: src/config/SSSDConfig/sssdoptions.py:362 +#: src/config/SSSDConfig/sssdoptions.py:367 msgid "Length of time to attempt connection" msgstr "Període de temps per intentar una connexió" -#: src/config/SSSDConfig/sssdoptions.py:363 +#: src/config/SSSDConfig/sssdoptions.py:368 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Període de temps per intentar operacions LDAP asíncrones" -#: src/config/SSSDConfig/sssdoptions.py:364 +#: src/config/SSSDConfig/sssdoptions.py:369 msgid "Length of time between attempts to reconnect while offline" msgstr "" "Període de temps entre els intents per tornar a connectar mentre s'està " "desconnectat" -#: src/config/SSSDConfig/sssdoptions.py:365 +#: src/config/SSSDConfig/sssdoptions.py:370 msgid "Use only the upper case for realm names" msgstr "Utilitza només majúscules pels noms de reialme" -#: src/config/SSSDConfig/sssdoptions.py:366 +#: src/config/SSSDConfig/sssdoptions.py:371 msgid "File that contains CA certificates" msgstr "Fitxer que conté els certificats de l'AC" -#: src/config/SSSDConfig/sssdoptions.py:367 +#: src/config/SSSDConfig/sssdoptions.py:372 msgid "Path to CA certificate directory" msgstr "Camí al directori del certificat de l'AC" -#: src/config/SSSDConfig/sssdoptions.py:368 +#: src/config/SSSDConfig/sssdoptions.py:373 msgid "File that contains the client certificate" msgstr "Fitxer que conté el certificat de client" -#: src/config/SSSDConfig/sssdoptions.py:369 +#: src/config/SSSDConfig/sssdoptions.py:374 msgid "File that contains the client key" msgstr "Fitxer que conté la clau de client" -#: src/config/SSSDConfig/sssdoptions.py:370 +#: src/config/SSSDConfig/sssdoptions.py:375 msgid "List of possible ciphers suites" msgstr "Llista de paquets de xifrat possibles" -#: src/config/SSSDConfig/sssdoptions.py:371 +#: src/config/SSSDConfig/sssdoptions.py:376 msgid "Require TLS certificate verification" msgstr "Requereix verificació de certificat TLS" -#: src/config/SSSDConfig/sssdoptions.py:372 +#: src/config/SSSDConfig/sssdoptions.py:377 msgid "Specify the sasl mechanism to use" msgstr "Especifica el mecanisme SASL a utilitzar" -#: src/config/SSSDConfig/sssdoptions.py:373 +#: src/config/SSSDConfig/sssdoptions.py:378 msgid "Specify the sasl authorization id to use" msgstr "Especifica l'id. d'autorització SASL a utilitzar" -#: src/config/SSSDConfig/sssdoptions.py:374 +#: src/config/SSSDConfig/sssdoptions.py:379 msgid "Specify the sasl authorization realm to use" msgstr "Especifica el reialme d'autorització SASL a utilitzar" -#: src/config/SSSDConfig/sssdoptions.py:375 +#: src/config/SSSDConfig/sssdoptions.py:380 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "Especifica el SSF mínim per a l'autorització SASL de LDAP" -#: src/config/SSSDConfig/sssdoptions.py:376 +#: src/config/SSSDConfig/sssdoptions.py:381 msgid "Specify the maximal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:377 +#: src/config/SSSDConfig/sssdoptions.py:382 msgid "Kerberos service keytab" msgstr "Taula de claus del servei del Kerberos" -#: src/config/SSSDConfig/sssdoptions.py:378 +#: src/config/SSSDConfig/sssdoptions.py:383 msgid "Use Kerberos auth for LDAP connection" msgstr "Utilitza l'autenticació Kerberos per a la connexió LDAP" -#: src/config/SSSDConfig/sssdoptions.py:379 +#: src/config/SSSDConfig/sssdoptions.py:384 msgid "Follow LDAP referrals" msgstr "Segueix les referències LDAP" -#: src/config/SSSDConfig/sssdoptions.py:380 +#: src/config/SSSDConfig/sssdoptions.py:385 msgid "Lifetime of TGT for LDAP connection" msgstr "Temps de vida del TGT per la connexió LDAP" -#: src/config/SSSDConfig/sssdoptions.py:381 +#: src/config/SSSDConfig/sssdoptions.py:386 msgid "How to dereference aliases" msgstr "Com desreferenciar els àlies" -#: src/config/SSSDConfig/sssdoptions.py:382 +#: src/config/SSSDConfig/sssdoptions.py:387 msgid "Service name for DNS service lookups" msgstr "Nom del servei per a la recerca del servei del DNS" -#: src/config/SSSDConfig/sssdoptions.py:383 +#: src/config/SSSDConfig/sssdoptions.py:388 msgid "The number of records to retrieve in a single LDAP query" msgstr "El nombre de registres a recuperar en una sola consulta LDAP" -#: src/config/SSSDConfig/sssdoptions.py:384 +#: src/config/SSSDConfig/sssdoptions.py:389 msgid "The number of members that must be missing to trigger a full deref" msgstr "" "El nombre de membres que han de faltar per activar una de-referència completa" -#: src/config/SSSDConfig/sssdoptions.py:385 +#: src/config/SSSDConfig/sssdoptions.py:390 msgid "Ignore unreadable LDAP references" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:386 +#: src/config/SSSDConfig/sssdoptions.py:391 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" @@ -1329,423 +1348,423 @@ msgstr "" "Si la biblioteca LDAP hauria de realitzar una recerca inversa per canonitzar " "el nom d'amfitrió durant la creació del vincle SASL" -#: src/config/SSSDConfig/sssdoptions.py:388 +#: src/config/SSSDConfig/sssdoptions.py:393 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:391 +#: src/config/SSSDConfig/sssdoptions.py:396 msgid "entryUSN attribute" msgstr "L'atribut entryUSN" -#: src/config/SSSDConfig/sssdoptions.py:392 +#: src/config/SSSDConfig/sssdoptions.py:397 msgid "lastUSN attribute" msgstr "L'atribut lastUSN" -#: src/config/SSSDConfig/sssdoptions.py:394 +#: src/config/SSSDConfig/sssdoptions.py:399 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" "Quant de temps s'ha de retenir una connexió al servidor LDAP abans de " "desconnectar" -#: src/config/SSSDConfig/sssdoptions.py:397 +#: src/config/SSSDConfig/sssdoptions.py:402 msgid "Disable the LDAP paging control" msgstr "Inhabilita el control de paginació LDAP" -#: src/config/SSSDConfig/sssdoptions.py:398 +#: src/config/SSSDConfig/sssdoptions.py:403 msgid "Disable Active Directory range retrieval" msgstr "Inhabilita la recuperació de l'interval de l'Active Directory" -#: src/config/SSSDConfig/sssdoptions.py:399 +#: src/config/SSSDConfig/sssdoptions.py:404 msgid "Use the ppolicy extension" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:400 +#: src/config/SSSDConfig/sssdoptions.py:405 msgid "" "Force a password change when remaining grace logins reach or go below this " "threshold" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:403 +#: src/config/SSSDConfig/sssdoptions.py:408 msgid "Length of time to wait for a search request" msgstr "Període de temps per esperar una petició de cerca" -#: src/config/SSSDConfig/sssdoptions.py:404 +#: src/config/SSSDConfig/sssdoptions.py:409 msgid "Length of time to wait for a enumeration request" msgstr "Període de temps per esperar una petició d'enumeració" -#: src/config/SSSDConfig/sssdoptions.py:405 +#: src/config/SSSDConfig/sssdoptions.py:410 msgid "Length of time between enumeration updates" msgstr "Període de temps entre les actualitzacions de les enumeracions" -#: src/config/SSSDConfig/sssdoptions.py:406 +#: src/config/SSSDConfig/sssdoptions.py:411 #, fuzzy msgid "Maximum period deviation between enumeration updates" msgstr "Període de temps entre les actualitzacions de les enumeracions" -#: src/config/SSSDConfig/sssdoptions.py:407 +#: src/config/SSSDConfig/sssdoptions.py:412 msgid "Length of time between cache cleanups" msgstr "Període de temps entre les neteges de la memòria cau" -#: src/config/SSSDConfig/sssdoptions.py:408 +#: src/config/SSSDConfig/sssdoptions.py:413 #, fuzzy msgid "Maximum time deviation between cache cleanups" msgstr "Període de temps entre les neteges de la memòria cau" -#: src/config/SSSDConfig/sssdoptions.py:409 +#: src/config/SSSDConfig/sssdoptions.py:414 msgid "Require TLS for ID lookups" msgstr "Requereix TLS per a la recerca d'id." -#: src/config/SSSDConfig/sssdoptions.py:410 +#: src/config/SSSDConfig/sssdoptions.py:415 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" "Utilitza l'assignació dels id. de l'objectSID en lloc dels id. pre-establerts" -#: src/config/SSSDConfig/sssdoptions.py:411 +#: src/config/SSSDConfig/sssdoptions.py:416 msgid "Base DN for user lookups" msgstr "DN base per a la recerca de l'usuari" -#: src/config/SSSDConfig/sssdoptions.py:412 +#: src/config/SSSDConfig/sssdoptions.py:417 msgid "Scope of user lookups" msgstr "Abast de la recerca de l'usuari" -#: src/config/SSSDConfig/sssdoptions.py:413 +#: src/config/SSSDConfig/sssdoptions.py:418 msgid "Filter for user lookups" msgstr "Filtre per a la recerca de l'usuari" -#: src/config/SSSDConfig/sssdoptions.py:414 +#: src/config/SSSDConfig/sssdoptions.py:419 msgid "Objectclass for users" msgstr "Objectclass per als usuaris" -#: src/config/SSSDConfig/sssdoptions.py:415 +#: src/config/SSSDConfig/sssdoptions.py:420 msgid "Username attribute" msgstr "L'atribut nom d'usuari" -#: src/config/SSSDConfig/sssdoptions.py:416 +#: src/config/SSSDConfig/sssdoptions.py:421 msgid "UID attribute" msgstr "L'atribut UID" -#: src/config/SSSDConfig/sssdoptions.py:417 +#: src/config/SSSDConfig/sssdoptions.py:422 msgid "Primary GID attribute" msgstr "L'atribut GID primari" -#: src/config/SSSDConfig/sssdoptions.py:418 +#: src/config/SSSDConfig/sssdoptions.py:423 msgid "GECOS attribute" msgstr "L'atribut GECOS" -#: src/config/SSSDConfig/sssdoptions.py:419 +#: src/config/SSSDConfig/sssdoptions.py:424 msgid "Home directory attribute" msgstr "L'atribut directori inicial" -#: src/config/SSSDConfig/sssdoptions.py:420 +#: src/config/SSSDConfig/sssdoptions.py:425 msgid "Shell attribute" msgstr "L'atribut shell" -#: src/config/SSSDConfig/sssdoptions.py:421 +#: src/config/SSSDConfig/sssdoptions.py:426 msgid "UUID attribute" msgstr "L'atribut UUID" -#: src/config/SSSDConfig/sssdoptions.py:422 -#: src/config/SSSDConfig/sssdoptions.py:461 +#: src/config/SSSDConfig/sssdoptions.py:427 +#: src/config/SSSDConfig/sssdoptions.py:466 msgid "objectSID attribute" msgstr "L'atribut objectSID" -#: src/config/SSSDConfig/sssdoptions.py:423 +#: src/config/SSSDConfig/sssdoptions.py:428 msgid "Active Directory primary group attribute for ID-mapping" msgstr "L'atribut grup primari de l'Active Directory per a l'assignació d'id." -#: src/config/SSSDConfig/sssdoptions.py:424 +#: src/config/SSSDConfig/sssdoptions.py:429 msgid "User principal attribute (for Kerberos)" msgstr "L'atribut usuari principal (per a Kerberos)" -#: src/config/SSSDConfig/sssdoptions.py:425 +#: src/config/SSSDConfig/sssdoptions.py:430 msgid "Full Name" msgstr "Nom complet" -#: src/config/SSSDConfig/sssdoptions.py:426 +#: src/config/SSSDConfig/sssdoptions.py:431 msgid "memberOf attribute" msgstr "L'atribut memberOf" -#: src/config/SSSDConfig/sssdoptions.py:427 +#: src/config/SSSDConfig/sssdoptions.py:432 msgid "Modification time attribute" msgstr "L'atribut data de modificació" -#: src/config/SSSDConfig/sssdoptions.py:428 +#: src/config/SSSDConfig/sssdoptions.py:433 msgid "shadowLastChange attribute" msgstr "L'atribut shadowLastChange" -#: src/config/SSSDConfig/sssdoptions.py:429 +#: src/config/SSSDConfig/sssdoptions.py:434 msgid "shadowMin attribute" msgstr "L'atribut shadowMin" -#: src/config/SSSDConfig/sssdoptions.py:430 +#: src/config/SSSDConfig/sssdoptions.py:435 msgid "shadowMax attribute" msgstr "L'atribut shadowMax" -#: src/config/SSSDConfig/sssdoptions.py:431 +#: src/config/SSSDConfig/sssdoptions.py:436 msgid "shadowWarning attribute" msgstr "L'atribut shadowWarning" -#: src/config/SSSDConfig/sssdoptions.py:432 +#: src/config/SSSDConfig/sssdoptions.py:437 msgid "shadowInactive attribute" msgstr "L'atribut shadowInactive" -#: src/config/SSSDConfig/sssdoptions.py:433 +#: src/config/SSSDConfig/sssdoptions.py:438 msgid "shadowExpire attribute" msgstr "L'atribut shadowExpire" -#: src/config/SSSDConfig/sssdoptions.py:434 +#: src/config/SSSDConfig/sssdoptions.py:439 msgid "shadowFlag attribute" msgstr "L'atribut shadowFlag" -#: src/config/SSSDConfig/sssdoptions.py:435 +#: src/config/SSSDConfig/sssdoptions.py:440 msgid "Attribute listing authorized PAM services" msgstr "L'atribut que llista els serveis PAM autoritzats" -#: src/config/SSSDConfig/sssdoptions.py:436 +#: src/config/SSSDConfig/sssdoptions.py:441 msgid "Attribute listing authorized server hosts" msgstr "L'atribut que llista els amfitrions dels servidors autoritzats" -#: src/config/SSSDConfig/sssdoptions.py:437 +#: src/config/SSSDConfig/sssdoptions.py:442 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:438 +#: src/config/SSSDConfig/sssdoptions.py:443 msgid "krbLastPwdChange attribute" msgstr "L'atribut krbLastPwdChange" -#: src/config/SSSDConfig/sssdoptions.py:439 +#: src/config/SSSDConfig/sssdoptions.py:444 msgid "krbPasswordExpiration attribute" msgstr "L'atribut krbPasswordExpiration" -#: src/config/SSSDConfig/sssdoptions.py:440 +#: src/config/SSSDConfig/sssdoptions.py:445 msgid "Attribute indicating that server side password policies are active" msgstr "" "L'atribut que indica l'activació de les polítiques de contrasenya de servidor" -#: src/config/SSSDConfig/sssdoptions.py:441 +#: src/config/SSSDConfig/sssdoptions.py:446 msgid "accountExpires attribute of AD" msgstr "L'atribut accountExpires de l'AD" -#: src/config/SSSDConfig/sssdoptions.py:442 +#: src/config/SSSDConfig/sssdoptions.py:447 msgid "userAccountControl attribute of AD" msgstr "L'atribut userAccountControl de l'AD" -#: src/config/SSSDConfig/sssdoptions.py:443 +#: src/config/SSSDConfig/sssdoptions.py:448 msgid "nsAccountLock attribute" msgstr "L'atribut nsAccountLock" -#: src/config/SSSDConfig/sssdoptions.py:444 +#: src/config/SSSDConfig/sssdoptions.py:449 msgid "loginDisabled attribute of NDS" msgstr "L'atribut loginDisabled del NDS" -#: src/config/SSSDConfig/sssdoptions.py:445 +#: src/config/SSSDConfig/sssdoptions.py:450 msgid "loginExpirationTime attribute of NDS" msgstr "L'atribut loginExpirationTime del NDS" -#: src/config/SSSDConfig/sssdoptions.py:446 +#: src/config/SSSDConfig/sssdoptions.py:451 msgid "loginAllowedTimeMap attribute of NDS" msgstr "L'atribut loginAllowedTimeMap del NDS" -#: src/config/SSSDConfig/sssdoptions.py:447 +#: src/config/SSSDConfig/sssdoptions.py:452 msgid "SSH public key attribute" msgstr "L'atribut clau pública SSH" -#: src/config/SSSDConfig/sssdoptions.py:448 +#: src/config/SSSDConfig/sssdoptions.py:453 msgid "attribute listing allowed authentication types for a user" msgstr "atribut que llista els tipus permesos d'autenticació per a un usuari" -#: src/config/SSSDConfig/sssdoptions.py:449 +#: src/config/SSSDConfig/sssdoptions.py:454 msgid "attribute containing the X509 certificate of the user" msgstr "atribut que conté el certificat X509 de l'usuari" -#: src/config/SSSDConfig/sssdoptions.py:450 +#: src/config/SSSDConfig/sssdoptions.py:455 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:451 +#: src/config/SSSDConfig/sssdoptions.py:456 #, fuzzy msgid "attribute containing the passkey mapping data of the user" msgstr "atribut que conté el certificat X509 de l'usuari" -#: src/config/SSSDConfig/sssdoptions.py:452 +#: src/config/SSSDConfig/sssdoptions.py:457 msgid "A list of extra attributes to download along with the user entry" msgstr "" "Una llista dels atributs extres per baixar juntament amb l'entrada de " "l'usuari" -#: src/config/SSSDConfig/sssdoptions.py:454 +#: src/config/SSSDConfig/sssdoptions.py:459 msgid "Base DN for group lookups" msgstr "DN base per a la recerca del grup" -#: src/config/SSSDConfig/sssdoptions.py:455 +#: src/config/SSSDConfig/sssdoptions.py:460 msgid "Objectclass for groups" msgstr "L'objectclass per als grups" -#: src/config/SSSDConfig/sssdoptions.py:456 +#: src/config/SSSDConfig/sssdoptions.py:461 msgid "Group name" msgstr "Nom del grup" -#: src/config/SSSDConfig/sssdoptions.py:457 +#: src/config/SSSDConfig/sssdoptions.py:462 msgid "Group password" msgstr "Contrasenya del grup" -#: src/config/SSSDConfig/sssdoptions.py:458 +#: src/config/SSSDConfig/sssdoptions.py:463 msgid "GID attribute" msgstr "L'atribut GID" -#: src/config/SSSDConfig/sssdoptions.py:459 +#: src/config/SSSDConfig/sssdoptions.py:464 msgid "Group member attribute" msgstr "L'atribut membre del grup" -#: src/config/SSSDConfig/sssdoptions.py:460 +#: src/config/SSSDConfig/sssdoptions.py:465 msgid "Group UUID attribute" msgstr "L'atribut UUID del grup" -#: src/config/SSSDConfig/sssdoptions.py:462 +#: src/config/SSSDConfig/sssdoptions.py:467 msgid "Modification time attribute for groups" msgstr "L'atribut data de modificació per als grups" -#: src/config/SSSDConfig/sssdoptions.py:463 +#: src/config/SSSDConfig/sssdoptions.py:468 msgid "Type of the group and other flags" msgstr "Tipus del grup i altres senyals" -#: src/config/SSSDConfig/sssdoptions.py:464 +#: src/config/SSSDConfig/sssdoptions.py:469 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:465 +#: src/config/SSSDConfig/sssdoptions.py:470 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:466 +#: src/config/SSSDConfig/sssdoptions.py:471 msgid "Filter for group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:467 +#: src/config/SSSDConfig/sssdoptions.py:472 msgid "Scope of group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:469 +#: src/config/SSSDConfig/sssdoptions.py:474 msgid "Base DN for netgroup lookups" msgstr "DN base per a la recerca del grup de xarxa" -#: src/config/SSSDConfig/sssdoptions.py:470 +#: src/config/SSSDConfig/sssdoptions.py:475 msgid "Objectclass for netgroups" msgstr "L'objectclass per als grups de xarxa" -#: src/config/SSSDConfig/sssdoptions.py:471 +#: src/config/SSSDConfig/sssdoptions.py:476 msgid "Netgroup name" msgstr "Nom de grup de xarxa" -#: src/config/SSSDConfig/sssdoptions.py:472 +#: src/config/SSSDConfig/sssdoptions.py:477 msgid "Netgroups members attribute" msgstr "L'atribut membres del grup de xarxa" -#: src/config/SSSDConfig/sssdoptions.py:473 +#: src/config/SSSDConfig/sssdoptions.py:478 msgid "Netgroup triple attribute" msgstr "L'atribut triple del grup de xarxa" -#: src/config/SSSDConfig/sssdoptions.py:474 +#: src/config/SSSDConfig/sssdoptions.py:479 msgid "Modification time attribute for netgroups" msgstr "L'atribut data de modificació per als grups de xarxa" -#: src/config/SSSDConfig/sssdoptions.py:476 +#: src/config/SSSDConfig/sssdoptions.py:481 msgid "Base DN for service lookups" msgstr "DN base per a la recerca del servei" -#: src/config/SSSDConfig/sssdoptions.py:477 +#: src/config/SSSDConfig/sssdoptions.py:482 msgid "Objectclass for services" msgstr "Objectclass per als serveis" -#: src/config/SSSDConfig/sssdoptions.py:478 +#: src/config/SSSDConfig/sssdoptions.py:483 msgid "Service name attribute" msgstr "L'atribut nom del servei" -#: src/config/SSSDConfig/sssdoptions.py:479 +#: src/config/SSSDConfig/sssdoptions.py:484 msgid "Service port attribute" msgstr "L'atribut port del servei" -#: src/config/SSSDConfig/sssdoptions.py:480 +#: src/config/SSSDConfig/sssdoptions.py:485 msgid "Service protocol attribute" msgstr "L'atribut protocol del servei" -#: src/config/SSSDConfig/sssdoptions.py:482 +#: src/config/SSSDConfig/sssdoptions.py:487 msgid "Lower bound for ID-mapping" msgstr "Límit inferior per a l'assignació d'id." -#: src/config/SSSDConfig/sssdoptions.py:483 +#: src/config/SSSDConfig/sssdoptions.py:488 msgid "Upper bound for ID-mapping" msgstr "Límit superior per a l'assignació d'id." -#: src/config/SSSDConfig/sssdoptions.py:484 +#: src/config/SSSDConfig/sssdoptions.py:489 msgid "Number of IDs for each slice when ID-mapping" msgstr "Nombres d'id. per cada porció en l'assignació d'id." -#: src/config/SSSDConfig/sssdoptions.py:485 +#: src/config/SSSDConfig/sssdoptions.py:490 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "Utilitza l'algoritme compatible d'autorid per a l'assignació d'id." -#: src/config/SSSDConfig/sssdoptions.py:486 +#: src/config/SSSDConfig/sssdoptions.py:491 msgid "Name of the default domain for ID-mapping" msgstr "Nom del domini per defecte per a l'assignació d'id." -#: src/config/SSSDConfig/sssdoptions.py:487 +#: src/config/SSSDConfig/sssdoptions.py:492 msgid "SID of the default domain for ID-mapping" msgstr "SID del domini per defecte per a l'assignació d'id." -#: src/config/SSSDConfig/sssdoptions.py:488 +#: src/config/SSSDConfig/sssdoptions.py:493 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:490 +#: src/config/SSSDConfig/sssdoptions.py:495 msgid "Whether to use Token-Groups" msgstr "Si s'utilitzen els grups amb testimonis" -#: src/config/SSSDConfig/sssdoptions.py:491 +#: src/config/SSSDConfig/sssdoptions.py:496 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "Estableix el límit inferior per als id. permesos del servidor LDAP" -#: src/config/SSSDConfig/sssdoptions.py:492 +#: src/config/SSSDConfig/sssdoptions.py:497 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "Estableix el límit superior per als id. permesos del servidor LDAP" -#: src/config/SSSDConfig/sssdoptions.py:493 +#: src/config/SSSDConfig/sssdoptions.py:498 msgid "DN for ppolicy queries" msgstr "DN per a les consultes ppolicy" -#: src/config/SSSDConfig/sssdoptions.py:494 +#: src/config/SSSDConfig/sssdoptions.py:499 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:495 +#: src/config/SSSDConfig/sssdoptions.py:500 msgid "Set libldap debug level" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:498 +#: src/config/SSSDConfig/sssdoptions.py:503 msgid "Policy to evaluate the password expiration" msgstr "Política per avaluar el venciment de la contrasenya" -#: src/config/SSSDConfig/sssdoptions.py:502 +#: src/config/SSSDConfig/sssdoptions.py:507 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" "Quins atributs s'haurien d'utilitzar per avaluar si el compte ha vençut" -#: src/config/SSSDConfig/sssdoptions.py:506 +#: src/config/SSSDConfig/sssdoptions.py:511 msgid "URI of an LDAP server where password changes are allowed" msgstr "URI d'un servidor LDAP on es permeten els canvis de contrasenya" -#: src/config/SSSDConfig/sssdoptions.py:507 +#: src/config/SSSDConfig/sssdoptions.py:512 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" "URI d'un servidor LDAP de reserva on es permeten els canvis de contrasenya" -#: src/config/SSSDConfig/sssdoptions.py:508 +#: src/config/SSSDConfig/sssdoptions.py:513 msgid "DNS service name for LDAP password change server" msgstr "Nom del servei DNS pel servidor LDAP de canvi de contrasenyes" -#: src/config/SSSDConfig/sssdoptions.py:509 +#: src/config/SSSDConfig/sssdoptions.py:514 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" @@ -1753,27 +1772,27 @@ msgstr "" "Si s'actualitza l'atribut ldap_user_shadow_last_change després d'un canvi de " "contrasenya" -#: src/config/SSSDConfig/sssdoptions.py:513 +#: src/config/SSSDConfig/sssdoptions.py:518 msgid "Base DN for sudo rules lookups" msgstr "DN base per a la recerca de les regles sudo" -#: src/config/SSSDConfig/sssdoptions.py:514 +#: src/config/SSSDConfig/sssdoptions.py:519 msgid "Automatic full refresh period" msgstr "Període d'actualització automàtica completa" -#: src/config/SSSDConfig/sssdoptions.py:515 +#: src/config/SSSDConfig/sssdoptions.py:520 msgid "Automatic smart refresh period" msgstr "Període d'actualització automàtica intel·ligent" -#: src/config/SSSDConfig/sssdoptions.py:516 +#: src/config/SSSDConfig/sssdoptions.py:521 msgid "Smart and full refresh random offset" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:517 +#: src/config/SSSDConfig/sssdoptions.py:522 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "Si es filtren les regles per nom d'amfitrió, adreça IP i xarxa" -#: src/config/SSSDConfig/sssdoptions.py:518 +#: src/config/SSSDConfig/sssdoptions.py:523 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" @@ -1781,196 +1800,196 @@ msgstr "" "Noms d'amfitrió i/o noms de domini plenament qualificat d'aquesta màquina " "per filtrar les regles de sudo" -#: src/config/SSSDConfig/sssdoptions.py:519 +#: src/config/SSSDConfig/sssdoptions.py:524 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" "Adreces IPv4 o IPv6 o xarxa d'aquesta màquina per filtrar regles de sudo" -#: src/config/SSSDConfig/sssdoptions.py:520 +#: src/config/SSSDConfig/sssdoptions.py:525 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" "Si s'inclouen les regles que contenen el grup de xarxa a l'atribut de " "l'amfitrió" -#: src/config/SSSDConfig/sssdoptions.py:521 +#: src/config/SSSDConfig/sssdoptions.py:526 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" "Si s'inclouen les regles que contenen expressions regulars a l'atribut de " "l'amfitrió" -#: src/config/SSSDConfig/sssdoptions.py:522 +#: src/config/SSSDConfig/sssdoptions.py:527 msgid "Object class for sudo rules" msgstr "Objectclass de les regles sudo" -#: src/config/SSSDConfig/sssdoptions.py:523 +#: src/config/SSSDConfig/sssdoptions.py:528 msgid "Name of attribute that is used as object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:524 +#: src/config/SSSDConfig/sssdoptions.py:529 msgid "Sudo rule name" msgstr "Nom de la regla sudo" -#: src/config/SSSDConfig/sssdoptions.py:525 +#: src/config/SSSDConfig/sssdoptions.py:530 msgid "Sudo rule command attribute" msgstr "Attribut command de la regla sudo" -#: src/config/SSSDConfig/sssdoptions.py:526 +#: src/config/SSSDConfig/sssdoptions.py:531 msgid "Sudo rule host attribute" msgstr "L'atribut host de la regla sudo" -#: src/config/SSSDConfig/sssdoptions.py:527 +#: src/config/SSSDConfig/sssdoptions.py:532 msgid "Sudo rule user attribute" msgstr "L'atribut user de la regla sudo" -#: src/config/SSSDConfig/sssdoptions.py:528 +#: src/config/SSSDConfig/sssdoptions.py:533 msgid "Sudo rule option attribute" msgstr "L'atribut option de la regla sudo" -#: src/config/SSSDConfig/sssdoptions.py:529 +#: src/config/SSSDConfig/sssdoptions.py:534 msgid "Sudo rule runas attribute" msgstr "L'atribut runas de la regla sudo" -#: src/config/SSSDConfig/sssdoptions.py:530 +#: src/config/SSSDConfig/sssdoptions.py:535 msgid "Sudo rule runasuser attribute" msgstr "L'atribut runasuser de la regla sudo" -#: src/config/SSSDConfig/sssdoptions.py:531 +#: src/config/SSSDConfig/sssdoptions.py:536 msgid "Sudo rule runasgroup attribute" msgstr "L'atribut runasgroup de la regla sudo" -#: src/config/SSSDConfig/sssdoptions.py:532 +#: src/config/SSSDConfig/sssdoptions.py:537 msgid "Sudo rule notbefore attribute" msgstr "L'atribut notbefore de la regla sudo" -#: src/config/SSSDConfig/sssdoptions.py:533 +#: src/config/SSSDConfig/sssdoptions.py:538 msgid "Sudo rule notafter attribute" msgstr "L'atribut notafter de la regla sudo" -#: src/config/SSSDConfig/sssdoptions.py:534 +#: src/config/SSSDConfig/sssdoptions.py:539 msgid "Sudo rule order attribute" msgstr "L'atribut order de la regla sudo" -#: src/config/SSSDConfig/sssdoptions.py:537 +#: src/config/SSSDConfig/sssdoptions.py:542 msgid "Object class for automounter maps" msgstr "Objectclass per a les assignacions de l'eina de muntatge automàtic" -#: src/config/SSSDConfig/sssdoptions.py:538 +#: src/config/SSSDConfig/sssdoptions.py:543 msgid "Automounter map name attribute" msgstr "L'atribut nom de l'assignació de l'eina de muntatge automàtic" -#: src/config/SSSDConfig/sssdoptions.py:539 +#: src/config/SSSDConfig/sssdoptions.py:544 msgid "Object class for automounter map entries" msgstr "" "Objectclass per a les entrades de les assignacions de l'eina de muntatge " "automàtic" -#: src/config/SSSDConfig/sssdoptions.py:540 +#: src/config/SSSDConfig/sssdoptions.py:545 msgid "Automounter map entry key attribute" msgstr "" "L'atribut clau d'entrada de l'assignació de l'eina de muntatge automàtic" -#: src/config/SSSDConfig/sssdoptions.py:541 +#: src/config/SSSDConfig/sssdoptions.py:546 msgid "Automounter map entry value attribute" msgstr "" "L'atribut valor de l'entrada de l'assignació l'eina de muntatge automàtic" -#: src/config/SSSDConfig/sssdoptions.py:542 +#: src/config/SSSDConfig/sssdoptions.py:547 msgid "Base DN for automounter map lookups" msgstr "" "DN base per a la recerca de l'assignació de l'eina de muntatge automàtic" -#: src/config/SSSDConfig/sssdoptions.py:543 +#: src/config/SSSDConfig/sssdoptions.py:548 msgid "The name of the automount master map in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:546 +#: src/config/SSSDConfig/sssdoptions.py:551 msgid "Base DN for IP hosts lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:547 +#: src/config/SSSDConfig/sssdoptions.py:552 msgid "Object class for IP hosts" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:548 +#: src/config/SSSDConfig/sssdoptions.py:553 msgid "IP host name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:549 +#: src/config/SSSDConfig/sssdoptions.py:554 msgid "IP host number (address) attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:550 +#: src/config/SSSDConfig/sssdoptions.py:555 msgid "IP host entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:551 +#: src/config/SSSDConfig/sssdoptions.py:556 msgid "Base DN for IP networks lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:552 +#: src/config/SSSDConfig/sssdoptions.py:557 msgid "Object class for IP networks" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:553 +#: src/config/SSSDConfig/sssdoptions.py:558 msgid "IP network name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:554 +#: src/config/SSSDConfig/sssdoptions.py:559 msgid "IP network number (address) attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:555 +#: src/config/SSSDConfig/sssdoptions.py:560 msgid "IP network entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:558 +#: src/config/SSSDConfig/sssdoptions.py:563 msgid "Comma separated list of allowed users" msgstr "Llista separada per comes dels usuaris autoritzats" -#: src/config/SSSDConfig/sssdoptions.py:559 +#: src/config/SSSDConfig/sssdoptions.py:564 msgid "Comma separated list of prohibited users" msgstr "Llista separada per comes dels usuaris no autoritzats" -#: src/config/SSSDConfig/sssdoptions.py:560 +#: src/config/SSSDConfig/sssdoptions.py:565 msgid "" "Comma separated list of groups that are allowed to log in. This applies only " "to groups within this SSSD domain. Local groups are not evaluated." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:562 +#: src/config/SSSDConfig/sssdoptions.py:567 msgid "" "Comma separated list of groups that are explicitly denied access. This " "applies only to groups within this SSSD domain. Local groups are not " "evaluated." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:566 +#: src/config/SSSDConfig/sssdoptions.py:571 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:569 +#: src/config/SSSDConfig/sssdoptions.py:574 msgid "The name of the NSS library to use" msgstr "El nom de la biblioteca NSS a utilitzar" -#: src/config/SSSDConfig/sssdoptions.py:570 +#: src/config/SSSDConfig/sssdoptions.py:575 msgid "The name of the NSS library to use for hosts and networks lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:571 +#: src/config/SSSDConfig/sssdoptions.py:576 msgid "Whether to look up canonical group name from cache if possible" msgstr "" "Si se cerca el nom del grup canònic des de la memòria cau, si és possible" -#: src/config/SSSDConfig/sssdoptions.py:574 +#: src/config/SSSDConfig/sssdoptions.py:579 msgid "PAM stack to use" msgstr "Pila PAM a utilitzar" -#: src/config/SSSDConfig/sssdoptions.py:577 +#: src/config/SSSDConfig/sssdoptions.py:582 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:578 +#: src/config/SSSDConfig/sssdoptions.py:583 msgid "Path of group file sources." msgstr "" @@ -2025,76 +2044,72 @@ msgstr "" msgid "Can't read config: '%s'\n" msgstr "" -#: src/monitor/monitor.c:1953 +#: src/monitor/monitor.c:1956 #, c-format msgid "Failed to boostrap SSSD 'monitor' process: %s" msgstr "" -#: src/monitor/monitor.c:2050 +#: src/monitor/monitor.c:2053 msgid "Out of memory\n" msgstr "Sense memòria\n" -#: src/providers/krb5/krb5_child.c:4145 src/providers/ldap/ldap_child.c:994 -msgid "Allow core dumps" +#: src/providers/krb5/krb5_child.c:4113 src/providers/ldap/ldap_child.c:995 +msgid "Ignored, /proc/sys/fs/suid_dumpable setting is in force" msgstr "" -#: src/providers/krb5/krb5_child.c:4147 src/providers/ldap/ldap_child.c:996 +#: src/providers/krb5/krb5_child.c:4115 src/providers/ldap/ldap_child.c:997 +msgid "Enable debug backtrace" +msgstr "" + +#: src/providers/krb5/krb5_child.c:4117 src/providers/ldap/ldap_child.c:999 msgid "An open file descriptor for the debug logs" msgstr "Un descriptor de fitxer obert pels registres de depuració" -#: src/providers/krb5/krb5_child.c:4150 -msgid "The user to create FAST ccache as" -msgstr "L'usuari amb què es crea la ccache FAST" - -#: src/providers/krb5/krb5_child.c:4152 -msgid "The group to create FAST ccache as" -msgstr "El grup amb què es crea la ccache FAST" - -#: src/providers/krb5/krb5_child.c:4154 +#: src/providers/krb5/krb5_child.c:4120 msgid "Use anonymous PKINIT to request FAST armor ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:4156 +#: src/providers/krb5/krb5_child.c:4122 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:4158 +#: src/providers/krb5/krb5_child.c:4124 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:4160 +#: src/providers/krb5/krb5_child.c:4126 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:4162 +#: src/providers/krb5/krb5_child.c:4128 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:4165 +#: src/providers/krb5/krb5_child.c:4131 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:4167 +#: src/providers/krb5/krb5_child.c:4133 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/krb5/krb5_child.c:4169 +#: src/providers/krb5/krb5_child.c:4135 msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/krb5/krb5_child.c:4171 +#: src/providers/krb5/krb5_child.c:4137 msgid "Tevent chain ID used for logging purposes" msgstr "" -#: src/providers/krb5/krb5_child.c:4173 +#: src/providers/krb5/krb5_child.c:4139 msgid "Check PAC flags" msgstr "" -#: src/providers/krb5/krb5_child.c:4217 src/providers/ldap/ldap_child.c:1022 +#: src/providers/krb5/krb5_child.c:4187 src/providers/ldap/ldap_child.c:1029 msgid "talloc_asprintf failed.\n" msgstr "" -#: src/providers/krb5/krb5_child.c:4227 src/providers/ldap/ldap_child.c:1031 +#: src/providers/krb5/krb5_child.c:4197 src/providers/ldap/ldap_child.c:1038 msgid "set_debug_file_from_fd failed.\n" msgstr "" @@ -2264,7 +2279,7 @@ msgstr "" msgid "Current Password: " msgstr "Contrasenya actual: " -#: src/sss_client/pam_sss.c:3147 +#: src/sss_client/pam_sss.c:3150 msgid "Password expired. Change your password now." msgstr "La contrasenya ha vençut. Canvieu ara la vostra contrasenya." @@ -2934,25 +2949,29 @@ msgid "There is no configuration.\n" msgstr "" #: src/tools/sssctl/sssctl_config.c:120 -#, c-format -msgid "Failed to read '%s': %s\n" +#, fuzzy, c-format +msgid "Configuration validation failed: %s\n" +msgstr "L'ordre post-delete ha fallat: %1$s\n" + +#: src/tools/sssctl/sssctl_config.c:121 +msgid "Run with high debug level to see details.\n" msgstr "" -#: src/tools/sssctl/sssctl_config.c:129 +#: src/tools/sssctl/sssctl_config.c:130 msgid "Failed to run validators" msgstr "" -#: src/tools/sssctl/sssctl_config.c:133 +#: src/tools/sssctl/sssctl_config.c:134 #, c-format msgid "Issues identified by validators: %zu\n" msgstr "" -#: src/tools/sssctl/sssctl_config.c:144 +#: src/tools/sssctl/sssctl_config.c:145 #, c-format msgid "Messages generated during configuration merging: %zu\n" msgstr "" -#: src/tools/sssctl/sssctl_config.c:157 +#: src/tools/sssctl/sssctl_config.c:158 #, c-format msgid "Used configuration snippet files: %zu\n" msgstr "" @@ -3446,14 +3465,20 @@ msgstr "" msgid " - no env -\n" msgstr "" -#: src/util/util.h:98 +#: src/util/util.h:91 msgid "Specify a non-default config file" msgstr "Especifica un fitxer de configuració diferent del predeterminat" -#: src/util/util.h:105 +#: src/util/util.h:98 msgid "Informs that the responder has been socket-activated" msgstr "" +#~ msgid "The user to create FAST ccache as" +#~ msgstr "L'usuari amb què es crea la ccache FAST" + +#~ msgid "The group to create FAST ccache as" +#~ msgstr "El grup amb què es crea la ccache FAST" + #~ msgid "Number of times to attempt connection to Data Providers" #~ msgstr "" #~ "El nombre de vegades per intentar la connexió als proveïdors de dades" diff --git a/po/cs.po b/po/cs.po index 6d527345581..2fabbc24f4a 100644 --- a/po/cs.po +++ b/po/cs.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2024-10-15 11:45+0200\n" +"POT-Creation-Date: 2024-12-10 14:35+0100\n" "PO-Revision-Date: 2024-06-22 16:36+0000\n" "Last-Translator: Jan Kalabza \n" "Language-Team: Czech \n" "Language-Team: German \n" "Language-Team: Spanish \n" "Language-Team: Basque (http://www.transifex.com/projects/p/sssd/language/" @@ -585,1265 +585,1283 @@ msgid "Whether to automatically update the client's DNS entry" msgstr "" #: src/config/SSSDConfig/sssdoptions.py:200 -#: src/config/SSSDConfig/sssdoptions.py:233 +msgid "" +"Whether DNS update of A and AAAA record should be performed in one update or " +"in two separate updates" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:202 +#: src/config/SSSDConfig/sssdoptions.py:238 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:201 -#: src/config/SSSDConfig/sssdoptions.py:234 +#: src/config/SSSDConfig/sssdoptions.py:203 +#: src/config/SSSDConfig/sssdoptions.py:239 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:202 +#: src/config/SSSDConfig/sssdoptions.py:204 msgid "How often to periodically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:203 +#: src/config/SSSDConfig/sssdoptions.py:205 msgid "Maximum period deviation when updating the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:204 +#: src/config/SSSDConfig/sssdoptions.py:206 msgid "Whether the provider should explicitly update the PTR record as well" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:205 +#: src/config/SSSDConfig/sssdoptions.py:207 msgid "Whether the nsupdate utility should default to using TCP" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:206 +#: src/config/SSSDConfig/sssdoptions.py:208 msgid "What kind of authentication should be used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:207 +#: src/config/SSSDConfig/sssdoptions.py:209 msgid "Override the DNS server used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:208 +#: src/config/SSSDConfig/sssdoptions.py:210 +msgid "The file of the certificate authorities certificates for DoT" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:211 +msgid "The certificate(s) file for authentication for the DoT transport" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:212 +msgid "The key file for authenticated encryption for the DoT transport" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:213 msgid "Control enumeration of trusted domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:209 +#: src/config/SSSDConfig/sssdoptions.py:214 msgid "How often should subdomains list be refreshed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:210 +#: src/config/SSSDConfig/sssdoptions.py:215 msgid "Maximum period deviation when refreshing the subdomain list" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:211 +#: src/config/SSSDConfig/sssdoptions.py:216 msgid "List of options that should be inherited into a subdomain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:212 +#: src/config/SSSDConfig/sssdoptions.py:217 msgid "Default subdomain homedir value" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:213 +#: src/config/SSSDConfig/sssdoptions.py:218 msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:214 +#: src/config/SSSDConfig/sssdoptions.py:219 msgid "Whether to automatically create private groups for users" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:215 +#: src/config/SSSDConfig/sssdoptions.py:220 msgid "Display a warning N days before the password expires." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:216 +#: src/config/SSSDConfig/sssdoptions.py:221 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:217 +#: src/config/SSSDConfig/sssdoptions.py:222 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:219 +#: src/config/SSSDConfig/sssdoptions.py:224 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:221 +#: src/config/SSSDConfig/sssdoptions.py:226 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " "(long term password) must have to be saved as SHA512 hash into the cache." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:225 +#: src/config/SSSDConfig/sssdoptions.py:230 msgid "Local authentication methods policy " msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:228 +#: src/config/SSSDConfig/sssdoptions.py:233 msgid "IPA domain" msgstr "IPA domeinua" -#: src/config/SSSDConfig/sssdoptions.py:229 +#: src/config/SSSDConfig/sssdoptions.py:234 msgid "IPA server address" msgstr "IPA zerbitzariaren helbidea" -#: src/config/SSSDConfig/sssdoptions.py:230 +#: src/config/SSSDConfig/sssdoptions.py:235 msgid "Address of backup IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:231 +#: src/config/SSSDConfig/sssdoptions.py:236 msgid "IPA client hostname" msgstr "IPA bezeroaren ostalari-izena" -#: src/config/SSSDConfig/sssdoptions.py:232 +#: src/config/SSSDConfig/sssdoptions.py:237 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:235 +#: src/config/SSSDConfig/sssdoptions.py:240 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:236 +#: src/config/SSSDConfig/sssdoptions.py:241 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:237 +#: src/config/SSSDConfig/sssdoptions.py:242 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:239 +#: src/config/SSSDConfig/sssdoptions.py:244 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:240 +#: src/config/SSSDConfig/sssdoptions.py:245 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:241 +#: src/config/SSSDConfig/sssdoptions.py:246 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:242 +#: src/config/SSSDConfig/sssdoptions.py:247 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:243 -#: src/config/SSSDConfig/sssdoptions.py:299 +#: src/config/SSSDConfig/sssdoptions.py:248 +#: src/config/SSSDConfig/sssdoptions.py:304 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:244 +#: src/config/SSSDConfig/sssdoptions.py:249 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:245 +#: src/config/SSSDConfig/sssdoptions.py:250 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:246 +#: src/config/SSSDConfig/sssdoptions.py:251 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:247 +#: src/config/SSSDConfig/sssdoptions.py:252 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:248 +#: src/config/SSSDConfig/sssdoptions.py:253 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:249 +#: src/config/SSSDConfig/sssdoptions.py:254 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:250 +#: src/config/SSSDConfig/sssdoptions.py:255 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:251 +#: src/config/SSSDConfig/sssdoptions.py:256 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:252 +#: src/config/SSSDConfig/sssdoptions.py:257 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:254 +#: src/config/SSSDConfig/sssdoptions.py:259 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:257 +#: src/config/SSSDConfig/sssdoptions.py:262 msgid "Search base for SUBID ranges" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:258 -#: src/config/SSSDConfig/sssdoptions.py:503 +#: src/config/SSSDConfig/sssdoptions.py:263 +#: src/config/SSSDConfig/sssdoptions.py:508 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:259 +#: src/config/SSSDConfig/sssdoptions.py:264 msgid "The LDAP attribute that contains FQDN of the host." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:260 -#: src/config/SSSDConfig/sssdoptions.py:283 +#: src/config/SSSDConfig/sssdoptions.py:265 +#: src/config/SSSDConfig/sssdoptions.py:288 msgid "The object class of a host entry in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:261 +#: src/config/SSSDConfig/sssdoptions.py:266 msgid "Use the given string as search base for host objects." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:262 +#: src/config/SSSDConfig/sssdoptions.py:267 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:263 +#: src/config/SSSDConfig/sssdoptions.py:268 msgid "The LDAP attribute that contains NIS domain name of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:264 +#: src/config/SSSDConfig/sssdoptions.py:269 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:265 +#: src/config/SSSDConfig/sssdoptions.py:270 msgid "" "The LDAP attribute that lists FQDNs of hosts and host groups that are " "members of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:267 +#: src/config/SSSDConfig/sssdoptions.py:272 msgid "" "The LDAP attribute that lists hosts and host groups that are direct members " "of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:269 +#: src/config/SSSDConfig/sssdoptions.py:274 msgid "The LDAP attribute that lists netgroup's memberships." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:270 +#: src/config/SSSDConfig/sssdoptions.py:275 msgid "" "The LDAP attribute that lists system users and groups that are direct " "members of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:272 +#: src/config/SSSDConfig/sssdoptions.py:277 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:273 +#: src/config/SSSDConfig/sssdoptions.py:278 msgid "The object class of a netgroup entry in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:274 +#: src/config/SSSDConfig/sssdoptions.py:279 msgid "" "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:275 +#: src/config/SSSDConfig/sssdoptions.py:280 msgid "" "The LDAP attribute that contains whether or not is user map enabled for " "usage." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:277 +#: src/config/SSSDConfig/sssdoptions.py:282 msgid "The LDAP attribute that contains host category such as 'all'." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:278 +#: src/config/SSSDConfig/sssdoptions.py:283 msgid "" "The LDAP attribute that contains all hosts / hostgroups this rule match " "against." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:280 +#: src/config/SSSDConfig/sssdoptions.py:285 msgid "" "The LDAP attribute that contains all users / groups this rule match against." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:282 +#: src/config/SSSDConfig/sssdoptions.py:287 msgid "The LDAP attribute that contains the name of SELinux usermap." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:284 +#: src/config/SSSDConfig/sssdoptions.py:289 msgid "" "The LDAP attribute that contains DN of HBAC rule which can be used for " "matching instead of memberUser and memberHost." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:286 +#: src/config/SSSDConfig/sssdoptions.py:291 msgid "The LDAP attribute that contains SELinux user string itself." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:287 +#: src/config/SSSDConfig/sssdoptions.py:292 msgid "The LDAP attribute that contains user category such as 'all'." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:288 +#: src/config/SSSDConfig/sssdoptions.py:293 msgid "The LDAP attribute that contains unique ID of the user map." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:289 +#: src/config/SSSDConfig/sssdoptions.py:294 msgid "" "The option denotes that the SSSD is running on IPA server and should perform " "lookups of users and groups from trusted domains differently." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:291 +#: src/config/SSSDConfig/sssdoptions.py:296 msgid "Use the given string as search base for trusted domains." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:294 +#: src/config/SSSDConfig/sssdoptions.py:299 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:295 +#: src/config/SSSDConfig/sssdoptions.py:300 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:296 +#: src/config/SSSDConfig/sssdoptions.py:301 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:297 +#: src/config/SSSDConfig/sssdoptions.py:302 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:298 +#: src/config/SSSDConfig/sssdoptions.py:303 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:300 -#: src/config/SSSDConfig/sssdoptions.py:501 +#: src/config/SSSDConfig/sssdoptions.py:305 +#: src/config/SSSDConfig/sssdoptions.py:506 msgid "LDAP filter to determine access privileges" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:301 +#: src/config/SSSDConfig/sssdoptions.py:306 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:302 +#: src/config/SSSDConfig/sssdoptions.py:307 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:303 +#: src/config/SSSDConfig/sssdoptions.py:308 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:304 +#: src/config/SSSDConfig/sssdoptions.py:309 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:306 +#: src/config/SSSDConfig/sssdoptions.py:311 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:308 +#: src/config/SSSDConfig/sssdoptions.py:313 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:309 +#: src/config/SSSDConfig/sssdoptions.py:314 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:310 +#: src/config/SSSDConfig/sssdoptions.py:315 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:311 +#: src/config/SSSDConfig/sssdoptions.py:316 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:312 +#: src/config/SSSDConfig/sssdoptions.py:317 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:313 +#: src/config/SSSDConfig/sssdoptions.py:318 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:314 +#: src/config/SSSDConfig/sssdoptions.py:319 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:315 +#: src/config/SSSDConfig/sssdoptions.py:320 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:317 +#: src/config/SSSDConfig/sssdoptions.py:322 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:318 +#: src/config/SSSDConfig/sssdoptions.py:323 msgid "Whether to update the machine account password in the Samba database" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:320 +#: src/config/SSSDConfig/sssdoptions.py:325 msgid "Use LDAPS port for LDAP and Global Catalog requests" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:321 +#: src/config/SSSDConfig/sssdoptions.py:326 msgid "Do not filter domain local groups from other domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:324 -#: src/config/SSSDConfig/sssdoptions.py:325 +#: src/config/SSSDConfig/sssdoptions.py:329 +#: src/config/SSSDConfig/sssdoptions.py:330 msgid "Kerberos server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:326 +#: src/config/SSSDConfig/sssdoptions.py:331 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:327 +#: src/config/SSSDConfig/sssdoptions.py:332 msgid "Kerberos realm" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:328 +#: src/config/SSSDConfig/sssdoptions.py:333 msgid "Authentication timeout" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:329 +#: src/config/SSSDConfig/sssdoptions.py:334 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:330 +#: src/config/SSSDConfig/sssdoptions.py:335 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:333 +#: src/config/SSSDConfig/sssdoptions.py:338 msgid "Directory to store credential caches" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:334 +#: src/config/SSSDConfig/sssdoptions.py:339 msgid "Location of the user's credential cache" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:335 +#: src/config/SSSDConfig/sssdoptions.py:340 msgid "Location of the keytab to validate credentials" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:336 +#: src/config/SSSDConfig/sssdoptions.py:341 msgid "Enable credential validation" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:337 +#: src/config/SSSDConfig/sssdoptions.py:342 msgid "Store password if offline for later online authentication" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:338 +#: src/config/SSSDConfig/sssdoptions.py:343 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:339 +#: src/config/SSSDConfig/sssdoptions.py:344 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:340 +#: src/config/SSSDConfig/sssdoptions.py:345 msgid "Time between two checks for renewal" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:341 +#: src/config/SSSDConfig/sssdoptions.py:346 msgid "Enables FAST" msgstr "FAST gaitzen du" -#: src/config/SSSDConfig/sssdoptions.py:342 +#: src/config/SSSDConfig/sssdoptions.py:347 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:343 +#: src/config/SSSDConfig/sssdoptions.py:348 msgid "Use anonymous PKINIT to request FAST credentials" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:344 +#: src/config/SSSDConfig/sssdoptions.py:349 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:345 +#: src/config/SSSDConfig/sssdoptions.py:350 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:346 +#: src/config/SSSDConfig/sssdoptions.py:351 msgid "Enables using of subdomains realms for authentication" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:347 +#: src/config/SSSDConfig/sssdoptions.py:352 msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:350 -#: src/config/SSSDConfig/sssdoptions.py:351 +#: src/config/SSSDConfig/sssdoptions.py:355 +#: src/config/SSSDConfig/sssdoptions.py:356 msgid "Server where the change password service is running if not on the KDC" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:354 +#: src/config/SSSDConfig/sssdoptions.py:359 msgid "ldap_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:355 +#: src/config/SSSDConfig/sssdoptions.py:360 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:356 +#: src/config/SSSDConfig/sssdoptions.py:361 msgid "The default base DN" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:357 +#: src/config/SSSDConfig/sssdoptions.py:362 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:358 +#: src/config/SSSDConfig/sssdoptions.py:363 msgid "Mode used to change user password" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:359 +#: src/config/SSSDConfig/sssdoptions.py:364 msgid "The default bind DN" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:360 +#: src/config/SSSDConfig/sssdoptions.py:365 msgid "The type of the authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:361 +#: src/config/SSSDConfig/sssdoptions.py:366 msgid "The authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:362 +#: src/config/SSSDConfig/sssdoptions.py:367 msgid "Length of time to attempt connection" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:363 +#: src/config/SSSDConfig/sssdoptions.py:368 msgid "Length of time to attempt synchronous LDAP operations" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:364 +#: src/config/SSSDConfig/sssdoptions.py:369 msgid "Length of time between attempts to reconnect while offline" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:365 +#: src/config/SSSDConfig/sssdoptions.py:370 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:366 +#: src/config/SSSDConfig/sssdoptions.py:371 msgid "File that contains CA certificates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:367 +#: src/config/SSSDConfig/sssdoptions.py:372 msgid "Path to CA certificate directory" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:368 +#: src/config/SSSDConfig/sssdoptions.py:373 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:369 +#: src/config/SSSDConfig/sssdoptions.py:374 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:370 +#: src/config/SSSDConfig/sssdoptions.py:375 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:371 +#: src/config/SSSDConfig/sssdoptions.py:376 msgid "Require TLS certificate verification" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:372 +#: src/config/SSSDConfig/sssdoptions.py:377 msgid "Specify the sasl mechanism to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:373 +#: src/config/SSSDConfig/sssdoptions.py:378 msgid "Specify the sasl authorization id to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:374 +#: src/config/SSSDConfig/sssdoptions.py:379 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:375 +#: src/config/SSSDConfig/sssdoptions.py:380 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:376 +#: src/config/SSSDConfig/sssdoptions.py:381 msgid "Specify the maximal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:377 +#: src/config/SSSDConfig/sssdoptions.py:382 msgid "Kerberos service keytab" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:378 +#: src/config/SSSDConfig/sssdoptions.py:383 msgid "Use Kerberos auth for LDAP connection" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:379 +#: src/config/SSSDConfig/sssdoptions.py:384 msgid "Follow LDAP referrals" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:380 +#: src/config/SSSDConfig/sssdoptions.py:385 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:381 +#: src/config/SSSDConfig/sssdoptions.py:386 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:382 +#: src/config/SSSDConfig/sssdoptions.py:387 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:383 +#: src/config/SSSDConfig/sssdoptions.py:388 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:384 +#: src/config/SSSDConfig/sssdoptions.py:389 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:385 +#: src/config/SSSDConfig/sssdoptions.py:390 msgid "Ignore unreadable LDAP references" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:386 +#: src/config/SSSDConfig/sssdoptions.py:391 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:388 +#: src/config/SSSDConfig/sssdoptions.py:393 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:391 +#: src/config/SSSDConfig/sssdoptions.py:396 msgid "entryUSN attribute" msgstr "entryUSN atributua" -#: src/config/SSSDConfig/sssdoptions.py:392 +#: src/config/SSSDConfig/sssdoptions.py:397 msgid "lastUSN attribute" msgstr "lastUSN atributua" -#: src/config/SSSDConfig/sssdoptions.py:394 +#: src/config/SSSDConfig/sssdoptions.py:399 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:397 +#: src/config/SSSDConfig/sssdoptions.py:402 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:398 +#: src/config/SSSDConfig/sssdoptions.py:403 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:399 +#: src/config/SSSDConfig/sssdoptions.py:404 msgid "Use the ppolicy extension" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:400 +#: src/config/SSSDConfig/sssdoptions.py:405 msgid "" "Force a password change when remaining grace logins reach or go below this " "threshold" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:403 +#: src/config/SSSDConfig/sssdoptions.py:408 msgid "Length of time to wait for a search request" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:404 +#: src/config/SSSDConfig/sssdoptions.py:409 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:405 +#: src/config/SSSDConfig/sssdoptions.py:410 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:406 +#: src/config/SSSDConfig/sssdoptions.py:411 msgid "Maximum period deviation between enumeration updates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:407 +#: src/config/SSSDConfig/sssdoptions.py:412 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:408 +#: src/config/SSSDConfig/sssdoptions.py:413 msgid "Maximum time deviation between cache cleanups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:409 +#: src/config/SSSDConfig/sssdoptions.py:414 msgid "Require TLS for ID lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:410 +#: src/config/SSSDConfig/sssdoptions.py:415 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:411 +#: src/config/SSSDConfig/sssdoptions.py:416 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:412 +#: src/config/SSSDConfig/sssdoptions.py:417 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:413 +#: src/config/SSSDConfig/sssdoptions.py:418 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:414 +#: src/config/SSSDConfig/sssdoptions.py:419 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:415 +#: src/config/SSSDConfig/sssdoptions.py:420 msgid "Username attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:416 +#: src/config/SSSDConfig/sssdoptions.py:421 msgid "UID attribute" msgstr "UID atributua" -#: src/config/SSSDConfig/sssdoptions.py:417 +#: src/config/SSSDConfig/sssdoptions.py:422 msgid "Primary GID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:418 +#: src/config/SSSDConfig/sssdoptions.py:423 msgid "GECOS attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:419 +#: src/config/SSSDConfig/sssdoptions.py:424 msgid "Home directory attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:420 +#: src/config/SSSDConfig/sssdoptions.py:425 msgid "Shell attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:421 +#: src/config/SSSDConfig/sssdoptions.py:426 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:422 -#: src/config/SSSDConfig/sssdoptions.py:461 +#: src/config/SSSDConfig/sssdoptions.py:427 +#: src/config/SSSDConfig/sssdoptions.py:466 msgid "objectSID attribute" msgstr "objectSID atributua" -#: src/config/SSSDConfig/sssdoptions.py:423 +#: src/config/SSSDConfig/sssdoptions.py:428 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:424 +#: src/config/SSSDConfig/sssdoptions.py:429 msgid "User principal attribute (for Kerberos)" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:425 +#: src/config/SSSDConfig/sssdoptions.py:430 msgid "Full Name" msgstr "Izen osoa" -#: src/config/SSSDConfig/sssdoptions.py:426 +#: src/config/SSSDConfig/sssdoptions.py:431 msgid "memberOf attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:427 +#: src/config/SSSDConfig/sssdoptions.py:432 msgid "Modification time attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:428 +#: src/config/SSSDConfig/sssdoptions.py:433 msgid "shadowLastChange attribute" msgstr "shadowLastChange atributua" -#: src/config/SSSDConfig/sssdoptions.py:429 +#: src/config/SSSDConfig/sssdoptions.py:434 msgid "shadowMin attribute" msgstr "shadowMin atributua" -#: src/config/SSSDConfig/sssdoptions.py:430 +#: src/config/SSSDConfig/sssdoptions.py:435 msgid "shadowMax attribute" msgstr "shadowMax atributua" -#: src/config/SSSDConfig/sssdoptions.py:431 +#: src/config/SSSDConfig/sssdoptions.py:436 msgid "shadowWarning attribute" msgstr "shadowWarning atributua" -#: src/config/SSSDConfig/sssdoptions.py:432 +#: src/config/SSSDConfig/sssdoptions.py:437 msgid "shadowInactive attribute" msgstr "shadowInactive atributua" -#: src/config/SSSDConfig/sssdoptions.py:433 +#: src/config/SSSDConfig/sssdoptions.py:438 msgid "shadowExpire attribute" msgstr "shadowExpire atributua" -#: src/config/SSSDConfig/sssdoptions.py:434 +#: src/config/SSSDConfig/sssdoptions.py:439 msgid "shadowFlag attribute" msgstr "shadowFlag atributua" -#: src/config/SSSDConfig/sssdoptions.py:435 +#: src/config/SSSDConfig/sssdoptions.py:440 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:436 +#: src/config/SSSDConfig/sssdoptions.py:441 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:437 +#: src/config/SSSDConfig/sssdoptions.py:442 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:438 +#: src/config/SSSDConfig/sssdoptions.py:443 msgid "krbLastPwdChange attribute" msgstr "krbLastPwdChange atributua" -#: src/config/SSSDConfig/sssdoptions.py:439 +#: src/config/SSSDConfig/sssdoptions.py:444 msgid "krbPasswordExpiration attribute" msgstr "krbPasswordExpiration atributua" -#: src/config/SSSDConfig/sssdoptions.py:440 +#: src/config/SSSDConfig/sssdoptions.py:445 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:441 +#: src/config/SSSDConfig/sssdoptions.py:446 msgid "accountExpires attribute of AD" msgstr "ADren accountExpires atributua" -#: src/config/SSSDConfig/sssdoptions.py:442 +#: src/config/SSSDConfig/sssdoptions.py:447 msgid "userAccountControl attribute of AD" msgstr "ADren userAccountControl atributua" -#: src/config/SSSDConfig/sssdoptions.py:443 +#: src/config/SSSDConfig/sssdoptions.py:448 msgid "nsAccountLock attribute" msgstr "nsAccountLock atributua" -#: src/config/SSSDConfig/sssdoptions.py:444 +#: src/config/SSSDConfig/sssdoptions.py:449 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:445 +#: src/config/SSSDConfig/sssdoptions.py:450 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:446 +#: src/config/SSSDConfig/sssdoptions.py:451 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:447 +#: src/config/SSSDConfig/sssdoptions.py:452 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:448 +#: src/config/SSSDConfig/sssdoptions.py:453 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:449 +#: src/config/SSSDConfig/sssdoptions.py:454 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:450 +#: src/config/SSSDConfig/sssdoptions.py:455 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:451 +#: src/config/SSSDConfig/sssdoptions.py:456 msgid "attribute containing the passkey mapping data of the user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:452 +#: src/config/SSSDConfig/sssdoptions.py:457 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:454 +#: src/config/SSSDConfig/sssdoptions.py:459 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:455 +#: src/config/SSSDConfig/sssdoptions.py:460 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:456 +#: src/config/SSSDConfig/sssdoptions.py:461 msgid "Group name" msgstr "Talde-izena" -#: src/config/SSSDConfig/sssdoptions.py:457 +#: src/config/SSSDConfig/sssdoptions.py:462 msgid "Group password" msgstr "Taldearen pasahitza" -#: src/config/SSSDConfig/sssdoptions.py:458 +#: src/config/SSSDConfig/sssdoptions.py:463 msgid "GID attribute" msgstr "GID atributua" -#: src/config/SSSDConfig/sssdoptions.py:459 +#: src/config/SSSDConfig/sssdoptions.py:464 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:460 +#: src/config/SSSDConfig/sssdoptions.py:465 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:462 +#: src/config/SSSDConfig/sssdoptions.py:467 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:463 +#: src/config/SSSDConfig/sssdoptions.py:468 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:464 +#: src/config/SSSDConfig/sssdoptions.py:469 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:465 +#: src/config/SSSDConfig/sssdoptions.py:470 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:466 +#: src/config/SSSDConfig/sssdoptions.py:471 msgid "Filter for group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:467 +#: src/config/SSSDConfig/sssdoptions.py:472 msgid "Scope of group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:469 +#: src/config/SSSDConfig/sssdoptions.py:474 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:470 +#: src/config/SSSDConfig/sssdoptions.py:475 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:471 +#: src/config/SSSDConfig/sssdoptions.py:476 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:472 +#: src/config/SSSDConfig/sssdoptions.py:477 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:473 +#: src/config/SSSDConfig/sssdoptions.py:478 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:474 +#: src/config/SSSDConfig/sssdoptions.py:479 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:476 +#: src/config/SSSDConfig/sssdoptions.py:481 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:477 +#: src/config/SSSDConfig/sssdoptions.py:482 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:478 +#: src/config/SSSDConfig/sssdoptions.py:483 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:479 +#: src/config/SSSDConfig/sssdoptions.py:484 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:480 +#: src/config/SSSDConfig/sssdoptions.py:485 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:482 +#: src/config/SSSDConfig/sssdoptions.py:487 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:483 +#: src/config/SSSDConfig/sssdoptions.py:488 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:484 +#: src/config/SSSDConfig/sssdoptions.py:489 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:485 +#: src/config/SSSDConfig/sssdoptions.py:490 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:486 +#: src/config/SSSDConfig/sssdoptions.py:491 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:487 +#: src/config/SSSDConfig/sssdoptions.py:492 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:488 +#: src/config/SSSDConfig/sssdoptions.py:493 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:490 +#: src/config/SSSDConfig/sssdoptions.py:495 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:491 +#: src/config/SSSDConfig/sssdoptions.py:496 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:492 +#: src/config/SSSDConfig/sssdoptions.py:497 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:493 +#: src/config/SSSDConfig/sssdoptions.py:498 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:494 +#: src/config/SSSDConfig/sssdoptions.py:499 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:495 +#: src/config/SSSDConfig/sssdoptions.py:500 msgid "Set libldap debug level" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:498 +#: src/config/SSSDConfig/sssdoptions.py:503 msgid "Policy to evaluate the password expiration" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:502 +#: src/config/SSSDConfig/sssdoptions.py:507 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:506 +#: src/config/SSSDConfig/sssdoptions.py:511 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:507 +#: src/config/SSSDConfig/sssdoptions.py:512 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:508 +#: src/config/SSSDConfig/sssdoptions.py:513 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:509 +#: src/config/SSSDConfig/sssdoptions.py:514 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:513 +#: src/config/SSSDConfig/sssdoptions.py:518 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:514 +#: src/config/SSSDConfig/sssdoptions.py:519 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:515 +#: src/config/SSSDConfig/sssdoptions.py:520 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:516 +#: src/config/SSSDConfig/sssdoptions.py:521 msgid "Smart and full refresh random offset" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:517 +#: src/config/SSSDConfig/sssdoptions.py:522 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:518 +#: src/config/SSSDConfig/sssdoptions.py:523 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:519 +#: src/config/SSSDConfig/sssdoptions.py:524 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:520 +#: src/config/SSSDConfig/sssdoptions.py:525 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:521 +#: src/config/SSSDConfig/sssdoptions.py:526 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:522 +#: src/config/SSSDConfig/sssdoptions.py:527 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:523 +#: src/config/SSSDConfig/sssdoptions.py:528 msgid "Name of attribute that is used as object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:524 +#: src/config/SSSDConfig/sssdoptions.py:529 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:525 +#: src/config/SSSDConfig/sssdoptions.py:530 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:526 +#: src/config/SSSDConfig/sssdoptions.py:531 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:527 +#: src/config/SSSDConfig/sssdoptions.py:532 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:528 +#: src/config/SSSDConfig/sssdoptions.py:533 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:529 +#: src/config/SSSDConfig/sssdoptions.py:534 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:530 +#: src/config/SSSDConfig/sssdoptions.py:535 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:531 +#: src/config/SSSDConfig/sssdoptions.py:536 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:532 +#: src/config/SSSDConfig/sssdoptions.py:537 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:533 +#: src/config/SSSDConfig/sssdoptions.py:538 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:534 +#: src/config/SSSDConfig/sssdoptions.py:539 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:537 +#: src/config/SSSDConfig/sssdoptions.py:542 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:538 +#: src/config/SSSDConfig/sssdoptions.py:543 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:539 +#: src/config/SSSDConfig/sssdoptions.py:544 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:540 +#: src/config/SSSDConfig/sssdoptions.py:545 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:541 +#: src/config/SSSDConfig/sssdoptions.py:546 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:542 +#: src/config/SSSDConfig/sssdoptions.py:547 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:543 +#: src/config/SSSDConfig/sssdoptions.py:548 msgid "The name of the automount master map in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:546 +#: src/config/SSSDConfig/sssdoptions.py:551 msgid "Base DN for IP hosts lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:547 +#: src/config/SSSDConfig/sssdoptions.py:552 msgid "Object class for IP hosts" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:548 +#: src/config/SSSDConfig/sssdoptions.py:553 msgid "IP host name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:549 +#: src/config/SSSDConfig/sssdoptions.py:554 msgid "IP host number (address) attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:550 +#: src/config/SSSDConfig/sssdoptions.py:555 msgid "IP host entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:551 +#: src/config/SSSDConfig/sssdoptions.py:556 msgid "Base DN for IP networks lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:552 +#: src/config/SSSDConfig/sssdoptions.py:557 msgid "Object class for IP networks" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:553 +#: src/config/SSSDConfig/sssdoptions.py:558 msgid "IP network name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:554 +#: src/config/SSSDConfig/sssdoptions.py:559 msgid "IP network number (address) attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:555 +#: src/config/SSSDConfig/sssdoptions.py:560 msgid "IP network entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:558 +#: src/config/SSSDConfig/sssdoptions.py:563 msgid "Comma separated list of allowed users" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:559 +#: src/config/SSSDConfig/sssdoptions.py:564 msgid "Comma separated list of prohibited users" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:560 +#: src/config/SSSDConfig/sssdoptions.py:565 msgid "" "Comma separated list of groups that are allowed to log in. This applies only " "to groups within this SSSD domain. Local groups are not evaluated." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:562 +#: src/config/SSSDConfig/sssdoptions.py:567 msgid "" "Comma separated list of groups that are explicitly denied access. This " "applies only to groups within this SSSD domain. Local groups are not " "evaluated." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:566 +#: src/config/SSSDConfig/sssdoptions.py:571 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:569 +#: src/config/SSSDConfig/sssdoptions.py:574 msgid "The name of the NSS library to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:570 +#: src/config/SSSDConfig/sssdoptions.py:575 msgid "The name of the NSS library to use for hosts and networks lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:571 +#: src/config/SSSDConfig/sssdoptions.py:576 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:574 +#: src/config/SSSDConfig/sssdoptions.py:579 msgid "PAM stack to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:577 +#: src/config/SSSDConfig/sssdoptions.py:582 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:578 +#: src/config/SSSDConfig/sssdoptions.py:583 msgid "Path of group file sources." msgstr "" @@ -1897,76 +1915,72 @@ msgstr "" msgid "Can't read config: '%s'\n" msgstr "" -#: src/monitor/monitor.c:1953 +#: src/monitor/monitor.c:1956 #, c-format msgid "Failed to boostrap SSSD 'monitor' process: %s" msgstr "" -#: src/monitor/monitor.c:2050 +#: src/monitor/monitor.c:2053 msgid "Out of memory\n" msgstr "" -#: src/providers/krb5/krb5_child.c:4145 src/providers/ldap/ldap_child.c:994 -msgid "Allow core dumps" +#: src/providers/krb5/krb5_child.c:4113 src/providers/ldap/ldap_child.c:995 +msgid "Ignored, /proc/sys/fs/suid_dumpable setting is in force" msgstr "" -#: src/providers/krb5/krb5_child.c:4147 src/providers/ldap/ldap_child.c:996 -msgid "An open file descriptor for the debug logs" -msgstr "" - -#: src/providers/krb5/krb5_child.c:4150 -msgid "The user to create FAST ccache as" +#: src/providers/krb5/krb5_child.c:4115 src/providers/ldap/ldap_child.c:997 +msgid "Enable debug backtrace" msgstr "" -#: src/providers/krb5/krb5_child.c:4152 -msgid "The group to create FAST ccache as" +#: src/providers/krb5/krb5_child.c:4117 src/providers/ldap/ldap_child.c:999 +msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:4154 +#: src/providers/krb5/krb5_child.c:4120 msgid "Use anonymous PKINIT to request FAST armor ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:4156 +#: src/providers/krb5/krb5_child.c:4122 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:4158 +#: src/providers/krb5/krb5_child.c:4124 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:4160 +#: src/providers/krb5/krb5_child.c:4126 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:4162 +#: src/providers/krb5/krb5_child.c:4128 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:4165 +#: src/providers/krb5/krb5_child.c:4131 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:4167 +#: src/providers/krb5/krb5_child.c:4133 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/krb5/krb5_child.c:4169 +#: src/providers/krb5/krb5_child.c:4135 msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/krb5/krb5_child.c:4171 +#: src/providers/krb5/krb5_child.c:4137 msgid "Tevent chain ID used for logging purposes" msgstr "" -#: src/providers/krb5/krb5_child.c:4173 +#: src/providers/krb5/krb5_child.c:4139 msgid "Check PAC flags" msgstr "" -#: src/providers/krb5/krb5_child.c:4217 src/providers/ldap/ldap_child.c:1022 +#: src/providers/krb5/krb5_child.c:4187 src/providers/ldap/ldap_child.c:1029 msgid "talloc_asprintf failed.\n" msgstr "" -#: src/providers/krb5/krb5_child.c:4227 src/providers/ldap/ldap_child.c:1031 +#: src/providers/krb5/krb5_child.c:4197 src/providers/ldap/ldap_child.c:1038 msgid "set_debug_file_from_fd failed.\n" msgstr "" @@ -2130,7 +2144,7 @@ msgstr "" msgid "Current Password: " msgstr "Uneko pasahitza: " -#: src/sss_client/pam_sss.c:3147 +#: src/sss_client/pam_sss.c:3150 msgid "Password expired. Change your password now." msgstr "Pasahitza iraungita. Aldatu zure pasahitza orain." @@ -2794,24 +2808,28 @@ msgstr "" #: src/tools/sssctl/sssctl_config.c:120 #, c-format -msgid "Failed to read '%s': %s\n" +msgid "Configuration validation failed: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_config.c:129 +#: src/tools/sssctl/sssctl_config.c:121 +msgid "Run with high debug level to see details.\n" +msgstr "" + +#: src/tools/sssctl/sssctl_config.c:130 msgid "Failed to run validators" msgstr "" -#: src/tools/sssctl/sssctl_config.c:133 +#: src/tools/sssctl/sssctl_config.c:134 #, c-format msgid "Issues identified by validators: %zu\n" msgstr "" -#: src/tools/sssctl/sssctl_config.c:144 +#: src/tools/sssctl/sssctl_config.c:145 #, c-format msgid "Messages generated during configuration merging: %zu\n" msgstr "" -#: src/tools/sssctl/sssctl_config.c:157 +#: src/tools/sssctl/sssctl_config.c:158 #, c-format msgid "Used configuration snippet files: %zu\n" msgstr "" @@ -3302,11 +3320,11 @@ msgstr "" msgid " - no env -\n" msgstr "" -#: src/util/util.h:98 +#: src/util/util.h:91 msgid "Specify a non-default config file" msgstr "" -#: src/util/util.h:105 +#: src/util/util.h:98 msgid "Informs that the responder has been socket-activated" msgstr "" diff --git a/po/fi.po b/po/fi.po index fb31aa79ce4..343413f109e 100644 --- a/po/fi.po +++ b/po/fi.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2024-10-15 11:45+0200\n" +"POT-Creation-Date: 2024-12-10 14:35+0100\n" "PO-Revision-Date: 2024-05-08 19:36+0000\n" "Last-Translator: Weblate Translation Memory \n" @@ -604,1265 +604,1283 @@ msgid "Whether to automatically update the client's DNS entry" msgstr "" #: src/config/SSSDConfig/sssdoptions.py:200 -#: src/config/SSSDConfig/sssdoptions.py:233 +msgid "" +"Whether DNS update of A and AAAA record should be performed in one update or " +"in two separate updates" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:202 +#: src/config/SSSDConfig/sssdoptions.py:238 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:201 -#: src/config/SSSDConfig/sssdoptions.py:234 +#: src/config/SSSDConfig/sssdoptions.py:203 +#: src/config/SSSDConfig/sssdoptions.py:239 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:202 +#: src/config/SSSDConfig/sssdoptions.py:204 msgid "How often to periodically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:203 +#: src/config/SSSDConfig/sssdoptions.py:205 msgid "Maximum period deviation when updating the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:204 +#: src/config/SSSDConfig/sssdoptions.py:206 msgid "Whether the provider should explicitly update the PTR record as well" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:205 +#: src/config/SSSDConfig/sssdoptions.py:207 msgid "Whether the nsupdate utility should default to using TCP" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:206 +#: src/config/SSSDConfig/sssdoptions.py:208 msgid "What kind of authentication should be used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:207 +#: src/config/SSSDConfig/sssdoptions.py:209 msgid "Override the DNS server used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:208 +#: src/config/SSSDConfig/sssdoptions.py:210 +msgid "The file of the certificate authorities certificates for DoT" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:211 +msgid "The certificate(s) file for authentication for the DoT transport" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:212 +msgid "The key file for authenticated encryption for the DoT transport" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:213 msgid "Control enumeration of trusted domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:209 +#: src/config/SSSDConfig/sssdoptions.py:214 msgid "How often should subdomains list be refreshed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:210 +#: src/config/SSSDConfig/sssdoptions.py:215 msgid "Maximum period deviation when refreshing the subdomain list" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:211 +#: src/config/SSSDConfig/sssdoptions.py:216 msgid "List of options that should be inherited into a subdomain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:212 +#: src/config/SSSDConfig/sssdoptions.py:217 msgid "Default subdomain homedir value" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:213 +#: src/config/SSSDConfig/sssdoptions.py:218 msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:214 +#: src/config/SSSDConfig/sssdoptions.py:219 msgid "Whether to automatically create private groups for users" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:215 +#: src/config/SSSDConfig/sssdoptions.py:220 msgid "Display a warning N days before the password expires." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:216 +#: src/config/SSSDConfig/sssdoptions.py:221 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:217 +#: src/config/SSSDConfig/sssdoptions.py:222 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:219 +#: src/config/SSSDConfig/sssdoptions.py:224 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:221 +#: src/config/SSSDConfig/sssdoptions.py:226 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " "(long term password) must have to be saved as SHA512 hash into the cache." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:225 +#: src/config/SSSDConfig/sssdoptions.py:230 msgid "Local authentication methods policy " msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:228 +#: src/config/SSSDConfig/sssdoptions.py:233 msgid "IPA domain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:229 +#: src/config/SSSDConfig/sssdoptions.py:234 msgid "IPA server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:230 +#: src/config/SSSDConfig/sssdoptions.py:235 msgid "Address of backup IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:231 +#: src/config/SSSDConfig/sssdoptions.py:236 msgid "IPA client hostname" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:232 +#: src/config/SSSDConfig/sssdoptions.py:237 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:235 +#: src/config/SSSDConfig/sssdoptions.py:240 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:236 +#: src/config/SSSDConfig/sssdoptions.py:241 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:237 +#: src/config/SSSDConfig/sssdoptions.py:242 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:239 +#: src/config/SSSDConfig/sssdoptions.py:244 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:240 +#: src/config/SSSDConfig/sssdoptions.py:245 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:241 +#: src/config/SSSDConfig/sssdoptions.py:246 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:242 +#: src/config/SSSDConfig/sssdoptions.py:247 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:243 -#: src/config/SSSDConfig/sssdoptions.py:299 +#: src/config/SSSDConfig/sssdoptions.py:248 +#: src/config/SSSDConfig/sssdoptions.py:304 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:244 +#: src/config/SSSDConfig/sssdoptions.py:249 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:245 +#: src/config/SSSDConfig/sssdoptions.py:250 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:246 +#: src/config/SSSDConfig/sssdoptions.py:251 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:247 +#: src/config/SSSDConfig/sssdoptions.py:252 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:248 +#: src/config/SSSDConfig/sssdoptions.py:253 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:249 +#: src/config/SSSDConfig/sssdoptions.py:254 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:250 +#: src/config/SSSDConfig/sssdoptions.py:255 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:251 +#: src/config/SSSDConfig/sssdoptions.py:256 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:252 +#: src/config/SSSDConfig/sssdoptions.py:257 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:254 +#: src/config/SSSDConfig/sssdoptions.py:259 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:257 +#: src/config/SSSDConfig/sssdoptions.py:262 msgid "Search base for SUBID ranges" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:258 -#: src/config/SSSDConfig/sssdoptions.py:503 +#: src/config/SSSDConfig/sssdoptions.py:263 +#: src/config/SSSDConfig/sssdoptions.py:508 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:259 +#: src/config/SSSDConfig/sssdoptions.py:264 msgid "The LDAP attribute that contains FQDN of the host." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:260 -#: src/config/SSSDConfig/sssdoptions.py:283 +#: src/config/SSSDConfig/sssdoptions.py:265 +#: src/config/SSSDConfig/sssdoptions.py:288 msgid "The object class of a host entry in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:261 +#: src/config/SSSDConfig/sssdoptions.py:266 msgid "Use the given string as search base for host objects." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:262 +#: src/config/SSSDConfig/sssdoptions.py:267 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:263 +#: src/config/SSSDConfig/sssdoptions.py:268 msgid "The LDAP attribute that contains NIS domain name of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:264 +#: src/config/SSSDConfig/sssdoptions.py:269 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:265 +#: src/config/SSSDConfig/sssdoptions.py:270 msgid "" "The LDAP attribute that lists FQDNs of hosts and host groups that are " "members of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:267 +#: src/config/SSSDConfig/sssdoptions.py:272 msgid "" "The LDAP attribute that lists hosts and host groups that are direct members " "of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:269 +#: src/config/SSSDConfig/sssdoptions.py:274 msgid "The LDAP attribute that lists netgroup's memberships." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:270 +#: src/config/SSSDConfig/sssdoptions.py:275 msgid "" "The LDAP attribute that lists system users and groups that are direct " "members of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:272 +#: src/config/SSSDConfig/sssdoptions.py:277 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:273 +#: src/config/SSSDConfig/sssdoptions.py:278 msgid "The object class of a netgroup entry in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:274 +#: src/config/SSSDConfig/sssdoptions.py:279 msgid "" "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:275 +#: src/config/SSSDConfig/sssdoptions.py:280 msgid "" "The LDAP attribute that contains whether or not is user map enabled for " "usage." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:277 +#: src/config/SSSDConfig/sssdoptions.py:282 msgid "The LDAP attribute that contains host category such as 'all'." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:278 +#: src/config/SSSDConfig/sssdoptions.py:283 msgid "" "The LDAP attribute that contains all hosts / hostgroups this rule match " "against." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:280 +#: src/config/SSSDConfig/sssdoptions.py:285 msgid "" "The LDAP attribute that contains all users / groups this rule match against." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:282 +#: src/config/SSSDConfig/sssdoptions.py:287 msgid "The LDAP attribute that contains the name of SELinux usermap." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:284 +#: src/config/SSSDConfig/sssdoptions.py:289 msgid "" "The LDAP attribute that contains DN of HBAC rule which can be used for " "matching instead of memberUser and memberHost." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:286 +#: src/config/SSSDConfig/sssdoptions.py:291 msgid "The LDAP attribute that contains SELinux user string itself." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:287 +#: src/config/SSSDConfig/sssdoptions.py:292 msgid "The LDAP attribute that contains user category such as 'all'." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:288 +#: src/config/SSSDConfig/sssdoptions.py:293 msgid "The LDAP attribute that contains unique ID of the user map." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:289 +#: src/config/SSSDConfig/sssdoptions.py:294 msgid "" "The option denotes that the SSSD is running on IPA server and should perform " "lookups of users and groups from trusted domains differently." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:291 +#: src/config/SSSDConfig/sssdoptions.py:296 msgid "Use the given string as search base for trusted domains." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:294 +#: src/config/SSSDConfig/sssdoptions.py:299 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:295 +#: src/config/SSSDConfig/sssdoptions.py:300 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:296 +#: src/config/SSSDConfig/sssdoptions.py:301 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:297 +#: src/config/SSSDConfig/sssdoptions.py:302 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:298 +#: src/config/SSSDConfig/sssdoptions.py:303 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:300 -#: src/config/SSSDConfig/sssdoptions.py:501 +#: src/config/SSSDConfig/sssdoptions.py:305 +#: src/config/SSSDConfig/sssdoptions.py:506 msgid "LDAP filter to determine access privileges" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:301 +#: src/config/SSSDConfig/sssdoptions.py:306 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:302 +#: src/config/SSSDConfig/sssdoptions.py:307 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:303 +#: src/config/SSSDConfig/sssdoptions.py:308 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:304 +#: src/config/SSSDConfig/sssdoptions.py:309 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:306 +#: src/config/SSSDConfig/sssdoptions.py:311 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:308 +#: src/config/SSSDConfig/sssdoptions.py:313 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:309 +#: src/config/SSSDConfig/sssdoptions.py:314 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:310 +#: src/config/SSSDConfig/sssdoptions.py:315 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:311 +#: src/config/SSSDConfig/sssdoptions.py:316 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:312 +#: src/config/SSSDConfig/sssdoptions.py:317 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:313 +#: src/config/SSSDConfig/sssdoptions.py:318 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:314 +#: src/config/SSSDConfig/sssdoptions.py:319 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:315 +#: src/config/SSSDConfig/sssdoptions.py:320 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:317 +#: src/config/SSSDConfig/sssdoptions.py:322 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:318 +#: src/config/SSSDConfig/sssdoptions.py:323 msgid "Whether to update the machine account password in the Samba database" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:320 +#: src/config/SSSDConfig/sssdoptions.py:325 msgid "Use LDAPS port for LDAP and Global Catalog requests" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:321 +#: src/config/SSSDConfig/sssdoptions.py:326 msgid "Do not filter domain local groups from other domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:324 -#: src/config/SSSDConfig/sssdoptions.py:325 +#: src/config/SSSDConfig/sssdoptions.py:329 +#: src/config/SSSDConfig/sssdoptions.py:330 msgid "Kerberos server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:326 +#: src/config/SSSDConfig/sssdoptions.py:331 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:327 +#: src/config/SSSDConfig/sssdoptions.py:332 msgid "Kerberos realm" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:328 +#: src/config/SSSDConfig/sssdoptions.py:333 msgid "Authentication timeout" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:329 +#: src/config/SSSDConfig/sssdoptions.py:334 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:330 +#: src/config/SSSDConfig/sssdoptions.py:335 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:333 +#: src/config/SSSDConfig/sssdoptions.py:338 msgid "Directory to store credential caches" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:334 +#: src/config/SSSDConfig/sssdoptions.py:339 msgid "Location of the user's credential cache" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:335 +#: src/config/SSSDConfig/sssdoptions.py:340 msgid "Location of the keytab to validate credentials" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:336 +#: src/config/SSSDConfig/sssdoptions.py:341 msgid "Enable credential validation" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:337 +#: src/config/SSSDConfig/sssdoptions.py:342 msgid "Store password if offline for later online authentication" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:338 +#: src/config/SSSDConfig/sssdoptions.py:343 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:339 +#: src/config/SSSDConfig/sssdoptions.py:344 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:340 +#: src/config/SSSDConfig/sssdoptions.py:345 msgid "Time between two checks for renewal" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:341 +#: src/config/SSSDConfig/sssdoptions.py:346 msgid "Enables FAST" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:342 +#: src/config/SSSDConfig/sssdoptions.py:347 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:343 +#: src/config/SSSDConfig/sssdoptions.py:348 msgid "Use anonymous PKINIT to request FAST credentials" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:344 +#: src/config/SSSDConfig/sssdoptions.py:349 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:345 +#: src/config/SSSDConfig/sssdoptions.py:350 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:346 +#: src/config/SSSDConfig/sssdoptions.py:351 msgid "Enables using of subdomains realms for authentication" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:347 +#: src/config/SSSDConfig/sssdoptions.py:352 msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:350 -#: src/config/SSSDConfig/sssdoptions.py:351 +#: src/config/SSSDConfig/sssdoptions.py:355 +#: src/config/SSSDConfig/sssdoptions.py:356 msgid "Server where the change password service is running if not on the KDC" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:354 +#: src/config/SSSDConfig/sssdoptions.py:359 msgid "ldap_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:355 +#: src/config/SSSDConfig/sssdoptions.py:360 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:356 +#: src/config/SSSDConfig/sssdoptions.py:361 msgid "The default base DN" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:357 +#: src/config/SSSDConfig/sssdoptions.py:362 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:358 +#: src/config/SSSDConfig/sssdoptions.py:363 msgid "Mode used to change user password" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:359 +#: src/config/SSSDConfig/sssdoptions.py:364 msgid "The default bind DN" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:360 +#: src/config/SSSDConfig/sssdoptions.py:365 msgid "The type of the authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:361 +#: src/config/SSSDConfig/sssdoptions.py:366 msgid "The authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:362 +#: src/config/SSSDConfig/sssdoptions.py:367 msgid "Length of time to attempt connection" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:363 +#: src/config/SSSDConfig/sssdoptions.py:368 msgid "Length of time to attempt synchronous LDAP operations" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:364 +#: src/config/SSSDConfig/sssdoptions.py:369 msgid "Length of time between attempts to reconnect while offline" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:365 +#: src/config/SSSDConfig/sssdoptions.py:370 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:366 +#: src/config/SSSDConfig/sssdoptions.py:371 msgid "File that contains CA certificates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:367 +#: src/config/SSSDConfig/sssdoptions.py:372 msgid "Path to CA certificate directory" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:368 +#: src/config/SSSDConfig/sssdoptions.py:373 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:369 +#: src/config/SSSDConfig/sssdoptions.py:374 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:370 +#: src/config/SSSDConfig/sssdoptions.py:375 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:371 +#: src/config/SSSDConfig/sssdoptions.py:376 msgid "Require TLS certificate verification" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:372 +#: src/config/SSSDConfig/sssdoptions.py:377 msgid "Specify the sasl mechanism to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:373 +#: src/config/SSSDConfig/sssdoptions.py:378 msgid "Specify the sasl authorization id to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:374 +#: src/config/SSSDConfig/sssdoptions.py:379 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:375 +#: src/config/SSSDConfig/sssdoptions.py:380 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:376 +#: src/config/SSSDConfig/sssdoptions.py:381 msgid "Specify the maximal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:377 +#: src/config/SSSDConfig/sssdoptions.py:382 msgid "Kerberos service keytab" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:378 +#: src/config/SSSDConfig/sssdoptions.py:383 msgid "Use Kerberos auth for LDAP connection" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:379 +#: src/config/SSSDConfig/sssdoptions.py:384 msgid "Follow LDAP referrals" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:380 +#: src/config/SSSDConfig/sssdoptions.py:385 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:381 +#: src/config/SSSDConfig/sssdoptions.py:386 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:382 +#: src/config/SSSDConfig/sssdoptions.py:387 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:383 +#: src/config/SSSDConfig/sssdoptions.py:388 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:384 +#: src/config/SSSDConfig/sssdoptions.py:389 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:385 +#: src/config/SSSDConfig/sssdoptions.py:390 msgid "Ignore unreadable LDAP references" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:386 +#: src/config/SSSDConfig/sssdoptions.py:391 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:388 +#: src/config/SSSDConfig/sssdoptions.py:393 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:391 +#: src/config/SSSDConfig/sssdoptions.py:396 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:392 +#: src/config/SSSDConfig/sssdoptions.py:397 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:394 +#: src/config/SSSDConfig/sssdoptions.py:399 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:397 +#: src/config/SSSDConfig/sssdoptions.py:402 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:398 +#: src/config/SSSDConfig/sssdoptions.py:403 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:399 +#: src/config/SSSDConfig/sssdoptions.py:404 msgid "Use the ppolicy extension" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:400 +#: src/config/SSSDConfig/sssdoptions.py:405 msgid "" "Force a password change when remaining grace logins reach or go below this " "threshold" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:403 +#: src/config/SSSDConfig/sssdoptions.py:408 msgid "Length of time to wait for a search request" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:404 +#: src/config/SSSDConfig/sssdoptions.py:409 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:405 +#: src/config/SSSDConfig/sssdoptions.py:410 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:406 +#: src/config/SSSDConfig/sssdoptions.py:411 msgid "Maximum period deviation between enumeration updates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:407 +#: src/config/SSSDConfig/sssdoptions.py:412 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:408 +#: src/config/SSSDConfig/sssdoptions.py:413 msgid "Maximum time deviation between cache cleanups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:409 +#: src/config/SSSDConfig/sssdoptions.py:414 msgid "Require TLS for ID lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:410 +#: src/config/SSSDConfig/sssdoptions.py:415 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:411 +#: src/config/SSSDConfig/sssdoptions.py:416 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:412 +#: src/config/SSSDConfig/sssdoptions.py:417 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:413 +#: src/config/SSSDConfig/sssdoptions.py:418 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:414 +#: src/config/SSSDConfig/sssdoptions.py:419 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:415 +#: src/config/SSSDConfig/sssdoptions.py:420 msgid "Username attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:416 +#: src/config/SSSDConfig/sssdoptions.py:421 msgid "UID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:417 +#: src/config/SSSDConfig/sssdoptions.py:422 msgid "Primary GID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:418 +#: src/config/SSSDConfig/sssdoptions.py:423 msgid "GECOS attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:419 +#: src/config/SSSDConfig/sssdoptions.py:424 msgid "Home directory attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:420 +#: src/config/SSSDConfig/sssdoptions.py:425 msgid "Shell attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:421 +#: src/config/SSSDConfig/sssdoptions.py:426 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:422 -#: src/config/SSSDConfig/sssdoptions.py:461 +#: src/config/SSSDConfig/sssdoptions.py:427 +#: src/config/SSSDConfig/sssdoptions.py:466 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:423 +#: src/config/SSSDConfig/sssdoptions.py:428 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:424 +#: src/config/SSSDConfig/sssdoptions.py:429 msgid "User principal attribute (for Kerberos)" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:425 +#: src/config/SSSDConfig/sssdoptions.py:430 msgid "Full Name" msgstr "Koko nimi" -#: src/config/SSSDConfig/sssdoptions.py:426 +#: src/config/SSSDConfig/sssdoptions.py:431 msgid "memberOf attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:427 +#: src/config/SSSDConfig/sssdoptions.py:432 msgid "Modification time attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:428 +#: src/config/SSSDConfig/sssdoptions.py:433 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:429 +#: src/config/SSSDConfig/sssdoptions.py:434 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:430 +#: src/config/SSSDConfig/sssdoptions.py:435 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:431 +#: src/config/SSSDConfig/sssdoptions.py:436 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:432 +#: src/config/SSSDConfig/sssdoptions.py:437 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:433 +#: src/config/SSSDConfig/sssdoptions.py:438 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:434 +#: src/config/SSSDConfig/sssdoptions.py:439 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:435 +#: src/config/SSSDConfig/sssdoptions.py:440 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:436 +#: src/config/SSSDConfig/sssdoptions.py:441 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:437 +#: src/config/SSSDConfig/sssdoptions.py:442 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:438 +#: src/config/SSSDConfig/sssdoptions.py:443 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:439 +#: src/config/SSSDConfig/sssdoptions.py:444 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:440 +#: src/config/SSSDConfig/sssdoptions.py:445 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:441 +#: src/config/SSSDConfig/sssdoptions.py:446 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:442 +#: src/config/SSSDConfig/sssdoptions.py:447 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:443 +#: src/config/SSSDConfig/sssdoptions.py:448 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:444 +#: src/config/SSSDConfig/sssdoptions.py:449 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:445 +#: src/config/SSSDConfig/sssdoptions.py:450 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:446 +#: src/config/SSSDConfig/sssdoptions.py:451 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:447 +#: src/config/SSSDConfig/sssdoptions.py:452 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:448 +#: src/config/SSSDConfig/sssdoptions.py:453 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:449 +#: src/config/SSSDConfig/sssdoptions.py:454 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:450 +#: src/config/SSSDConfig/sssdoptions.py:455 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:451 +#: src/config/SSSDConfig/sssdoptions.py:456 msgid "attribute containing the passkey mapping data of the user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:452 +#: src/config/SSSDConfig/sssdoptions.py:457 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:454 +#: src/config/SSSDConfig/sssdoptions.py:459 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:455 +#: src/config/SSSDConfig/sssdoptions.py:460 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:456 +#: src/config/SSSDConfig/sssdoptions.py:461 msgid "Group name" msgstr "Ryhmän nimi" -#: src/config/SSSDConfig/sssdoptions.py:457 +#: src/config/SSSDConfig/sssdoptions.py:462 msgid "Group password" msgstr "Ryhmän salasana" -#: src/config/SSSDConfig/sssdoptions.py:458 +#: src/config/SSSDConfig/sssdoptions.py:463 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:459 +#: src/config/SSSDConfig/sssdoptions.py:464 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:460 +#: src/config/SSSDConfig/sssdoptions.py:465 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:462 +#: src/config/SSSDConfig/sssdoptions.py:467 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:463 +#: src/config/SSSDConfig/sssdoptions.py:468 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:464 +#: src/config/SSSDConfig/sssdoptions.py:469 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:465 +#: src/config/SSSDConfig/sssdoptions.py:470 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:466 +#: src/config/SSSDConfig/sssdoptions.py:471 msgid "Filter for group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:467 +#: src/config/SSSDConfig/sssdoptions.py:472 msgid "Scope of group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:469 +#: src/config/SSSDConfig/sssdoptions.py:474 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:470 +#: src/config/SSSDConfig/sssdoptions.py:475 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:471 +#: src/config/SSSDConfig/sssdoptions.py:476 msgid "Netgroup name" msgstr "Verkkoryhmän nimi" -#: src/config/SSSDConfig/sssdoptions.py:472 +#: src/config/SSSDConfig/sssdoptions.py:477 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:473 +#: src/config/SSSDConfig/sssdoptions.py:478 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:474 +#: src/config/SSSDConfig/sssdoptions.py:479 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:476 +#: src/config/SSSDConfig/sssdoptions.py:481 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:477 +#: src/config/SSSDConfig/sssdoptions.py:482 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:478 +#: src/config/SSSDConfig/sssdoptions.py:483 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:479 +#: src/config/SSSDConfig/sssdoptions.py:484 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:480 +#: src/config/SSSDConfig/sssdoptions.py:485 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:482 +#: src/config/SSSDConfig/sssdoptions.py:487 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:483 +#: src/config/SSSDConfig/sssdoptions.py:488 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:484 +#: src/config/SSSDConfig/sssdoptions.py:489 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:485 +#: src/config/SSSDConfig/sssdoptions.py:490 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:486 +#: src/config/SSSDConfig/sssdoptions.py:491 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:487 +#: src/config/SSSDConfig/sssdoptions.py:492 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:488 +#: src/config/SSSDConfig/sssdoptions.py:493 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:490 +#: src/config/SSSDConfig/sssdoptions.py:495 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:491 +#: src/config/SSSDConfig/sssdoptions.py:496 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:492 +#: src/config/SSSDConfig/sssdoptions.py:497 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:493 +#: src/config/SSSDConfig/sssdoptions.py:498 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:494 +#: src/config/SSSDConfig/sssdoptions.py:499 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:495 +#: src/config/SSSDConfig/sssdoptions.py:500 msgid "Set libldap debug level" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:498 +#: src/config/SSSDConfig/sssdoptions.py:503 msgid "Policy to evaluate the password expiration" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:502 +#: src/config/SSSDConfig/sssdoptions.py:507 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:506 +#: src/config/SSSDConfig/sssdoptions.py:511 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:507 +#: src/config/SSSDConfig/sssdoptions.py:512 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:508 +#: src/config/SSSDConfig/sssdoptions.py:513 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:509 +#: src/config/SSSDConfig/sssdoptions.py:514 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:513 +#: src/config/SSSDConfig/sssdoptions.py:518 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:514 +#: src/config/SSSDConfig/sssdoptions.py:519 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:515 +#: src/config/SSSDConfig/sssdoptions.py:520 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:516 +#: src/config/SSSDConfig/sssdoptions.py:521 msgid "Smart and full refresh random offset" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:517 +#: src/config/SSSDConfig/sssdoptions.py:522 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:518 +#: src/config/SSSDConfig/sssdoptions.py:523 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:519 +#: src/config/SSSDConfig/sssdoptions.py:524 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:520 +#: src/config/SSSDConfig/sssdoptions.py:525 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:521 +#: src/config/SSSDConfig/sssdoptions.py:526 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:522 +#: src/config/SSSDConfig/sssdoptions.py:527 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:523 +#: src/config/SSSDConfig/sssdoptions.py:528 msgid "Name of attribute that is used as object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:524 +#: src/config/SSSDConfig/sssdoptions.py:529 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:525 +#: src/config/SSSDConfig/sssdoptions.py:530 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:526 +#: src/config/SSSDConfig/sssdoptions.py:531 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:527 +#: src/config/SSSDConfig/sssdoptions.py:532 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:528 +#: src/config/SSSDConfig/sssdoptions.py:533 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:529 +#: src/config/SSSDConfig/sssdoptions.py:534 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:530 +#: src/config/SSSDConfig/sssdoptions.py:535 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:531 +#: src/config/SSSDConfig/sssdoptions.py:536 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:532 +#: src/config/SSSDConfig/sssdoptions.py:537 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:533 +#: src/config/SSSDConfig/sssdoptions.py:538 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:534 +#: src/config/SSSDConfig/sssdoptions.py:539 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:537 +#: src/config/SSSDConfig/sssdoptions.py:542 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:538 +#: src/config/SSSDConfig/sssdoptions.py:543 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:539 +#: src/config/SSSDConfig/sssdoptions.py:544 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:540 +#: src/config/SSSDConfig/sssdoptions.py:545 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:541 +#: src/config/SSSDConfig/sssdoptions.py:546 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:542 +#: src/config/SSSDConfig/sssdoptions.py:547 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:543 +#: src/config/SSSDConfig/sssdoptions.py:548 msgid "The name of the automount master map in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:546 +#: src/config/SSSDConfig/sssdoptions.py:551 msgid "Base DN for IP hosts lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:547 +#: src/config/SSSDConfig/sssdoptions.py:552 msgid "Object class for IP hosts" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:548 +#: src/config/SSSDConfig/sssdoptions.py:553 msgid "IP host name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:549 +#: src/config/SSSDConfig/sssdoptions.py:554 msgid "IP host number (address) attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:550 +#: src/config/SSSDConfig/sssdoptions.py:555 msgid "IP host entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:551 +#: src/config/SSSDConfig/sssdoptions.py:556 msgid "Base DN for IP networks lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:552 +#: src/config/SSSDConfig/sssdoptions.py:557 msgid "Object class for IP networks" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:553 +#: src/config/SSSDConfig/sssdoptions.py:558 msgid "IP network name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:554 +#: src/config/SSSDConfig/sssdoptions.py:559 msgid "IP network number (address) attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:555 +#: src/config/SSSDConfig/sssdoptions.py:560 msgid "IP network entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:558 +#: src/config/SSSDConfig/sssdoptions.py:563 msgid "Comma separated list of allowed users" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:559 +#: src/config/SSSDConfig/sssdoptions.py:564 msgid "Comma separated list of prohibited users" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:560 +#: src/config/SSSDConfig/sssdoptions.py:565 msgid "" "Comma separated list of groups that are allowed to log in. This applies only " "to groups within this SSSD domain. Local groups are not evaluated." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:562 +#: src/config/SSSDConfig/sssdoptions.py:567 msgid "" "Comma separated list of groups that are explicitly denied access. This " "applies only to groups within this SSSD domain. Local groups are not " "evaluated." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:566 +#: src/config/SSSDConfig/sssdoptions.py:571 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:569 +#: src/config/SSSDConfig/sssdoptions.py:574 msgid "The name of the NSS library to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:570 +#: src/config/SSSDConfig/sssdoptions.py:575 msgid "The name of the NSS library to use for hosts and networks lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:571 +#: src/config/SSSDConfig/sssdoptions.py:576 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:574 +#: src/config/SSSDConfig/sssdoptions.py:579 msgid "PAM stack to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:577 +#: src/config/SSSDConfig/sssdoptions.py:582 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:578 +#: src/config/SSSDConfig/sssdoptions.py:583 msgid "Path of group file sources." msgstr "" @@ -1916,76 +1934,73 @@ msgstr "" msgid "Can't read config: '%s'\n" msgstr "" -#: src/monitor/monitor.c:1953 +#: src/monitor/monitor.c:1956 #, c-format msgid "Failed to boostrap SSSD 'monitor' process: %s" msgstr "" -#: src/monitor/monitor.c:2050 +#: src/monitor/monitor.c:2053 msgid "Out of memory\n" msgstr "Muisti loppui!\n" -#: src/providers/krb5/krb5_child.c:4145 src/providers/ldap/ldap_child.c:994 -msgid "Allow core dumps" -msgstr "" - -#: src/providers/krb5/krb5_child.c:4147 src/providers/ldap/ldap_child.c:996 -msgid "An open file descriptor for the debug logs" +#: src/providers/krb5/krb5_child.c:4113 src/providers/ldap/ldap_child.c:995 +msgid "Ignored, /proc/sys/fs/suid_dumpable setting is in force" msgstr "" -#: src/providers/krb5/krb5_child.c:4150 -msgid "The user to create FAST ccache as" -msgstr "" +#: src/providers/krb5/krb5_child.c:4115 src/providers/ldap/ldap_child.c:997 +#, fuzzy +msgid "Enable debug backtrace" +msgstr "Ota käyttöön/poista käytöstä virheenjäljitys" -#: src/providers/krb5/krb5_child.c:4152 -msgid "The group to create FAST ccache as" +#: src/providers/krb5/krb5_child.c:4117 src/providers/ldap/ldap_child.c:999 +msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:4154 +#: src/providers/krb5/krb5_child.c:4120 msgid "Use anonymous PKINIT to request FAST armor ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:4156 +#: src/providers/krb5/krb5_child.c:4122 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:4158 +#: src/providers/krb5/krb5_child.c:4124 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:4160 +#: src/providers/krb5/krb5_child.c:4126 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:4162 +#: src/providers/krb5/krb5_child.c:4128 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:4165 +#: src/providers/krb5/krb5_child.c:4131 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:4167 +#: src/providers/krb5/krb5_child.c:4133 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/krb5/krb5_child.c:4169 +#: src/providers/krb5/krb5_child.c:4135 msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/krb5/krb5_child.c:4171 +#: src/providers/krb5/krb5_child.c:4137 msgid "Tevent chain ID used for logging purposes" msgstr "" -#: src/providers/krb5/krb5_child.c:4173 +#: src/providers/krb5/krb5_child.c:4139 msgid "Check PAC flags" msgstr "" -#: src/providers/krb5/krb5_child.c:4217 src/providers/ldap/ldap_child.c:1022 +#: src/providers/krb5/krb5_child.c:4187 src/providers/ldap/ldap_child.c:1029 msgid "talloc_asprintf failed.\n" msgstr "" -#: src/providers/krb5/krb5_child.c:4227 src/providers/ldap/ldap_child.c:1031 +#: src/providers/krb5/krb5_child.c:4197 src/providers/ldap/ldap_child.c:1038 msgid "set_debug_file_from_fd failed.\n" msgstr "" @@ -2149,7 +2164,7 @@ msgstr "" msgid "Current Password: " msgstr "Nykyinen salasana: " -#: src/sss_client/pam_sss.c:3147 +#: src/sss_client/pam_sss.c:3150 msgid "Password expired. Change your password now." msgstr "" @@ -2813,24 +2828,28 @@ msgstr "" #: src/tools/sssctl/sssctl_config.c:120 #, c-format -msgid "Failed to read '%s': %s\n" -msgstr "tiedoston %s lukeminen epäonnistui: %s\n" +msgid "Configuration validation failed: %s\n" +msgstr "" + +#: src/tools/sssctl/sssctl_config.c:121 +msgid "Run with high debug level to see details.\n" +msgstr "" -#: src/tools/sssctl/sssctl_config.c:129 +#: src/tools/sssctl/sssctl_config.c:130 msgid "Failed to run validators" msgstr "" -#: src/tools/sssctl/sssctl_config.c:133 +#: src/tools/sssctl/sssctl_config.c:134 #, c-format msgid "Issues identified by validators: %zu\n" msgstr "" -#: src/tools/sssctl/sssctl_config.c:144 +#: src/tools/sssctl/sssctl_config.c:145 #, c-format msgid "Messages generated during configuration merging: %zu\n" msgstr "" -#: src/tools/sssctl/sssctl_config.c:157 +#: src/tools/sssctl/sssctl_config.c:158 #, c-format msgid "Used configuration snippet files: %zu\n" msgstr "" @@ -3319,14 +3338,18 @@ msgstr "" msgid " - no env -\n" msgstr "" -#: src/util/util.h:98 +#: src/util/util.h:91 msgid "Specify a non-default config file" msgstr "" -#: src/util/util.h:105 +#: src/util/util.h:98 msgid "Informs that the responder has been socket-activated" msgstr "" +#, c-format +#~ msgid "Failed to read '%s': %s\n" +#~ msgstr "tiedoston %s lukeminen epäonnistui: %s\n" + #~ msgid "Number of times to attempt connection to Data Providers" #~ msgstr "Kuinka monta kertaa yritetään muodostaa yhteys tietojen tarjoajiin" diff --git a/po/fr.po b/po/fr.po index e0c006f5083..00db1a7b4c5 100644 --- a/po/fr.po +++ b/po/fr.po @@ -19,7 +19,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2024-10-15 11:45+0200\n" +"POT-Creation-Date: 2024-12-10 14:35+0100\n" "PO-Revision-Date: 2024-09-02 11:38+0000\n" "Last-Translator: Léane GRASSER \n" "Language-Team: French \n" "Language-Team: Hungarian (http://www.transifex.com/projects/p/sssd/language/" @@ -588,1265 +588,1284 @@ msgid "Whether to automatically update the client's DNS entry" msgstr "" #: src/config/SSSDConfig/sssdoptions.py:200 -#: src/config/SSSDConfig/sssdoptions.py:233 +msgid "" +"Whether DNS update of A and AAAA record should be performed in one update or " +"in two separate updates" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:202 +#: src/config/SSSDConfig/sssdoptions.py:238 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:201 -#: src/config/SSSDConfig/sssdoptions.py:234 +#: src/config/SSSDConfig/sssdoptions.py:203 +#: src/config/SSSDConfig/sssdoptions.py:239 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:202 +#: src/config/SSSDConfig/sssdoptions.py:204 msgid "How often to periodically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:203 +#: src/config/SSSDConfig/sssdoptions.py:205 msgid "Maximum period deviation when updating the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:204 +#: src/config/SSSDConfig/sssdoptions.py:206 msgid "Whether the provider should explicitly update the PTR record as well" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:205 +#: src/config/SSSDConfig/sssdoptions.py:207 msgid "Whether the nsupdate utility should default to using TCP" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:206 +#: src/config/SSSDConfig/sssdoptions.py:208 msgid "What kind of authentication should be used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:207 +#: src/config/SSSDConfig/sssdoptions.py:209 msgid "Override the DNS server used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:208 +#: src/config/SSSDConfig/sssdoptions.py:210 +msgid "The file of the certificate authorities certificates for DoT" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:211 +#, fuzzy +msgid "The certificate(s) file for authentication for the DoT transport" +msgstr "TLS tanusítvány ellenőrzése" + +#: src/config/SSSDConfig/sssdoptions.py:212 +msgid "The key file for authenticated encryption for the DoT transport" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:213 msgid "Control enumeration of trusted domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:209 +#: src/config/SSSDConfig/sssdoptions.py:214 msgid "How often should subdomains list be refreshed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:210 +#: src/config/SSSDConfig/sssdoptions.py:215 msgid "Maximum period deviation when refreshing the subdomain list" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:211 +#: src/config/SSSDConfig/sssdoptions.py:216 msgid "List of options that should be inherited into a subdomain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:212 +#: src/config/SSSDConfig/sssdoptions.py:217 msgid "Default subdomain homedir value" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:213 +#: src/config/SSSDConfig/sssdoptions.py:218 msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:214 +#: src/config/SSSDConfig/sssdoptions.py:219 msgid "Whether to automatically create private groups for users" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:215 +#: src/config/SSSDConfig/sssdoptions.py:220 msgid "Display a warning N days before the password expires." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:216 +#: src/config/SSSDConfig/sssdoptions.py:221 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:217 +#: src/config/SSSDConfig/sssdoptions.py:222 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:219 +#: src/config/SSSDConfig/sssdoptions.py:224 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:221 +#: src/config/SSSDConfig/sssdoptions.py:226 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " "(long term password) must have to be saved as SHA512 hash into the cache." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:225 +#: src/config/SSSDConfig/sssdoptions.py:230 msgid "Local authentication methods policy " msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:228 +#: src/config/SSSDConfig/sssdoptions.py:233 msgid "IPA domain" msgstr "IPA-tartomány" -#: src/config/SSSDConfig/sssdoptions.py:229 +#: src/config/SSSDConfig/sssdoptions.py:234 msgid "IPA server address" msgstr "IPA kiszolgáló címe" -#: src/config/SSSDConfig/sssdoptions.py:230 +#: src/config/SSSDConfig/sssdoptions.py:235 msgid "Address of backup IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:231 +#: src/config/SSSDConfig/sssdoptions.py:236 msgid "IPA client hostname" msgstr "IPA kliens hosztneve" -#: src/config/SSSDConfig/sssdoptions.py:232 +#: src/config/SSSDConfig/sssdoptions.py:237 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:235 +#: src/config/SSSDConfig/sssdoptions.py:240 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:236 +#: src/config/SSSDConfig/sssdoptions.py:241 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:237 +#: src/config/SSSDConfig/sssdoptions.py:242 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:239 +#: src/config/SSSDConfig/sssdoptions.py:244 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:240 +#: src/config/SSSDConfig/sssdoptions.py:245 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:241 +#: src/config/SSSDConfig/sssdoptions.py:246 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:242 +#: src/config/SSSDConfig/sssdoptions.py:247 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:243 -#: src/config/SSSDConfig/sssdoptions.py:299 +#: src/config/SSSDConfig/sssdoptions.py:248 +#: src/config/SSSDConfig/sssdoptions.py:304 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:244 +#: src/config/SSSDConfig/sssdoptions.py:249 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:245 +#: src/config/SSSDConfig/sssdoptions.py:250 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:246 +#: src/config/SSSDConfig/sssdoptions.py:251 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:247 +#: src/config/SSSDConfig/sssdoptions.py:252 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:248 +#: src/config/SSSDConfig/sssdoptions.py:253 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:249 +#: src/config/SSSDConfig/sssdoptions.py:254 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:250 +#: src/config/SSSDConfig/sssdoptions.py:255 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:251 +#: src/config/SSSDConfig/sssdoptions.py:256 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:252 +#: src/config/SSSDConfig/sssdoptions.py:257 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:254 +#: src/config/SSSDConfig/sssdoptions.py:259 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:257 +#: src/config/SSSDConfig/sssdoptions.py:262 msgid "Search base for SUBID ranges" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:258 -#: src/config/SSSDConfig/sssdoptions.py:503 +#: src/config/SSSDConfig/sssdoptions.py:263 +#: src/config/SSSDConfig/sssdoptions.py:508 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:259 +#: src/config/SSSDConfig/sssdoptions.py:264 msgid "The LDAP attribute that contains FQDN of the host." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:260 -#: src/config/SSSDConfig/sssdoptions.py:283 +#: src/config/SSSDConfig/sssdoptions.py:265 +#: src/config/SSSDConfig/sssdoptions.py:288 msgid "The object class of a host entry in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:261 +#: src/config/SSSDConfig/sssdoptions.py:266 msgid "Use the given string as search base for host objects." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:262 +#: src/config/SSSDConfig/sssdoptions.py:267 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:263 +#: src/config/SSSDConfig/sssdoptions.py:268 msgid "The LDAP attribute that contains NIS domain name of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:264 +#: src/config/SSSDConfig/sssdoptions.py:269 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:265 +#: src/config/SSSDConfig/sssdoptions.py:270 msgid "" "The LDAP attribute that lists FQDNs of hosts and host groups that are " "members of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:267 +#: src/config/SSSDConfig/sssdoptions.py:272 msgid "" "The LDAP attribute that lists hosts and host groups that are direct members " "of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:269 +#: src/config/SSSDConfig/sssdoptions.py:274 msgid "The LDAP attribute that lists netgroup's memberships." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:270 +#: src/config/SSSDConfig/sssdoptions.py:275 msgid "" "The LDAP attribute that lists system users and groups that are direct " "members of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:272 +#: src/config/SSSDConfig/sssdoptions.py:277 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:273 +#: src/config/SSSDConfig/sssdoptions.py:278 msgid "The object class of a netgroup entry in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:274 +#: src/config/SSSDConfig/sssdoptions.py:279 msgid "" "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:275 +#: src/config/SSSDConfig/sssdoptions.py:280 msgid "" "The LDAP attribute that contains whether or not is user map enabled for " "usage." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:277 +#: src/config/SSSDConfig/sssdoptions.py:282 msgid "The LDAP attribute that contains host category such as 'all'." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:278 +#: src/config/SSSDConfig/sssdoptions.py:283 msgid "" "The LDAP attribute that contains all hosts / hostgroups this rule match " "against." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:280 +#: src/config/SSSDConfig/sssdoptions.py:285 msgid "" "The LDAP attribute that contains all users / groups this rule match against." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:282 +#: src/config/SSSDConfig/sssdoptions.py:287 msgid "The LDAP attribute that contains the name of SELinux usermap." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:284 +#: src/config/SSSDConfig/sssdoptions.py:289 msgid "" "The LDAP attribute that contains DN of HBAC rule which can be used for " "matching instead of memberUser and memberHost." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:286 +#: src/config/SSSDConfig/sssdoptions.py:291 msgid "The LDAP attribute that contains SELinux user string itself." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:287 +#: src/config/SSSDConfig/sssdoptions.py:292 msgid "The LDAP attribute that contains user category such as 'all'." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:288 +#: src/config/SSSDConfig/sssdoptions.py:293 msgid "The LDAP attribute that contains unique ID of the user map." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:289 +#: src/config/SSSDConfig/sssdoptions.py:294 msgid "" "The option denotes that the SSSD is running on IPA server and should perform " "lookups of users and groups from trusted domains differently." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:291 +#: src/config/SSSDConfig/sssdoptions.py:296 msgid "Use the given string as search base for trusted domains." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:294 +#: src/config/SSSDConfig/sssdoptions.py:299 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:295 +#: src/config/SSSDConfig/sssdoptions.py:300 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:296 +#: src/config/SSSDConfig/sssdoptions.py:301 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:297 +#: src/config/SSSDConfig/sssdoptions.py:302 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:298 +#: src/config/SSSDConfig/sssdoptions.py:303 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:300 -#: src/config/SSSDConfig/sssdoptions.py:501 +#: src/config/SSSDConfig/sssdoptions.py:305 +#: src/config/SSSDConfig/sssdoptions.py:506 msgid "LDAP filter to determine access privileges" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:301 +#: src/config/SSSDConfig/sssdoptions.py:306 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:302 +#: src/config/SSSDConfig/sssdoptions.py:307 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:303 +#: src/config/SSSDConfig/sssdoptions.py:308 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:304 +#: src/config/SSSDConfig/sssdoptions.py:309 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:306 +#: src/config/SSSDConfig/sssdoptions.py:311 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:308 +#: src/config/SSSDConfig/sssdoptions.py:313 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:309 +#: src/config/SSSDConfig/sssdoptions.py:314 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:310 +#: src/config/SSSDConfig/sssdoptions.py:315 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:311 +#: src/config/SSSDConfig/sssdoptions.py:316 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:312 +#: src/config/SSSDConfig/sssdoptions.py:317 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:313 +#: src/config/SSSDConfig/sssdoptions.py:318 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:314 +#: src/config/SSSDConfig/sssdoptions.py:319 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:315 +#: src/config/SSSDConfig/sssdoptions.py:320 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:317 +#: src/config/SSSDConfig/sssdoptions.py:322 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:318 +#: src/config/SSSDConfig/sssdoptions.py:323 msgid "Whether to update the machine account password in the Samba database" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:320 +#: src/config/SSSDConfig/sssdoptions.py:325 msgid "Use LDAPS port for LDAP and Global Catalog requests" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:321 +#: src/config/SSSDConfig/sssdoptions.py:326 msgid "Do not filter domain local groups from other domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:324 -#: src/config/SSSDConfig/sssdoptions.py:325 +#: src/config/SSSDConfig/sssdoptions.py:329 +#: src/config/SSSDConfig/sssdoptions.py:330 msgid "Kerberos server address" msgstr "Kerberos-kiszolgáló címe" -#: src/config/SSSDConfig/sssdoptions.py:326 +#: src/config/SSSDConfig/sssdoptions.py:331 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:327 +#: src/config/SSSDConfig/sssdoptions.py:332 msgid "Kerberos realm" msgstr "Kerberos-tartomány" -#: src/config/SSSDConfig/sssdoptions.py:328 +#: src/config/SSSDConfig/sssdoptions.py:333 msgid "Authentication timeout" msgstr "Időtúllépés azonosításkor" -#: src/config/SSSDConfig/sssdoptions.py:329 +#: src/config/SSSDConfig/sssdoptions.py:334 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:330 +#: src/config/SSSDConfig/sssdoptions.py:335 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:333 +#: src/config/SSSDConfig/sssdoptions.py:338 msgid "Directory to store credential caches" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:334 +#: src/config/SSSDConfig/sssdoptions.py:339 msgid "Location of the user's credential cache" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:335 +#: src/config/SSSDConfig/sssdoptions.py:340 msgid "Location of the keytab to validate credentials" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:336 +#: src/config/SSSDConfig/sssdoptions.py:341 msgid "Enable credential validation" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:337 +#: src/config/SSSDConfig/sssdoptions.py:342 msgid "Store password if offline for later online authentication" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:338 +#: src/config/SSSDConfig/sssdoptions.py:343 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:339 +#: src/config/SSSDConfig/sssdoptions.py:344 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:340 +#: src/config/SSSDConfig/sssdoptions.py:345 msgid "Time between two checks for renewal" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:341 +#: src/config/SSSDConfig/sssdoptions.py:346 msgid "Enables FAST" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:342 +#: src/config/SSSDConfig/sssdoptions.py:347 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:343 +#: src/config/SSSDConfig/sssdoptions.py:348 msgid "Use anonymous PKINIT to request FAST credentials" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:344 +#: src/config/SSSDConfig/sssdoptions.py:349 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:345 +#: src/config/SSSDConfig/sssdoptions.py:350 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:346 +#: src/config/SSSDConfig/sssdoptions.py:351 msgid "Enables using of subdomains realms for authentication" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:347 +#: src/config/SSSDConfig/sssdoptions.py:352 msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:350 -#: src/config/SSSDConfig/sssdoptions.py:351 +#: src/config/SSSDConfig/sssdoptions.py:355 +#: src/config/SSSDConfig/sssdoptions.py:356 msgid "Server where the change password service is running if not on the KDC" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:354 +#: src/config/SSSDConfig/sssdoptions.py:359 msgid "ldap_uri, The URI of the LDAP server" msgstr "ldap_uri, az LDAP szerver URI-ja" -#: src/config/SSSDConfig/sssdoptions.py:355 +#: src/config/SSSDConfig/sssdoptions.py:360 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:356 +#: src/config/SSSDConfig/sssdoptions.py:361 msgid "The default base DN" msgstr "Alapértelmezett LDAP alap-DN-je" -#: src/config/SSSDConfig/sssdoptions.py:357 +#: src/config/SSSDConfig/sssdoptions.py:362 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "Az LDAP szerveren használt séma-típus, rfc2307" -#: src/config/SSSDConfig/sssdoptions.py:358 +#: src/config/SSSDConfig/sssdoptions.py:363 msgid "Mode used to change user password" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:359 +#: src/config/SSSDConfig/sssdoptions.py:364 msgid "The default bind DN" msgstr "Az alapértelmezett bind DN" -#: src/config/SSSDConfig/sssdoptions.py:360 +#: src/config/SSSDConfig/sssdoptions.py:365 msgid "The type of the authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:361 +#: src/config/SSSDConfig/sssdoptions.py:366 msgid "The authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:362 +#: src/config/SSSDConfig/sssdoptions.py:367 msgid "Length of time to attempt connection" msgstr "A kapcsolódási próbálkozás időtartama" -#: src/config/SSSDConfig/sssdoptions.py:363 +#: src/config/SSSDConfig/sssdoptions.py:368 msgid "Length of time to attempt synchronous LDAP operations" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:364 +#: src/config/SSSDConfig/sssdoptions.py:369 msgid "Length of time between attempts to reconnect while offline" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:365 +#: src/config/SSSDConfig/sssdoptions.py:370 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:366 +#: src/config/SSSDConfig/sssdoptions.py:371 msgid "File that contains CA certificates" msgstr "A CA tanusítványokat tartalmazó fájl" -#: src/config/SSSDConfig/sssdoptions.py:367 +#: src/config/SSSDConfig/sssdoptions.py:372 msgid "Path to CA certificate directory" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:368 +#: src/config/SSSDConfig/sssdoptions.py:373 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:369 +#: src/config/SSSDConfig/sssdoptions.py:374 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:370 +#: src/config/SSSDConfig/sssdoptions.py:375 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:371 +#: src/config/SSSDConfig/sssdoptions.py:376 msgid "Require TLS certificate verification" msgstr "TLS tanusítvány ellenőrzése" -#: src/config/SSSDConfig/sssdoptions.py:372 +#: src/config/SSSDConfig/sssdoptions.py:377 msgid "Specify the sasl mechanism to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:373 +#: src/config/SSSDConfig/sssdoptions.py:378 msgid "Specify the sasl authorization id to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:374 +#: src/config/SSSDConfig/sssdoptions.py:379 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:375 +#: src/config/SSSDConfig/sssdoptions.py:380 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:376 +#: src/config/SSSDConfig/sssdoptions.py:381 msgid "Specify the maximal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:377 +#: src/config/SSSDConfig/sssdoptions.py:382 msgid "Kerberos service keytab" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:378 +#: src/config/SSSDConfig/sssdoptions.py:383 msgid "Use Kerberos auth for LDAP connection" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:379 +#: src/config/SSSDConfig/sssdoptions.py:384 msgid "Follow LDAP referrals" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:380 +#: src/config/SSSDConfig/sssdoptions.py:385 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:381 +#: src/config/SSSDConfig/sssdoptions.py:386 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:382 +#: src/config/SSSDConfig/sssdoptions.py:387 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:383 +#: src/config/SSSDConfig/sssdoptions.py:388 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:384 +#: src/config/SSSDConfig/sssdoptions.py:389 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:385 +#: src/config/SSSDConfig/sssdoptions.py:390 msgid "Ignore unreadable LDAP references" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:386 +#: src/config/SSSDConfig/sssdoptions.py:391 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:388 +#: src/config/SSSDConfig/sssdoptions.py:393 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:391 +#: src/config/SSSDConfig/sssdoptions.py:396 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:392 +#: src/config/SSSDConfig/sssdoptions.py:397 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:394 +#: src/config/SSSDConfig/sssdoptions.py:399 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:397 +#: src/config/SSSDConfig/sssdoptions.py:402 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:398 +#: src/config/SSSDConfig/sssdoptions.py:403 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:399 +#: src/config/SSSDConfig/sssdoptions.py:404 msgid "Use the ppolicy extension" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:400 +#: src/config/SSSDConfig/sssdoptions.py:405 msgid "" "Force a password change when remaining grace logins reach or go below this " "threshold" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:403 +#: src/config/SSSDConfig/sssdoptions.py:408 msgid "Length of time to wait for a search request" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:404 +#: src/config/SSSDConfig/sssdoptions.py:409 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:405 +#: src/config/SSSDConfig/sssdoptions.py:410 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:406 +#: src/config/SSSDConfig/sssdoptions.py:411 msgid "Maximum period deviation between enumeration updates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:407 +#: src/config/SSSDConfig/sssdoptions.py:412 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:408 +#: src/config/SSSDConfig/sssdoptions.py:413 msgid "Maximum time deviation between cache cleanups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:409 +#: src/config/SSSDConfig/sssdoptions.py:414 msgid "Require TLS for ID lookups" msgstr "TLS megkövetelése ID keresésekor" -#: src/config/SSSDConfig/sssdoptions.py:410 +#: src/config/SSSDConfig/sssdoptions.py:415 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:411 +#: src/config/SSSDConfig/sssdoptions.py:416 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:412 +#: src/config/SSSDConfig/sssdoptions.py:417 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:413 +#: src/config/SSSDConfig/sssdoptions.py:418 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:414 +#: src/config/SSSDConfig/sssdoptions.py:419 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:415 +#: src/config/SSSDConfig/sssdoptions.py:420 msgid "Username attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:416 +#: src/config/SSSDConfig/sssdoptions.py:421 msgid "UID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:417 +#: src/config/SSSDConfig/sssdoptions.py:422 msgid "Primary GID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:418 +#: src/config/SSSDConfig/sssdoptions.py:423 msgid "GECOS attribute" msgstr "GECOS attribútum" -#: src/config/SSSDConfig/sssdoptions.py:419 +#: src/config/SSSDConfig/sssdoptions.py:424 msgid "Home directory attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:420 +#: src/config/SSSDConfig/sssdoptions.py:425 msgid "Shell attribute" msgstr "Shell attribútum" -#: src/config/SSSDConfig/sssdoptions.py:421 +#: src/config/SSSDConfig/sssdoptions.py:426 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:422 -#: src/config/SSSDConfig/sssdoptions.py:461 +#: src/config/SSSDConfig/sssdoptions.py:427 +#: src/config/SSSDConfig/sssdoptions.py:466 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:423 +#: src/config/SSSDConfig/sssdoptions.py:428 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:424 +#: src/config/SSSDConfig/sssdoptions.py:429 msgid "User principal attribute (for Kerberos)" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:425 +#: src/config/SSSDConfig/sssdoptions.py:430 msgid "Full Name" msgstr "Teljes név" -#: src/config/SSSDConfig/sssdoptions.py:426 +#: src/config/SSSDConfig/sssdoptions.py:431 msgid "memberOf attribute" msgstr "memberOf attribútum" -#: src/config/SSSDConfig/sssdoptions.py:427 +#: src/config/SSSDConfig/sssdoptions.py:432 msgid "Modification time attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:428 +#: src/config/SSSDConfig/sssdoptions.py:433 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:429 +#: src/config/SSSDConfig/sssdoptions.py:434 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:430 +#: src/config/SSSDConfig/sssdoptions.py:435 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:431 +#: src/config/SSSDConfig/sssdoptions.py:436 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:432 +#: src/config/SSSDConfig/sssdoptions.py:437 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:433 +#: src/config/SSSDConfig/sssdoptions.py:438 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:434 +#: src/config/SSSDConfig/sssdoptions.py:439 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:435 +#: src/config/SSSDConfig/sssdoptions.py:440 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:436 +#: src/config/SSSDConfig/sssdoptions.py:441 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:437 +#: src/config/SSSDConfig/sssdoptions.py:442 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:438 +#: src/config/SSSDConfig/sssdoptions.py:443 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:439 +#: src/config/SSSDConfig/sssdoptions.py:444 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:440 +#: src/config/SSSDConfig/sssdoptions.py:445 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:441 +#: src/config/SSSDConfig/sssdoptions.py:446 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:442 +#: src/config/SSSDConfig/sssdoptions.py:447 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:443 +#: src/config/SSSDConfig/sssdoptions.py:448 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:444 +#: src/config/SSSDConfig/sssdoptions.py:449 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:445 +#: src/config/SSSDConfig/sssdoptions.py:450 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:446 +#: src/config/SSSDConfig/sssdoptions.py:451 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:447 +#: src/config/SSSDConfig/sssdoptions.py:452 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:448 +#: src/config/SSSDConfig/sssdoptions.py:453 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:449 +#: src/config/SSSDConfig/sssdoptions.py:454 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:450 +#: src/config/SSSDConfig/sssdoptions.py:455 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:451 +#: src/config/SSSDConfig/sssdoptions.py:456 msgid "attribute containing the passkey mapping data of the user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:452 +#: src/config/SSSDConfig/sssdoptions.py:457 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:454 +#: src/config/SSSDConfig/sssdoptions.py:459 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:455 +#: src/config/SSSDConfig/sssdoptions.py:460 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:456 +#: src/config/SSSDConfig/sssdoptions.py:461 msgid "Group name" msgstr "Csoport neve" -#: src/config/SSSDConfig/sssdoptions.py:457 +#: src/config/SSSDConfig/sssdoptions.py:462 msgid "Group password" msgstr "Csoport jelszava" -#: src/config/SSSDConfig/sssdoptions.py:458 +#: src/config/SSSDConfig/sssdoptions.py:463 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:459 +#: src/config/SSSDConfig/sssdoptions.py:464 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:460 +#: src/config/SSSDConfig/sssdoptions.py:465 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:462 +#: src/config/SSSDConfig/sssdoptions.py:467 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:463 +#: src/config/SSSDConfig/sssdoptions.py:468 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:464 +#: src/config/SSSDConfig/sssdoptions.py:469 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:465 +#: src/config/SSSDConfig/sssdoptions.py:470 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:466 +#: src/config/SSSDConfig/sssdoptions.py:471 msgid "Filter for group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:467 +#: src/config/SSSDConfig/sssdoptions.py:472 msgid "Scope of group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:469 +#: src/config/SSSDConfig/sssdoptions.py:474 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:470 +#: src/config/SSSDConfig/sssdoptions.py:475 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:471 +#: src/config/SSSDConfig/sssdoptions.py:476 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:472 +#: src/config/SSSDConfig/sssdoptions.py:477 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:473 +#: src/config/SSSDConfig/sssdoptions.py:478 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:474 +#: src/config/SSSDConfig/sssdoptions.py:479 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:476 +#: src/config/SSSDConfig/sssdoptions.py:481 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:477 +#: src/config/SSSDConfig/sssdoptions.py:482 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:478 +#: src/config/SSSDConfig/sssdoptions.py:483 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:479 +#: src/config/SSSDConfig/sssdoptions.py:484 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:480 +#: src/config/SSSDConfig/sssdoptions.py:485 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:482 +#: src/config/SSSDConfig/sssdoptions.py:487 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:483 +#: src/config/SSSDConfig/sssdoptions.py:488 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:484 +#: src/config/SSSDConfig/sssdoptions.py:489 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:485 +#: src/config/SSSDConfig/sssdoptions.py:490 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:486 +#: src/config/SSSDConfig/sssdoptions.py:491 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:487 +#: src/config/SSSDConfig/sssdoptions.py:492 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:488 +#: src/config/SSSDConfig/sssdoptions.py:493 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:490 +#: src/config/SSSDConfig/sssdoptions.py:495 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:491 +#: src/config/SSSDConfig/sssdoptions.py:496 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:492 +#: src/config/SSSDConfig/sssdoptions.py:497 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:493 +#: src/config/SSSDConfig/sssdoptions.py:498 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:494 +#: src/config/SSSDConfig/sssdoptions.py:499 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:495 +#: src/config/SSSDConfig/sssdoptions.py:500 msgid "Set libldap debug level" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:498 +#: src/config/SSSDConfig/sssdoptions.py:503 msgid "Policy to evaluate the password expiration" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:502 +#: src/config/SSSDConfig/sssdoptions.py:507 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:506 +#: src/config/SSSDConfig/sssdoptions.py:511 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:507 +#: src/config/SSSDConfig/sssdoptions.py:512 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:508 +#: src/config/SSSDConfig/sssdoptions.py:513 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:509 +#: src/config/SSSDConfig/sssdoptions.py:514 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:513 +#: src/config/SSSDConfig/sssdoptions.py:518 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:514 +#: src/config/SSSDConfig/sssdoptions.py:519 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:515 +#: src/config/SSSDConfig/sssdoptions.py:520 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:516 +#: src/config/SSSDConfig/sssdoptions.py:521 msgid "Smart and full refresh random offset" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:517 +#: src/config/SSSDConfig/sssdoptions.py:522 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:518 +#: src/config/SSSDConfig/sssdoptions.py:523 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:519 +#: src/config/SSSDConfig/sssdoptions.py:524 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:520 +#: src/config/SSSDConfig/sssdoptions.py:525 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:521 +#: src/config/SSSDConfig/sssdoptions.py:526 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:522 +#: src/config/SSSDConfig/sssdoptions.py:527 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:523 +#: src/config/SSSDConfig/sssdoptions.py:528 msgid "Name of attribute that is used as object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:524 +#: src/config/SSSDConfig/sssdoptions.py:529 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:525 +#: src/config/SSSDConfig/sssdoptions.py:530 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:526 +#: src/config/SSSDConfig/sssdoptions.py:531 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:527 +#: src/config/SSSDConfig/sssdoptions.py:532 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:528 +#: src/config/SSSDConfig/sssdoptions.py:533 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:529 +#: src/config/SSSDConfig/sssdoptions.py:534 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:530 +#: src/config/SSSDConfig/sssdoptions.py:535 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:531 +#: src/config/SSSDConfig/sssdoptions.py:536 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:532 +#: src/config/SSSDConfig/sssdoptions.py:537 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:533 +#: src/config/SSSDConfig/sssdoptions.py:538 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:534 +#: src/config/SSSDConfig/sssdoptions.py:539 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:537 +#: src/config/SSSDConfig/sssdoptions.py:542 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:538 +#: src/config/SSSDConfig/sssdoptions.py:543 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:539 +#: src/config/SSSDConfig/sssdoptions.py:544 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:540 +#: src/config/SSSDConfig/sssdoptions.py:545 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:541 +#: src/config/SSSDConfig/sssdoptions.py:546 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:542 +#: src/config/SSSDConfig/sssdoptions.py:547 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:543 +#: src/config/SSSDConfig/sssdoptions.py:548 msgid "The name of the automount master map in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:546 +#: src/config/SSSDConfig/sssdoptions.py:551 msgid "Base DN for IP hosts lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:547 +#: src/config/SSSDConfig/sssdoptions.py:552 msgid "Object class for IP hosts" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:548 +#: src/config/SSSDConfig/sssdoptions.py:553 msgid "IP host name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:549 +#: src/config/SSSDConfig/sssdoptions.py:554 msgid "IP host number (address) attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:550 +#: src/config/SSSDConfig/sssdoptions.py:555 msgid "IP host entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:551 +#: src/config/SSSDConfig/sssdoptions.py:556 msgid "Base DN for IP networks lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:552 +#: src/config/SSSDConfig/sssdoptions.py:557 msgid "Object class for IP networks" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:553 +#: src/config/SSSDConfig/sssdoptions.py:558 msgid "IP network name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:554 +#: src/config/SSSDConfig/sssdoptions.py:559 msgid "IP network number (address) attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:555 +#: src/config/SSSDConfig/sssdoptions.py:560 msgid "IP network entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:558 +#: src/config/SSSDConfig/sssdoptions.py:563 msgid "Comma separated list of allowed users" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:559 +#: src/config/SSSDConfig/sssdoptions.py:564 msgid "Comma separated list of prohibited users" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:560 +#: src/config/SSSDConfig/sssdoptions.py:565 msgid "" "Comma separated list of groups that are allowed to log in. This applies only " "to groups within this SSSD domain. Local groups are not evaluated." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:562 +#: src/config/SSSDConfig/sssdoptions.py:567 msgid "" "Comma separated list of groups that are explicitly denied access. This " "applies only to groups within this SSSD domain. Local groups are not " "evaluated." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:566 +#: src/config/SSSDConfig/sssdoptions.py:571 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:569 +#: src/config/SSSDConfig/sssdoptions.py:574 msgid "The name of the NSS library to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:570 +#: src/config/SSSDConfig/sssdoptions.py:575 msgid "The name of the NSS library to use for hosts and networks lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:571 +#: src/config/SSSDConfig/sssdoptions.py:576 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:574 +#: src/config/SSSDConfig/sssdoptions.py:579 msgid "PAM stack to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:577 +#: src/config/SSSDConfig/sssdoptions.py:582 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:578 +#: src/config/SSSDConfig/sssdoptions.py:583 msgid "Path of group file sources." msgstr "" @@ -1900,76 +1919,72 @@ msgstr "" msgid "Can't read config: '%s'\n" msgstr "" -#: src/monitor/monitor.c:1953 +#: src/monitor/monitor.c:1956 #, c-format msgid "Failed to boostrap SSSD 'monitor' process: %s" msgstr "" -#: src/monitor/monitor.c:2050 +#: src/monitor/monitor.c:2053 msgid "Out of memory\n" msgstr "Elfogyott a memória\n" -#: src/providers/krb5/krb5_child.c:4145 src/providers/ldap/ldap_child.c:994 -msgid "Allow core dumps" +#: src/providers/krb5/krb5_child.c:4113 src/providers/ldap/ldap_child.c:995 +msgid "Ignored, /proc/sys/fs/suid_dumpable setting is in force" msgstr "" -#: src/providers/krb5/krb5_child.c:4147 src/providers/ldap/ldap_child.c:996 -msgid "An open file descriptor for the debug logs" -msgstr "" - -#: src/providers/krb5/krb5_child.c:4150 -msgid "The user to create FAST ccache as" +#: src/providers/krb5/krb5_child.c:4115 src/providers/ldap/ldap_child.c:997 +msgid "Enable debug backtrace" msgstr "" -#: src/providers/krb5/krb5_child.c:4152 -msgid "The group to create FAST ccache as" +#: src/providers/krb5/krb5_child.c:4117 src/providers/ldap/ldap_child.c:999 +msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:4154 +#: src/providers/krb5/krb5_child.c:4120 msgid "Use anonymous PKINIT to request FAST armor ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:4156 +#: src/providers/krb5/krb5_child.c:4122 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:4158 +#: src/providers/krb5/krb5_child.c:4124 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:4160 +#: src/providers/krb5/krb5_child.c:4126 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:4162 +#: src/providers/krb5/krb5_child.c:4128 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:4165 +#: src/providers/krb5/krb5_child.c:4131 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:4167 +#: src/providers/krb5/krb5_child.c:4133 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/krb5/krb5_child.c:4169 +#: src/providers/krb5/krb5_child.c:4135 msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/krb5/krb5_child.c:4171 +#: src/providers/krb5/krb5_child.c:4137 msgid "Tevent chain ID used for logging purposes" msgstr "" -#: src/providers/krb5/krb5_child.c:4173 +#: src/providers/krb5/krb5_child.c:4139 msgid "Check PAC flags" msgstr "" -#: src/providers/krb5/krb5_child.c:4217 src/providers/ldap/ldap_child.c:1022 +#: src/providers/krb5/krb5_child.c:4187 src/providers/ldap/ldap_child.c:1029 msgid "talloc_asprintf failed.\n" msgstr "" -#: src/providers/krb5/krb5_child.c:4227 src/providers/ldap/ldap_child.c:1031 +#: src/providers/krb5/krb5_child.c:4197 src/providers/ldap/ldap_child.c:1038 msgid "set_debug_file_from_fd failed.\n" msgstr "" @@ -2134,7 +2149,7 @@ msgstr "" msgid "Current Password: " msgstr "Jelenlegi jelszó: " -#: src/sss_client/pam_sss.c:3147 +#: src/sss_client/pam_sss.c:3150 msgid "Password expired. Change your password now." msgstr "A jelszava lejárt, változtass meg most." @@ -2799,24 +2814,28 @@ msgstr "" #: src/tools/sssctl/sssctl_config.c:120 #, c-format -msgid "Failed to read '%s': %s\n" +msgid "Configuration validation failed: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_config.c:129 +#: src/tools/sssctl/sssctl_config.c:121 +msgid "Run with high debug level to see details.\n" +msgstr "" + +#: src/tools/sssctl/sssctl_config.c:130 msgid "Failed to run validators" msgstr "" -#: src/tools/sssctl/sssctl_config.c:133 +#: src/tools/sssctl/sssctl_config.c:134 #, c-format msgid "Issues identified by validators: %zu\n" msgstr "" -#: src/tools/sssctl/sssctl_config.c:144 +#: src/tools/sssctl/sssctl_config.c:145 #, c-format msgid "Messages generated during configuration merging: %zu\n" msgstr "" -#: src/tools/sssctl/sssctl_config.c:157 +#: src/tools/sssctl/sssctl_config.c:158 #, c-format msgid "Used configuration snippet files: %zu\n" msgstr "" @@ -3309,11 +3328,11 @@ msgstr "" msgid " - no env -\n" msgstr "" -#: src/util/util.h:98 +#: src/util/util.h:91 msgid "Specify a non-default config file" msgstr "" -#: src/util/util.h:105 +#: src/util/util.h:98 msgid "Informs that the responder has been socket-activated" msgstr "" diff --git a/po/id.po b/po/id.po index 3ec9170b157..7822296ff72 100644 --- a/po/id.po +++ b/po/id.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2024-10-15 11:45+0200\n" +"POT-Creation-Date: 2024-12-10 14:35+0100\n" "PO-Revision-Date: 2014-12-14 11:46-0500\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Indonesian (http://www.transifex.com/projects/p/sssd/language/" @@ -585,1265 +585,1284 @@ msgid "Whether to automatically update the client's DNS entry" msgstr "" #: src/config/SSSDConfig/sssdoptions.py:200 -#: src/config/SSSDConfig/sssdoptions.py:233 +msgid "" +"Whether DNS update of A and AAAA record should be performed in one update or " +"in two separate updates" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:202 +#: src/config/SSSDConfig/sssdoptions.py:238 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:201 -#: src/config/SSSDConfig/sssdoptions.py:234 +#: src/config/SSSDConfig/sssdoptions.py:203 +#: src/config/SSSDConfig/sssdoptions.py:239 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:202 +#: src/config/SSSDConfig/sssdoptions.py:204 msgid "How often to periodically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:203 +#: src/config/SSSDConfig/sssdoptions.py:205 msgid "Maximum period deviation when updating the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:204 +#: src/config/SSSDConfig/sssdoptions.py:206 msgid "Whether the provider should explicitly update the PTR record as well" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:205 +#: src/config/SSSDConfig/sssdoptions.py:207 msgid "Whether the nsupdate utility should default to using TCP" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:206 +#: src/config/SSSDConfig/sssdoptions.py:208 msgid "What kind of authentication should be used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:207 +#: src/config/SSSDConfig/sssdoptions.py:209 msgid "Override the DNS server used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:208 +#: src/config/SSSDConfig/sssdoptions.py:210 +msgid "The file of the certificate authorities certificates for DoT" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:211 +#, fuzzy +msgid "The certificate(s) file for authentication for the DoT transport" +msgstr "Membutuhkan verifikasi sertifikat TLS" + +#: src/config/SSSDConfig/sssdoptions.py:212 +msgid "The key file for authenticated encryption for the DoT transport" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:213 msgid "Control enumeration of trusted domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:209 +#: src/config/SSSDConfig/sssdoptions.py:214 msgid "How often should subdomains list be refreshed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:210 +#: src/config/SSSDConfig/sssdoptions.py:215 msgid "Maximum period deviation when refreshing the subdomain list" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:211 +#: src/config/SSSDConfig/sssdoptions.py:216 msgid "List of options that should be inherited into a subdomain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:212 +#: src/config/SSSDConfig/sssdoptions.py:217 msgid "Default subdomain homedir value" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:213 +#: src/config/SSSDConfig/sssdoptions.py:218 msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:214 +#: src/config/SSSDConfig/sssdoptions.py:219 msgid "Whether to automatically create private groups for users" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:215 +#: src/config/SSSDConfig/sssdoptions.py:220 msgid "Display a warning N days before the password expires." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:216 +#: src/config/SSSDConfig/sssdoptions.py:221 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:217 +#: src/config/SSSDConfig/sssdoptions.py:222 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:219 +#: src/config/SSSDConfig/sssdoptions.py:224 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:221 +#: src/config/SSSDConfig/sssdoptions.py:226 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " "(long term password) must have to be saved as SHA512 hash into the cache." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:225 +#: src/config/SSSDConfig/sssdoptions.py:230 msgid "Local authentication methods policy " msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:228 +#: src/config/SSSDConfig/sssdoptions.py:233 msgid "IPA domain" msgstr "Domain IPA" -#: src/config/SSSDConfig/sssdoptions.py:229 +#: src/config/SSSDConfig/sssdoptions.py:234 msgid "IPA server address" msgstr "Alamat server IPA" -#: src/config/SSSDConfig/sssdoptions.py:230 +#: src/config/SSSDConfig/sssdoptions.py:235 msgid "Address of backup IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:231 +#: src/config/SSSDConfig/sssdoptions.py:236 msgid "IPA client hostname" msgstr "Nama host klien IPA" -#: src/config/SSSDConfig/sssdoptions.py:232 +#: src/config/SSSDConfig/sssdoptions.py:237 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:235 +#: src/config/SSSDConfig/sssdoptions.py:240 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:236 +#: src/config/SSSDConfig/sssdoptions.py:241 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:237 +#: src/config/SSSDConfig/sssdoptions.py:242 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:239 +#: src/config/SSSDConfig/sssdoptions.py:244 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:240 +#: src/config/SSSDConfig/sssdoptions.py:245 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:241 +#: src/config/SSSDConfig/sssdoptions.py:246 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:242 +#: src/config/SSSDConfig/sssdoptions.py:247 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:243 -#: src/config/SSSDConfig/sssdoptions.py:299 +#: src/config/SSSDConfig/sssdoptions.py:248 +#: src/config/SSSDConfig/sssdoptions.py:304 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:244 +#: src/config/SSSDConfig/sssdoptions.py:249 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:245 +#: src/config/SSSDConfig/sssdoptions.py:250 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:246 +#: src/config/SSSDConfig/sssdoptions.py:251 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:247 +#: src/config/SSSDConfig/sssdoptions.py:252 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:248 +#: src/config/SSSDConfig/sssdoptions.py:253 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:249 +#: src/config/SSSDConfig/sssdoptions.py:254 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:250 +#: src/config/SSSDConfig/sssdoptions.py:255 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:251 +#: src/config/SSSDConfig/sssdoptions.py:256 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:252 +#: src/config/SSSDConfig/sssdoptions.py:257 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:254 +#: src/config/SSSDConfig/sssdoptions.py:259 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:257 +#: src/config/SSSDConfig/sssdoptions.py:262 msgid "Search base for SUBID ranges" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:258 -#: src/config/SSSDConfig/sssdoptions.py:503 +#: src/config/SSSDConfig/sssdoptions.py:263 +#: src/config/SSSDConfig/sssdoptions.py:508 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:259 +#: src/config/SSSDConfig/sssdoptions.py:264 msgid "The LDAP attribute that contains FQDN of the host." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:260 -#: src/config/SSSDConfig/sssdoptions.py:283 +#: src/config/SSSDConfig/sssdoptions.py:265 +#: src/config/SSSDConfig/sssdoptions.py:288 msgid "The object class of a host entry in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:261 +#: src/config/SSSDConfig/sssdoptions.py:266 msgid "Use the given string as search base for host objects." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:262 +#: src/config/SSSDConfig/sssdoptions.py:267 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:263 +#: src/config/SSSDConfig/sssdoptions.py:268 msgid "The LDAP attribute that contains NIS domain name of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:264 +#: src/config/SSSDConfig/sssdoptions.py:269 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:265 +#: src/config/SSSDConfig/sssdoptions.py:270 msgid "" "The LDAP attribute that lists FQDNs of hosts and host groups that are " "members of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:267 +#: src/config/SSSDConfig/sssdoptions.py:272 msgid "" "The LDAP attribute that lists hosts and host groups that are direct members " "of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:269 +#: src/config/SSSDConfig/sssdoptions.py:274 msgid "The LDAP attribute that lists netgroup's memberships." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:270 +#: src/config/SSSDConfig/sssdoptions.py:275 msgid "" "The LDAP attribute that lists system users and groups that are direct " "members of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:272 +#: src/config/SSSDConfig/sssdoptions.py:277 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:273 +#: src/config/SSSDConfig/sssdoptions.py:278 msgid "The object class of a netgroup entry in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:274 +#: src/config/SSSDConfig/sssdoptions.py:279 msgid "" "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:275 +#: src/config/SSSDConfig/sssdoptions.py:280 msgid "" "The LDAP attribute that contains whether or not is user map enabled for " "usage." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:277 +#: src/config/SSSDConfig/sssdoptions.py:282 msgid "The LDAP attribute that contains host category such as 'all'." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:278 +#: src/config/SSSDConfig/sssdoptions.py:283 msgid "" "The LDAP attribute that contains all hosts / hostgroups this rule match " "against." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:280 +#: src/config/SSSDConfig/sssdoptions.py:285 msgid "" "The LDAP attribute that contains all users / groups this rule match against." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:282 +#: src/config/SSSDConfig/sssdoptions.py:287 msgid "The LDAP attribute that contains the name of SELinux usermap." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:284 +#: src/config/SSSDConfig/sssdoptions.py:289 msgid "" "The LDAP attribute that contains DN of HBAC rule which can be used for " "matching instead of memberUser and memberHost." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:286 +#: src/config/SSSDConfig/sssdoptions.py:291 msgid "The LDAP attribute that contains SELinux user string itself." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:287 +#: src/config/SSSDConfig/sssdoptions.py:292 msgid "The LDAP attribute that contains user category such as 'all'." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:288 +#: src/config/SSSDConfig/sssdoptions.py:293 msgid "The LDAP attribute that contains unique ID of the user map." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:289 +#: src/config/SSSDConfig/sssdoptions.py:294 msgid "" "The option denotes that the SSSD is running on IPA server and should perform " "lookups of users and groups from trusted domains differently." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:291 +#: src/config/SSSDConfig/sssdoptions.py:296 msgid "Use the given string as search base for trusted domains." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:294 +#: src/config/SSSDConfig/sssdoptions.py:299 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:295 +#: src/config/SSSDConfig/sssdoptions.py:300 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:296 +#: src/config/SSSDConfig/sssdoptions.py:301 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:297 +#: src/config/SSSDConfig/sssdoptions.py:302 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:298 +#: src/config/SSSDConfig/sssdoptions.py:303 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:300 -#: src/config/SSSDConfig/sssdoptions.py:501 +#: src/config/SSSDConfig/sssdoptions.py:305 +#: src/config/SSSDConfig/sssdoptions.py:506 msgid "LDAP filter to determine access privileges" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:301 +#: src/config/SSSDConfig/sssdoptions.py:306 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:302 +#: src/config/SSSDConfig/sssdoptions.py:307 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:303 +#: src/config/SSSDConfig/sssdoptions.py:308 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:304 +#: src/config/SSSDConfig/sssdoptions.py:309 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:306 +#: src/config/SSSDConfig/sssdoptions.py:311 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:308 +#: src/config/SSSDConfig/sssdoptions.py:313 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:309 +#: src/config/SSSDConfig/sssdoptions.py:314 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:310 +#: src/config/SSSDConfig/sssdoptions.py:315 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:311 +#: src/config/SSSDConfig/sssdoptions.py:316 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:312 +#: src/config/SSSDConfig/sssdoptions.py:317 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:313 +#: src/config/SSSDConfig/sssdoptions.py:318 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:314 +#: src/config/SSSDConfig/sssdoptions.py:319 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:315 +#: src/config/SSSDConfig/sssdoptions.py:320 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:317 +#: src/config/SSSDConfig/sssdoptions.py:322 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:318 +#: src/config/SSSDConfig/sssdoptions.py:323 msgid "Whether to update the machine account password in the Samba database" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:320 +#: src/config/SSSDConfig/sssdoptions.py:325 msgid "Use LDAPS port for LDAP and Global Catalog requests" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:321 +#: src/config/SSSDConfig/sssdoptions.py:326 msgid "Do not filter domain local groups from other domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:324 -#: src/config/SSSDConfig/sssdoptions.py:325 +#: src/config/SSSDConfig/sssdoptions.py:329 +#: src/config/SSSDConfig/sssdoptions.py:330 msgid "Kerberos server address" msgstr "Alamat server Kerberos" -#: src/config/SSSDConfig/sssdoptions.py:326 +#: src/config/SSSDConfig/sssdoptions.py:331 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:327 +#: src/config/SSSDConfig/sssdoptions.py:332 msgid "Kerberos realm" msgstr "Realm Kerberos" -#: src/config/SSSDConfig/sssdoptions.py:328 +#: src/config/SSSDConfig/sssdoptions.py:333 msgid "Authentication timeout" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:329 +#: src/config/SSSDConfig/sssdoptions.py:334 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:330 +#: src/config/SSSDConfig/sssdoptions.py:335 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:333 +#: src/config/SSSDConfig/sssdoptions.py:338 msgid "Directory to store credential caches" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:334 +#: src/config/SSSDConfig/sssdoptions.py:339 msgid "Location of the user's credential cache" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:335 +#: src/config/SSSDConfig/sssdoptions.py:340 msgid "Location of the keytab to validate credentials" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:336 +#: src/config/SSSDConfig/sssdoptions.py:341 msgid "Enable credential validation" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:337 +#: src/config/SSSDConfig/sssdoptions.py:342 msgid "Store password if offline for later online authentication" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:338 +#: src/config/SSSDConfig/sssdoptions.py:343 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:339 +#: src/config/SSSDConfig/sssdoptions.py:344 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:340 +#: src/config/SSSDConfig/sssdoptions.py:345 msgid "Time between two checks for renewal" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:341 +#: src/config/SSSDConfig/sssdoptions.py:346 msgid "Enables FAST" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:342 +#: src/config/SSSDConfig/sssdoptions.py:347 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:343 +#: src/config/SSSDConfig/sssdoptions.py:348 msgid "Use anonymous PKINIT to request FAST credentials" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:344 +#: src/config/SSSDConfig/sssdoptions.py:349 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:345 +#: src/config/SSSDConfig/sssdoptions.py:350 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:346 +#: src/config/SSSDConfig/sssdoptions.py:351 msgid "Enables using of subdomains realms for authentication" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:347 +#: src/config/SSSDConfig/sssdoptions.py:352 msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:350 -#: src/config/SSSDConfig/sssdoptions.py:351 +#: src/config/SSSDConfig/sssdoptions.py:355 +#: src/config/SSSDConfig/sssdoptions.py:356 msgid "Server where the change password service is running if not on the KDC" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:354 +#: src/config/SSSDConfig/sssdoptions.py:359 msgid "ldap_uri, The URI of the LDAP server" msgstr "ldap_uri, URI server LDAP" -#: src/config/SSSDConfig/sssdoptions.py:355 +#: src/config/SSSDConfig/sssdoptions.py:360 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:356 +#: src/config/SSSDConfig/sssdoptions.py:361 msgid "The default base DN" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:357 +#: src/config/SSSDConfig/sssdoptions.py:362 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "Jenis Skema yang digunakan pada server LDAP, rfc2307" -#: src/config/SSSDConfig/sssdoptions.py:358 +#: src/config/SSSDConfig/sssdoptions.py:363 msgid "Mode used to change user password" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:359 +#: src/config/SSSDConfig/sssdoptions.py:364 msgid "The default bind DN" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:360 +#: src/config/SSSDConfig/sssdoptions.py:365 msgid "The type of the authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:361 +#: src/config/SSSDConfig/sssdoptions.py:366 msgid "The authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:362 +#: src/config/SSSDConfig/sssdoptions.py:367 msgid "Length of time to attempt connection" msgstr "Lamanya waktu untuk mencoba koneksi" -#: src/config/SSSDConfig/sssdoptions.py:363 +#: src/config/SSSDConfig/sssdoptions.py:368 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Lamanya waktu untuk mencoba operasi LDAP yang sinkron" -#: src/config/SSSDConfig/sssdoptions.py:364 +#: src/config/SSSDConfig/sssdoptions.py:369 msgid "Length of time between attempts to reconnect while offline" msgstr "Lamanya waktu antara upaya untuk menyambung kembali saat luring" -#: src/config/SSSDConfig/sssdoptions.py:365 +#: src/config/SSSDConfig/sssdoptions.py:370 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:366 +#: src/config/SSSDConfig/sssdoptions.py:371 msgid "File that contains CA certificates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:367 +#: src/config/SSSDConfig/sssdoptions.py:372 msgid "Path to CA certificate directory" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:368 +#: src/config/SSSDConfig/sssdoptions.py:373 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:369 +#: src/config/SSSDConfig/sssdoptions.py:374 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:370 +#: src/config/SSSDConfig/sssdoptions.py:375 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:371 +#: src/config/SSSDConfig/sssdoptions.py:376 msgid "Require TLS certificate verification" msgstr "Membutuhkan verifikasi sertifikat TLS" -#: src/config/SSSDConfig/sssdoptions.py:372 +#: src/config/SSSDConfig/sssdoptions.py:377 msgid "Specify the sasl mechanism to use" msgstr "Tentukan mekanisme sasl yang digunakan" -#: src/config/SSSDConfig/sssdoptions.py:373 +#: src/config/SSSDConfig/sssdoptions.py:378 msgid "Specify the sasl authorization id to use" msgstr "Tentukan id otorisasi sasl yang digunakan" -#: src/config/SSSDConfig/sssdoptions.py:374 +#: src/config/SSSDConfig/sssdoptions.py:379 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:375 +#: src/config/SSSDConfig/sssdoptions.py:380 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:376 +#: src/config/SSSDConfig/sssdoptions.py:381 msgid "Specify the maximal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:377 +#: src/config/SSSDConfig/sssdoptions.py:382 msgid "Kerberos service keytab" msgstr "Keytab layanan Kerberos" -#: src/config/SSSDConfig/sssdoptions.py:378 +#: src/config/SSSDConfig/sssdoptions.py:383 msgid "Use Kerberos auth for LDAP connection" msgstr "Gunakan otentikasi Kerberos untuk koneksi LDAP" -#: src/config/SSSDConfig/sssdoptions.py:379 +#: src/config/SSSDConfig/sssdoptions.py:384 msgid "Follow LDAP referrals" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:380 +#: src/config/SSSDConfig/sssdoptions.py:385 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:381 +#: src/config/SSSDConfig/sssdoptions.py:386 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:382 +#: src/config/SSSDConfig/sssdoptions.py:387 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:383 +#: src/config/SSSDConfig/sssdoptions.py:388 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:384 +#: src/config/SSSDConfig/sssdoptions.py:389 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:385 +#: src/config/SSSDConfig/sssdoptions.py:390 msgid "Ignore unreadable LDAP references" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:386 +#: src/config/SSSDConfig/sssdoptions.py:391 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:388 +#: src/config/SSSDConfig/sssdoptions.py:393 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:391 +#: src/config/SSSDConfig/sssdoptions.py:396 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:392 +#: src/config/SSSDConfig/sssdoptions.py:397 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:394 +#: src/config/SSSDConfig/sssdoptions.py:399 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:397 +#: src/config/SSSDConfig/sssdoptions.py:402 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:398 +#: src/config/SSSDConfig/sssdoptions.py:403 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:399 +#: src/config/SSSDConfig/sssdoptions.py:404 msgid "Use the ppolicy extension" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:400 +#: src/config/SSSDConfig/sssdoptions.py:405 msgid "" "Force a password change when remaining grace logins reach or go below this " "threshold" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:403 +#: src/config/SSSDConfig/sssdoptions.py:408 msgid "Length of time to wait for a search request" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:404 +#: src/config/SSSDConfig/sssdoptions.py:409 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:405 +#: src/config/SSSDConfig/sssdoptions.py:410 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:406 +#: src/config/SSSDConfig/sssdoptions.py:411 msgid "Maximum period deviation between enumeration updates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:407 +#: src/config/SSSDConfig/sssdoptions.py:412 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:408 +#: src/config/SSSDConfig/sssdoptions.py:413 msgid "Maximum time deviation between cache cleanups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:409 +#: src/config/SSSDConfig/sssdoptions.py:414 msgid "Require TLS for ID lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:410 +#: src/config/SSSDConfig/sssdoptions.py:415 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:411 +#: src/config/SSSDConfig/sssdoptions.py:416 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:412 +#: src/config/SSSDConfig/sssdoptions.py:417 msgid "Scope of user lookups" msgstr "Lingkup pencarian pengguna" -#: src/config/SSSDConfig/sssdoptions.py:413 +#: src/config/SSSDConfig/sssdoptions.py:418 msgid "Filter for user lookups" msgstr "Filter pencarian pengguna" -#: src/config/SSSDConfig/sssdoptions.py:414 +#: src/config/SSSDConfig/sssdoptions.py:419 msgid "Objectclass for users" msgstr "Objectclass untuk pengguna" -#: src/config/SSSDConfig/sssdoptions.py:415 +#: src/config/SSSDConfig/sssdoptions.py:420 msgid "Username attribute" msgstr "Atribut Nama pengguna" -#: src/config/SSSDConfig/sssdoptions.py:416 +#: src/config/SSSDConfig/sssdoptions.py:421 msgid "UID attribute" msgstr "Atribut UID" -#: src/config/SSSDConfig/sssdoptions.py:417 +#: src/config/SSSDConfig/sssdoptions.py:422 msgid "Primary GID attribute" msgstr "Atribut GID Primer" -#: src/config/SSSDConfig/sssdoptions.py:418 +#: src/config/SSSDConfig/sssdoptions.py:423 msgid "GECOS attribute" msgstr "Atribut GECOS" -#: src/config/SSSDConfig/sssdoptions.py:419 +#: src/config/SSSDConfig/sssdoptions.py:424 msgid "Home directory attribute" msgstr "Atribut direktori Home" -#: src/config/SSSDConfig/sssdoptions.py:420 +#: src/config/SSSDConfig/sssdoptions.py:425 msgid "Shell attribute" msgstr "Atribut Shell" -#: src/config/SSSDConfig/sssdoptions.py:421 +#: src/config/SSSDConfig/sssdoptions.py:426 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:422 -#: src/config/SSSDConfig/sssdoptions.py:461 +#: src/config/SSSDConfig/sssdoptions.py:427 +#: src/config/SSSDConfig/sssdoptions.py:466 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:423 +#: src/config/SSSDConfig/sssdoptions.py:428 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:424 +#: src/config/SSSDConfig/sssdoptions.py:429 msgid "User principal attribute (for Kerberos)" msgstr "Atribut utama pengguna (untuk Kerberos)" -#: src/config/SSSDConfig/sssdoptions.py:425 +#: src/config/SSSDConfig/sssdoptions.py:430 msgid "Full Name" msgstr "Nama Lengkap" -#: src/config/SSSDConfig/sssdoptions.py:426 +#: src/config/SSSDConfig/sssdoptions.py:431 msgid "memberOf attribute" msgstr "Atribut memberOf" -#: src/config/SSSDConfig/sssdoptions.py:427 +#: src/config/SSSDConfig/sssdoptions.py:432 msgid "Modification time attribute" msgstr "Atribut waktu modifikasi" -#: src/config/SSSDConfig/sssdoptions.py:428 +#: src/config/SSSDConfig/sssdoptions.py:433 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:429 +#: src/config/SSSDConfig/sssdoptions.py:434 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:430 +#: src/config/SSSDConfig/sssdoptions.py:435 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:431 +#: src/config/SSSDConfig/sssdoptions.py:436 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:432 +#: src/config/SSSDConfig/sssdoptions.py:437 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:433 +#: src/config/SSSDConfig/sssdoptions.py:438 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:434 +#: src/config/SSSDConfig/sssdoptions.py:439 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:435 +#: src/config/SSSDConfig/sssdoptions.py:440 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:436 +#: src/config/SSSDConfig/sssdoptions.py:441 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:437 +#: src/config/SSSDConfig/sssdoptions.py:442 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:438 +#: src/config/SSSDConfig/sssdoptions.py:443 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:439 +#: src/config/SSSDConfig/sssdoptions.py:444 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:440 +#: src/config/SSSDConfig/sssdoptions.py:445 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:441 +#: src/config/SSSDConfig/sssdoptions.py:446 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:442 +#: src/config/SSSDConfig/sssdoptions.py:447 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:443 +#: src/config/SSSDConfig/sssdoptions.py:448 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:444 +#: src/config/SSSDConfig/sssdoptions.py:449 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:445 +#: src/config/SSSDConfig/sssdoptions.py:450 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:446 +#: src/config/SSSDConfig/sssdoptions.py:451 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:447 +#: src/config/SSSDConfig/sssdoptions.py:452 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:448 +#: src/config/SSSDConfig/sssdoptions.py:453 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:449 +#: src/config/SSSDConfig/sssdoptions.py:454 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:450 +#: src/config/SSSDConfig/sssdoptions.py:455 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:451 +#: src/config/SSSDConfig/sssdoptions.py:456 msgid "attribute containing the passkey mapping data of the user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:452 +#: src/config/SSSDConfig/sssdoptions.py:457 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:454 +#: src/config/SSSDConfig/sssdoptions.py:459 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:455 +#: src/config/SSSDConfig/sssdoptions.py:460 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:456 +#: src/config/SSSDConfig/sssdoptions.py:461 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:457 +#: src/config/SSSDConfig/sssdoptions.py:462 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:458 +#: src/config/SSSDConfig/sssdoptions.py:463 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:459 +#: src/config/SSSDConfig/sssdoptions.py:464 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:460 +#: src/config/SSSDConfig/sssdoptions.py:465 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:462 +#: src/config/SSSDConfig/sssdoptions.py:467 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:463 +#: src/config/SSSDConfig/sssdoptions.py:468 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:464 +#: src/config/SSSDConfig/sssdoptions.py:469 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:465 +#: src/config/SSSDConfig/sssdoptions.py:470 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:466 +#: src/config/SSSDConfig/sssdoptions.py:471 msgid "Filter for group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:467 +#: src/config/SSSDConfig/sssdoptions.py:472 msgid "Scope of group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:469 +#: src/config/SSSDConfig/sssdoptions.py:474 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:470 +#: src/config/SSSDConfig/sssdoptions.py:475 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:471 +#: src/config/SSSDConfig/sssdoptions.py:476 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:472 +#: src/config/SSSDConfig/sssdoptions.py:477 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:473 +#: src/config/SSSDConfig/sssdoptions.py:478 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:474 +#: src/config/SSSDConfig/sssdoptions.py:479 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:476 +#: src/config/SSSDConfig/sssdoptions.py:481 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:477 +#: src/config/SSSDConfig/sssdoptions.py:482 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:478 +#: src/config/SSSDConfig/sssdoptions.py:483 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:479 +#: src/config/SSSDConfig/sssdoptions.py:484 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:480 +#: src/config/SSSDConfig/sssdoptions.py:485 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:482 +#: src/config/SSSDConfig/sssdoptions.py:487 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:483 +#: src/config/SSSDConfig/sssdoptions.py:488 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:484 +#: src/config/SSSDConfig/sssdoptions.py:489 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:485 +#: src/config/SSSDConfig/sssdoptions.py:490 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:486 +#: src/config/SSSDConfig/sssdoptions.py:491 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:487 +#: src/config/SSSDConfig/sssdoptions.py:492 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:488 +#: src/config/SSSDConfig/sssdoptions.py:493 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:490 +#: src/config/SSSDConfig/sssdoptions.py:495 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:491 +#: src/config/SSSDConfig/sssdoptions.py:496 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:492 +#: src/config/SSSDConfig/sssdoptions.py:497 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:493 +#: src/config/SSSDConfig/sssdoptions.py:498 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:494 +#: src/config/SSSDConfig/sssdoptions.py:499 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:495 +#: src/config/SSSDConfig/sssdoptions.py:500 msgid "Set libldap debug level" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:498 +#: src/config/SSSDConfig/sssdoptions.py:503 msgid "Policy to evaluate the password expiration" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:502 +#: src/config/SSSDConfig/sssdoptions.py:507 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:506 +#: src/config/SSSDConfig/sssdoptions.py:511 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:507 +#: src/config/SSSDConfig/sssdoptions.py:512 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:508 +#: src/config/SSSDConfig/sssdoptions.py:513 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:509 +#: src/config/SSSDConfig/sssdoptions.py:514 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:513 +#: src/config/SSSDConfig/sssdoptions.py:518 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:514 +#: src/config/SSSDConfig/sssdoptions.py:519 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:515 +#: src/config/SSSDConfig/sssdoptions.py:520 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:516 +#: src/config/SSSDConfig/sssdoptions.py:521 msgid "Smart and full refresh random offset" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:517 +#: src/config/SSSDConfig/sssdoptions.py:522 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:518 +#: src/config/SSSDConfig/sssdoptions.py:523 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:519 +#: src/config/SSSDConfig/sssdoptions.py:524 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:520 +#: src/config/SSSDConfig/sssdoptions.py:525 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:521 +#: src/config/SSSDConfig/sssdoptions.py:526 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:522 +#: src/config/SSSDConfig/sssdoptions.py:527 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:523 +#: src/config/SSSDConfig/sssdoptions.py:528 msgid "Name of attribute that is used as object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:524 +#: src/config/SSSDConfig/sssdoptions.py:529 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:525 +#: src/config/SSSDConfig/sssdoptions.py:530 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:526 +#: src/config/SSSDConfig/sssdoptions.py:531 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:527 +#: src/config/SSSDConfig/sssdoptions.py:532 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:528 +#: src/config/SSSDConfig/sssdoptions.py:533 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:529 +#: src/config/SSSDConfig/sssdoptions.py:534 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:530 +#: src/config/SSSDConfig/sssdoptions.py:535 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:531 +#: src/config/SSSDConfig/sssdoptions.py:536 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:532 +#: src/config/SSSDConfig/sssdoptions.py:537 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:533 +#: src/config/SSSDConfig/sssdoptions.py:538 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:534 +#: src/config/SSSDConfig/sssdoptions.py:539 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:537 +#: src/config/SSSDConfig/sssdoptions.py:542 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:538 +#: src/config/SSSDConfig/sssdoptions.py:543 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:539 +#: src/config/SSSDConfig/sssdoptions.py:544 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:540 +#: src/config/SSSDConfig/sssdoptions.py:545 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:541 +#: src/config/SSSDConfig/sssdoptions.py:546 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:542 +#: src/config/SSSDConfig/sssdoptions.py:547 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:543 +#: src/config/SSSDConfig/sssdoptions.py:548 msgid "The name of the automount master map in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:546 +#: src/config/SSSDConfig/sssdoptions.py:551 msgid "Base DN for IP hosts lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:547 +#: src/config/SSSDConfig/sssdoptions.py:552 msgid "Object class for IP hosts" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:548 +#: src/config/SSSDConfig/sssdoptions.py:553 msgid "IP host name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:549 +#: src/config/SSSDConfig/sssdoptions.py:554 msgid "IP host number (address) attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:550 +#: src/config/SSSDConfig/sssdoptions.py:555 msgid "IP host entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:551 +#: src/config/SSSDConfig/sssdoptions.py:556 msgid "Base DN for IP networks lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:552 +#: src/config/SSSDConfig/sssdoptions.py:557 msgid "Object class for IP networks" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:553 +#: src/config/SSSDConfig/sssdoptions.py:558 msgid "IP network name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:554 +#: src/config/SSSDConfig/sssdoptions.py:559 msgid "IP network number (address) attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:555 +#: src/config/SSSDConfig/sssdoptions.py:560 msgid "IP network entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:558 +#: src/config/SSSDConfig/sssdoptions.py:563 msgid "Comma separated list of allowed users" msgstr "Daftar pengguna yang diijinkan dalam format yang dipisahkan koma" -#: src/config/SSSDConfig/sssdoptions.py:559 +#: src/config/SSSDConfig/sssdoptions.py:564 msgid "Comma separated list of prohibited users" msgstr "Daftar pengguna yang tidak diijinkan dalam format yang dipisahkan koma" -#: src/config/SSSDConfig/sssdoptions.py:560 +#: src/config/SSSDConfig/sssdoptions.py:565 msgid "" "Comma separated list of groups that are allowed to log in. This applies only " "to groups within this SSSD domain. Local groups are not evaluated." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:562 +#: src/config/SSSDConfig/sssdoptions.py:567 msgid "" "Comma separated list of groups that are explicitly denied access. This " "applies only to groups within this SSSD domain. Local groups are not " "evaluated." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:566 +#: src/config/SSSDConfig/sssdoptions.py:571 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:569 +#: src/config/SSSDConfig/sssdoptions.py:574 msgid "The name of the NSS library to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:570 +#: src/config/SSSDConfig/sssdoptions.py:575 msgid "The name of the NSS library to use for hosts and networks lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:571 +#: src/config/SSSDConfig/sssdoptions.py:576 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:574 +#: src/config/SSSDConfig/sssdoptions.py:579 msgid "PAM stack to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:577 +#: src/config/SSSDConfig/sssdoptions.py:582 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:578 +#: src/config/SSSDConfig/sssdoptions.py:583 msgid "Path of group file sources." msgstr "" @@ -1897,76 +1916,72 @@ msgstr "" msgid "Can't read config: '%s'\n" msgstr "" -#: src/monitor/monitor.c:1953 +#: src/monitor/monitor.c:1956 #, c-format msgid "Failed to boostrap SSSD 'monitor' process: %s" msgstr "" -#: src/monitor/monitor.c:2050 +#: src/monitor/monitor.c:2053 msgid "Out of memory\n" msgstr "Kehabisan memori\n" -#: src/providers/krb5/krb5_child.c:4145 src/providers/ldap/ldap_child.c:994 -msgid "Allow core dumps" +#: src/providers/krb5/krb5_child.c:4113 src/providers/ldap/ldap_child.c:995 +msgid "Ignored, /proc/sys/fs/suid_dumpable setting is in force" msgstr "" -#: src/providers/krb5/krb5_child.c:4147 src/providers/ldap/ldap_child.c:996 -msgid "An open file descriptor for the debug logs" -msgstr "" - -#: src/providers/krb5/krb5_child.c:4150 -msgid "The user to create FAST ccache as" +#: src/providers/krb5/krb5_child.c:4115 src/providers/ldap/ldap_child.c:997 +msgid "Enable debug backtrace" msgstr "" -#: src/providers/krb5/krb5_child.c:4152 -msgid "The group to create FAST ccache as" +#: src/providers/krb5/krb5_child.c:4117 src/providers/ldap/ldap_child.c:999 +msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:4154 +#: src/providers/krb5/krb5_child.c:4120 msgid "Use anonymous PKINIT to request FAST armor ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:4156 +#: src/providers/krb5/krb5_child.c:4122 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:4158 +#: src/providers/krb5/krb5_child.c:4124 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:4160 +#: src/providers/krb5/krb5_child.c:4126 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:4162 +#: src/providers/krb5/krb5_child.c:4128 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:4165 +#: src/providers/krb5/krb5_child.c:4131 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:4167 +#: src/providers/krb5/krb5_child.c:4133 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/krb5/krb5_child.c:4169 +#: src/providers/krb5/krb5_child.c:4135 msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/krb5/krb5_child.c:4171 +#: src/providers/krb5/krb5_child.c:4137 msgid "Tevent chain ID used for logging purposes" msgstr "" -#: src/providers/krb5/krb5_child.c:4173 +#: src/providers/krb5/krb5_child.c:4139 msgid "Check PAC flags" msgstr "" -#: src/providers/krb5/krb5_child.c:4217 src/providers/ldap/ldap_child.c:1022 +#: src/providers/krb5/krb5_child.c:4187 src/providers/ldap/ldap_child.c:1029 msgid "talloc_asprintf failed.\n" msgstr "" -#: src/providers/krb5/krb5_child.c:4227 src/providers/ldap/ldap_child.c:1031 +#: src/providers/krb5/krb5_child.c:4197 src/providers/ldap/ldap_child.c:1038 msgid "set_debug_file_from_fd failed.\n" msgstr "" @@ -2130,7 +2145,7 @@ msgstr "" msgid "Current Password: " msgstr "Kata sandi saat ini:" -#: src/sss_client/pam_sss.c:3147 +#: src/sss_client/pam_sss.c:3150 msgid "Password expired. Change your password now." msgstr "" @@ -2795,24 +2810,28 @@ msgstr "" #: src/tools/sssctl/sssctl_config.c:120 #, c-format -msgid "Failed to read '%s': %s\n" +msgid "Configuration validation failed: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_config.c:129 +#: src/tools/sssctl/sssctl_config.c:121 +msgid "Run with high debug level to see details.\n" +msgstr "" + +#: src/tools/sssctl/sssctl_config.c:130 msgid "Failed to run validators" msgstr "" -#: src/tools/sssctl/sssctl_config.c:133 +#: src/tools/sssctl/sssctl_config.c:134 #, c-format msgid "Issues identified by validators: %zu\n" msgstr "" -#: src/tools/sssctl/sssctl_config.c:144 +#: src/tools/sssctl/sssctl_config.c:145 #, c-format msgid "Messages generated during configuration merging: %zu\n" msgstr "" -#: src/tools/sssctl/sssctl_config.c:157 +#: src/tools/sssctl/sssctl_config.c:158 #, c-format msgid "Used configuration snippet files: %zu\n" msgstr "" @@ -3304,11 +3323,11 @@ msgstr "" msgid " - no env -\n" msgstr "" -#: src/util/util.h:98 +#: src/util/util.h:91 msgid "Specify a non-default config file" msgstr "" -#: src/util/util.h:105 +#: src/util/util.h:98 msgid "Informs that the responder has been socket-activated" msgstr "" diff --git a/po/it.po b/po/it.po index 8401218cdae..6183ab1ef54 100644 --- a/po/it.po +++ b/po/it.po @@ -9,7 +9,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2024-10-15 11:45+0200\n" +"POT-Creation-Date: 2024-12-10 14:35+0100\n" "PO-Revision-Date: 2020-09-15 08:29+0000\n" "Last-Translator: Milo Casagrande \n" "Language-Team: Italian \n" "Language-Team: Japanese \n" "Language-Team: Georgian \n" "Language-Team: Korean \n" "Language-Team: Norwegian Bokmål (http://www.transifex.com/projects/p/sssd/" @@ -585,1265 +585,1283 @@ msgid "Whether to automatically update the client's DNS entry" msgstr "" #: src/config/SSSDConfig/sssdoptions.py:200 -#: src/config/SSSDConfig/sssdoptions.py:233 +msgid "" +"Whether DNS update of A and AAAA record should be performed in one update or " +"in two separate updates" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:202 +#: src/config/SSSDConfig/sssdoptions.py:238 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:201 -#: src/config/SSSDConfig/sssdoptions.py:234 +#: src/config/SSSDConfig/sssdoptions.py:203 +#: src/config/SSSDConfig/sssdoptions.py:239 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:202 +#: src/config/SSSDConfig/sssdoptions.py:204 msgid "How often to periodically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:203 +#: src/config/SSSDConfig/sssdoptions.py:205 msgid "Maximum period deviation when updating the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:204 +#: src/config/SSSDConfig/sssdoptions.py:206 msgid "Whether the provider should explicitly update the PTR record as well" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:205 +#: src/config/SSSDConfig/sssdoptions.py:207 msgid "Whether the nsupdate utility should default to using TCP" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:206 +#: src/config/SSSDConfig/sssdoptions.py:208 msgid "What kind of authentication should be used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:207 +#: src/config/SSSDConfig/sssdoptions.py:209 msgid "Override the DNS server used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:208 +#: src/config/SSSDConfig/sssdoptions.py:210 +msgid "The file of the certificate authorities certificates for DoT" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:211 +msgid "The certificate(s) file for authentication for the DoT transport" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:212 +msgid "The key file for authenticated encryption for the DoT transport" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:213 msgid "Control enumeration of trusted domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:209 +#: src/config/SSSDConfig/sssdoptions.py:214 msgid "How often should subdomains list be refreshed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:210 +#: src/config/SSSDConfig/sssdoptions.py:215 msgid "Maximum period deviation when refreshing the subdomain list" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:211 +#: src/config/SSSDConfig/sssdoptions.py:216 msgid "List of options that should be inherited into a subdomain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:212 +#: src/config/SSSDConfig/sssdoptions.py:217 msgid "Default subdomain homedir value" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:213 +#: src/config/SSSDConfig/sssdoptions.py:218 msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:214 +#: src/config/SSSDConfig/sssdoptions.py:219 msgid "Whether to automatically create private groups for users" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:215 +#: src/config/SSSDConfig/sssdoptions.py:220 msgid "Display a warning N days before the password expires." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:216 +#: src/config/SSSDConfig/sssdoptions.py:221 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:217 +#: src/config/SSSDConfig/sssdoptions.py:222 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:219 +#: src/config/SSSDConfig/sssdoptions.py:224 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:221 +#: src/config/SSSDConfig/sssdoptions.py:226 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " "(long term password) must have to be saved as SHA512 hash into the cache." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:225 +#: src/config/SSSDConfig/sssdoptions.py:230 msgid "Local authentication methods policy " msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:228 +#: src/config/SSSDConfig/sssdoptions.py:233 msgid "IPA domain" msgstr "IPA-domene" -#: src/config/SSSDConfig/sssdoptions.py:229 +#: src/config/SSSDConfig/sssdoptions.py:234 msgid "IPA server address" msgstr "IPA-tjeneradresse" -#: src/config/SSSDConfig/sssdoptions.py:230 +#: src/config/SSSDConfig/sssdoptions.py:235 msgid "Address of backup IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:231 +#: src/config/SSSDConfig/sssdoptions.py:236 msgid "IPA client hostname" msgstr "Vertsnavn for IPA-klient" -#: src/config/SSSDConfig/sssdoptions.py:232 +#: src/config/SSSDConfig/sssdoptions.py:237 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:235 +#: src/config/SSSDConfig/sssdoptions.py:240 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:236 +#: src/config/SSSDConfig/sssdoptions.py:241 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:237 +#: src/config/SSSDConfig/sssdoptions.py:242 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:239 +#: src/config/SSSDConfig/sssdoptions.py:244 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:240 +#: src/config/SSSDConfig/sssdoptions.py:245 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:241 +#: src/config/SSSDConfig/sssdoptions.py:246 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:242 +#: src/config/SSSDConfig/sssdoptions.py:247 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:243 -#: src/config/SSSDConfig/sssdoptions.py:299 +#: src/config/SSSDConfig/sssdoptions.py:248 +#: src/config/SSSDConfig/sssdoptions.py:304 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:244 +#: src/config/SSSDConfig/sssdoptions.py:249 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:245 +#: src/config/SSSDConfig/sssdoptions.py:250 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:246 +#: src/config/SSSDConfig/sssdoptions.py:251 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:247 +#: src/config/SSSDConfig/sssdoptions.py:252 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:248 +#: src/config/SSSDConfig/sssdoptions.py:253 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:249 +#: src/config/SSSDConfig/sssdoptions.py:254 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:250 +#: src/config/SSSDConfig/sssdoptions.py:255 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:251 +#: src/config/SSSDConfig/sssdoptions.py:256 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:252 +#: src/config/SSSDConfig/sssdoptions.py:257 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:254 +#: src/config/SSSDConfig/sssdoptions.py:259 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:257 +#: src/config/SSSDConfig/sssdoptions.py:262 msgid "Search base for SUBID ranges" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:258 -#: src/config/SSSDConfig/sssdoptions.py:503 +#: src/config/SSSDConfig/sssdoptions.py:263 +#: src/config/SSSDConfig/sssdoptions.py:508 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:259 +#: src/config/SSSDConfig/sssdoptions.py:264 msgid "The LDAP attribute that contains FQDN of the host." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:260 -#: src/config/SSSDConfig/sssdoptions.py:283 +#: src/config/SSSDConfig/sssdoptions.py:265 +#: src/config/SSSDConfig/sssdoptions.py:288 msgid "The object class of a host entry in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:261 +#: src/config/SSSDConfig/sssdoptions.py:266 msgid "Use the given string as search base for host objects." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:262 +#: src/config/SSSDConfig/sssdoptions.py:267 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:263 +#: src/config/SSSDConfig/sssdoptions.py:268 msgid "The LDAP attribute that contains NIS domain name of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:264 +#: src/config/SSSDConfig/sssdoptions.py:269 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:265 +#: src/config/SSSDConfig/sssdoptions.py:270 msgid "" "The LDAP attribute that lists FQDNs of hosts and host groups that are " "members of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:267 +#: src/config/SSSDConfig/sssdoptions.py:272 msgid "" "The LDAP attribute that lists hosts and host groups that are direct members " "of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:269 +#: src/config/SSSDConfig/sssdoptions.py:274 msgid "The LDAP attribute that lists netgroup's memberships." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:270 +#: src/config/SSSDConfig/sssdoptions.py:275 msgid "" "The LDAP attribute that lists system users and groups that are direct " "members of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:272 +#: src/config/SSSDConfig/sssdoptions.py:277 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:273 +#: src/config/SSSDConfig/sssdoptions.py:278 msgid "The object class of a netgroup entry in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:274 +#: src/config/SSSDConfig/sssdoptions.py:279 msgid "" "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:275 +#: src/config/SSSDConfig/sssdoptions.py:280 msgid "" "The LDAP attribute that contains whether or not is user map enabled for " "usage." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:277 +#: src/config/SSSDConfig/sssdoptions.py:282 msgid "The LDAP attribute that contains host category such as 'all'." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:278 +#: src/config/SSSDConfig/sssdoptions.py:283 msgid "" "The LDAP attribute that contains all hosts / hostgroups this rule match " "against." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:280 +#: src/config/SSSDConfig/sssdoptions.py:285 msgid "" "The LDAP attribute that contains all users / groups this rule match against." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:282 +#: src/config/SSSDConfig/sssdoptions.py:287 msgid "The LDAP attribute that contains the name of SELinux usermap." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:284 +#: src/config/SSSDConfig/sssdoptions.py:289 msgid "" "The LDAP attribute that contains DN of HBAC rule which can be used for " "matching instead of memberUser and memberHost." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:286 +#: src/config/SSSDConfig/sssdoptions.py:291 msgid "The LDAP attribute that contains SELinux user string itself." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:287 +#: src/config/SSSDConfig/sssdoptions.py:292 msgid "The LDAP attribute that contains user category such as 'all'." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:288 +#: src/config/SSSDConfig/sssdoptions.py:293 msgid "The LDAP attribute that contains unique ID of the user map." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:289 +#: src/config/SSSDConfig/sssdoptions.py:294 msgid "" "The option denotes that the SSSD is running on IPA server and should perform " "lookups of users and groups from trusted domains differently." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:291 +#: src/config/SSSDConfig/sssdoptions.py:296 msgid "Use the given string as search base for trusted domains." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:294 +#: src/config/SSSDConfig/sssdoptions.py:299 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:295 +#: src/config/SSSDConfig/sssdoptions.py:300 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:296 +#: src/config/SSSDConfig/sssdoptions.py:301 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:297 +#: src/config/SSSDConfig/sssdoptions.py:302 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:298 +#: src/config/SSSDConfig/sssdoptions.py:303 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:300 -#: src/config/SSSDConfig/sssdoptions.py:501 +#: src/config/SSSDConfig/sssdoptions.py:305 +#: src/config/SSSDConfig/sssdoptions.py:506 msgid "LDAP filter to determine access privileges" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:301 +#: src/config/SSSDConfig/sssdoptions.py:306 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:302 +#: src/config/SSSDConfig/sssdoptions.py:307 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:303 +#: src/config/SSSDConfig/sssdoptions.py:308 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:304 +#: src/config/SSSDConfig/sssdoptions.py:309 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:306 +#: src/config/SSSDConfig/sssdoptions.py:311 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:308 +#: src/config/SSSDConfig/sssdoptions.py:313 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:309 +#: src/config/SSSDConfig/sssdoptions.py:314 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:310 +#: src/config/SSSDConfig/sssdoptions.py:315 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:311 +#: src/config/SSSDConfig/sssdoptions.py:316 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:312 +#: src/config/SSSDConfig/sssdoptions.py:317 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:313 +#: src/config/SSSDConfig/sssdoptions.py:318 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:314 +#: src/config/SSSDConfig/sssdoptions.py:319 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:315 +#: src/config/SSSDConfig/sssdoptions.py:320 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:317 +#: src/config/SSSDConfig/sssdoptions.py:322 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:318 +#: src/config/SSSDConfig/sssdoptions.py:323 msgid "Whether to update the machine account password in the Samba database" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:320 +#: src/config/SSSDConfig/sssdoptions.py:325 msgid "Use LDAPS port for LDAP and Global Catalog requests" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:321 +#: src/config/SSSDConfig/sssdoptions.py:326 msgid "Do not filter domain local groups from other domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:324 -#: src/config/SSSDConfig/sssdoptions.py:325 +#: src/config/SSSDConfig/sssdoptions.py:329 +#: src/config/SSSDConfig/sssdoptions.py:330 msgid "Kerberos server address" msgstr "Tjeneradresse for Kerberos" -#: src/config/SSSDConfig/sssdoptions.py:326 +#: src/config/SSSDConfig/sssdoptions.py:331 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:327 +#: src/config/SSSDConfig/sssdoptions.py:332 msgid "Kerberos realm" msgstr "Kerberos-område" -#: src/config/SSSDConfig/sssdoptions.py:328 +#: src/config/SSSDConfig/sssdoptions.py:333 msgid "Authentication timeout" msgstr "Tidsavbrudd for autentisering" -#: src/config/SSSDConfig/sssdoptions.py:329 +#: src/config/SSSDConfig/sssdoptions.py:334 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:330 +#: src/config/SSSDConfig/sssdoptions.py:335 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:333 +#: src/config/SSSDConfig/sssdoptions.py:338 msgid "Directory to store credential caches" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:334 +#: src/config/SSSDConfig/sssdoptions.py:339 msgid "Location of the user's credential cache" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:335 +#: src/config/SSSDConfig/sssdoptions.py:340 msgid "Location of the keytab to validate credentials" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:336 +#: src/config/SSSDConfig/sssdoptions.py:341 msgid "Enable credential validation" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:337 +#: src/config/SSSDConfig/sssdoptions.py:342 msgid "Store password if offline for later online authentication" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:338 +#: src/config/SSSDConfig/sssdoptions.py:343 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:339 +#: src/config/SSSDConfig/sssdoptions.py:344 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:340 +#: src/config/SSSDConfig/sssdoptions.py:345 msgid "Time between two checks for renewal" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:341 +#: src/config/SSSDConfig/sssdoptions.py:346 msgid "Enables FAST" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:342 +#: src/config/SSSDConfig/sssdoptions.py:347 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:343 +#: src/config/SSSDConfig/sssdoptions.py:348 msgid "Use anonymous PKINIT to request FAST credentials" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:344 +#: src/config/SSSDConfig/sssdoptions.py:349 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:345 +#: src/config/SSSDConfig/sssdoptions.py:350 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:346 +#: src/config/SSSDConfig/sssdoptions.py:351 msgid "Enables using of subdomains realms for authentication" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:347 +#: src/config/SSSDConfig/sssdoptions.py:352 msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:350 -#: src/config/SSSDConfig/sssdoptions.py:351 +#: src/config/SSSDConfig/sssdoptions.py:355 +#: src/config/SSSDConfig/sssdoptions.py:356 msgid "Server where the change password service is running if not on the KDC" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:354 +#: src/config/SSSDConfig/sssdoptions.py:359 msgid "ldap_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:355 +#: src/config/SSSDConfig/sssdoptions.py:360 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:356 +#: src/config/SSSDConfig/sssdoptions.py:361 msgid "The default base DN" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:357 +#: src/config/SSSDConfig/sssdoptions.py:362 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:358 +#: src/config/SSSDConfig/sssdoptions.py:363 msgid "Mode used to change user password" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:359 +#: src/config/SSSDConfig/sssdoptions.py:364 msgid "The default bind DN" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:360 +#: src/config/SSSDConfig/sssdoptions.py:365 msgid "The type of the authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:361 +#: src/config/SSSDConfig/sssdoptions.py:366 msgid "The authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:362 +#: src/config/SSSDConfig/sssdoptions.py:367 msgid "Length of time to attempt connection" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:363 +#: src/config/SSSDConfig/sssdoptions.py:368 msgid "Length of time to attempt synchronous LDAP operations" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:364 +#: src/config/SSSDConfig/sssdoptions.py:369 msgid "Length of time between attempts to reconnect while offline" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:365 +#: src/config/SSSDConfig/sssdoptions.py:370 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:366 +#: src/config/SSSDConfig/sssdoptions.py:371 msgid "File that contains CA certificates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:367 +#: src/config/SSSDConfig/sssdoptions.py:372 msgid "Path to CA certificate directory" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:368 +#: src/config/SSSDConfig/sssdoptions.py:373 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:369 +#: src/config/SSSDConfig/sssdoptions.py:374 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:370 +#: src/config/SSSDConfig/sssdoptions.py:375 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:371 +#: src/config/SSSDConfig/sssdoptions.py:376 msgid "Require TLS certificate verification" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:372 +#: src/config/SSSDConfig/sssdoptions.py:377 msgid "Specify the sasl mechanism to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:373 +#: src/config/SSSDConfig/sssdoptions.py:378 msgid "Specify the sasl authorization id to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:374 +#: src/config/SSSDConfig/sssdoptions.py:379 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:375 +#: src/config/SSSDConfig/sssdoptions.py:380 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:376 +#: src/config/SSSDConfig/sssdoptions.py:381 msgid "Specify the maximal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:377 +#: src/config/SSSDConfig/sssdoptions.py:382 msgid "Kerberos service keytab" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:378 +#: src/config/SSSDConfig/sssdoptions.py:383 msgid "Use Kerberos auth for LDAP connection" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:379 +#: src/config/SSSDConfig/sssdoptions.py:384 msgid "Follow LDAP referrals" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:380 +#: src/config/SSSDConfig/sssdoptions.py:385 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:381 +#: src/config/SSSDConfig/sssdoptions.py:386 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:382 +#: src/config/SSSDConfig/sssdoptions.py:387 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:383 +#: src/config/SSSDConfig/sssdoptions.py:388 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:384 +#: src/config/SSSDConfig/sssdoptions.py:389 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:385 +#: src/config/SSSDConfig/sssdoptions.py:390 msgid "Ignore unreadable LDAP references" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:386 +#: src/config/SSSDConfig/sssdoptions.py:391 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:388 +#: src/config/SSSDConfig/sssdoptions.py:393 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:391 +#: src/config/SSSDConfig/sssdoptions.py:396 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:392 +#: src/config/SSSDConfig/sssdoptions.py:397 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:394 +#: src/config/SSSDConfig/sssdoptions.py:399 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:397 +#: src/config/SSSDConfig/sssdoptions.py:402 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:398 +#: src/config/SSSDConfig/sssdoptions.py:403 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:399 +#: src/config/SSSDConfig/sssdoptions.py:404 msgid "Use the ppolicy extension" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:400 +#: src/config/SSSDConfig/sssdoptions.py:405 msgid "" "Force a password change when remaining grace logins reach or go below this " "threshold" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:403 +#: src/config/SSSDConfig/sssdoptions.py:408 msgid "Length of time to wait for a search request" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:404 +#: src/config/SSSDConfig/sssdoptions.py:409 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:405 +#: src/config/SSSDConfig/sssdoptions.py:410 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:406 +#: src/config/SSSDConfig/sssdoptions.py:411 msgid "Maximum period deviation between enumeration updates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:407 +#: src/config/SSSDConfig/sssdoptions.py:412 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:408 +#: src/config/SSSDConfig/sssdoptions.py:413 msgid "Maximum time deviation between cache cleanups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:409 +#: src/config/SSSDConfig/sssdoptions.py:414 msgid "Require TLS for ID lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:410 +#: src/config/SSSDConfig/sssdoptions.py:415 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:411 +#: src/config/SSSDConfig/sssdoptions.py:416 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:412 +#: src/config/SSSDConfig/sssdoptions.py:417 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:413 +#: src/config/SSSDConfig/sssdoptions.py:418 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:414 +#: src/config/SSSDConfig/sssdoptions.py:419 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:415 +#: src/config/SSSDConfig/sssdoptions.py:420 msgid "Username attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:416 +#: src/config/SSSDConfig/sssdoptions.py:421 msgid "UID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:417 +#: src/config/SSSDConfig/sssdoptions.py:422 msgid "Primary GID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:418 +#: src/config/SSSDConfig/sssdoptions.py:423 msgid "GECOS attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:419 +#: src/config/SSSDConfig/sssdoptions.py:424 msgid "Home directory attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:420 +#: src/config/SSSDConfig/sssdoptions.py:425 msgid "Shell attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:421 +#: src/config/SSSDConfig/sssdoptions.py:426 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:422 -#: src/config/SSSDConfig/sssdoptions.py:461 +#: src/config/SSSDConfig/sssdoptions.py:427 +#: src/config/SSSDConfig/sssdoptions.py:466 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:423 +#: src/config/SSSDConfig/sssdoptions.py:428 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:424 +#: src/config/SSSDConfig/sssdoptions.py:429 msgid "User principal attribute (for Kerberos)" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:425 +#: src/config/SSSDConfig/sssdoptions.py:430 msgid "Full Name" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:426 +#: src/config/SSSDConfig/sssdoptions.py:431 msgid "memberOf attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:427 +#: src/config/SSSDConfig/sssdoptions.py:432 msgid "Modification time attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:428 +#: src/config/SSSDConfig/sssdoptions.py:433 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:429 +#: src/config/SSSDConfig/sssdoptions.py:434 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:430 +#: src/config/SSSDConfig/sssdoptions.py:435 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:431 +#: src/config/SSSDConfig/sssdoptions.py:436 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:432 +#: src/config/SSSDConfig/sssdoptions.py:437 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:433 +#: src/config/SSSDConfig/sssdoptions.py:438 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:434 +#: src/config/SSSDConfig/sssdoptions.py:439 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:435 +#: src/config/SSSDConfig/sssdoptions.py:440 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:436 +#: src/config/SSSDConfig/sssdoptions.py:441 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:437 +#: src/config/SSSDConfig/sssdoptions.py:442 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:438 +#: src/config/SSSDConfig/sssdoptions.py:443 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:439 +#: src/config/SSSDConfig/sssdoptions.py:444 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:440 +#: src/config/SSSDConfig/sssdoptions.py:445 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:441 +#: src/config/SSSDConfig/sssdoptions.py:446 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:442 +#: src/config/SSSDConfig/sssdoptions.py:447 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:443 +#: src/config/SSSDConfig/sssdoptions.py:448 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:444 +#: src/config/SSSDConfig/sssdoptions.py:449 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:445 +#: src/config/SSSDConfig/sssdoptions.py:450 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:446 +#: src/config/SSSDConfig/sssdoptions.py:451 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:447 +#: src/config/SSSDConfig/sssdoptions.py:452 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:448 +#: src/config/SSSDConfig/sssdoptions.py:453 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:449 +#: src/config/SSSDConfig/sssdoptions.py:454 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:450 +#: src/config/SSSDConfig/sssdoptions.py:455 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:451 +#: src/config/SSSDConfig/sssdoptions.py:456 msgid "attribute containing the passkey mapping data of the user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:452 +#: src/config/SSSDConfig/sssdoptions.py:457 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:454 +#: src/config/SSSDConfig/sssdoptions.py:459 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:455 +#: src/config/SSSDConfig/sssdoptions.py:460 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:456 +#: src/config/SSSDConfig/sssdoptions.py:461 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:457 +#: src/config/SSSDConfig/sssdoptions.py:462 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:458 +#: src/config/SSSDConfig/sssdoptions.py:463 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:459 +#: src/config/SSSDConfig/sssdoptions.py:464 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:460 +#: src/config/SSSDConfig/sssdoptions.py:465 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:462 +#: src/config/SSSDConfig/sssdoptions.py:467 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:463 +#: src/config/SSSDConfig/sssdoptions.py:468 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:464 +#: src/config/SSSDConfig/sssdoptions.py:469 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:465 +#: src/config/SSSDConfig/sssdoptions.py:470 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:466 +#: src/config/SSSDConfig/sssdoptions.py:471 msgid "Filter for group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:467 +#: src/config/SSSDConfig/sssdoptions.py:472 msgid "Scope of group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:469 +#: src/config/SSSDConfig/sssdoptions.py:474 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:470 +#: src/config/SSSDConfig/sssdoptions.py:475 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:471 +#: src/config/SSSDConfig/sssdoptions.py:476 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:472 +#: src/config/SSSDConfig/sssdoptions.py:477 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:473 +#: src/config/SSSDConfig/sssdoptions.py:478 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:474 +#: src/config/SSSDConfig/sssdoptions.py:479 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:476 +#: src/config/SSSDConfig/sssdoptions.py:481 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:477 +#: src/config/SSSDConfig/sssdoptions.py:482 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:478 +#: src/config/SSSDConfig/sssdoptions.py:483 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:479 +#: src/config/SSSDConfig/sssdoptions.py:484 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:480 +#: src/config/SSSDConfig/sssdoptions.py:485 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:482 +#: src/config/SSSDConfig/sssdoptions.py:487 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:483 +#: src/config/SSSDConfig/sssdoptions.py:488 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:484 +#: src/config/SSSDConfig/sssdoptions.py:489 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:485 +#: src/config/SSSDConfig/sssdoptions.py:490 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:486 +#: src/config/SSSDConfig/sssdoptions.py:491 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:487 +#: src/config/SSSDConfig/sssdoptions.py:492 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:488 +#: src/config/SSSDConfig/sssdoptions.py:493 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:490 +#: src/config/SSSDConfig/sssdoptions.py:495 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:491 +#: src/config/SSSDConfig/sssdoptions.py:496 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:492 +#: src/config/SSSDConfig/sssdoptions.py:497 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:493 +#: src/config/SSSDConfig/sssdoptions.py:498 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:494 +#: src/config/SSSDConfig/sssdoptions.py:499 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:495 +#: src/config/SSSDConfig/sssdoptions.py:500 msgid "Set libldap debug level" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:498 +#: src/config/SSSDConfig/sssdoptions.py:503 msgid "Policy to evaluate the password expiration" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:502 +#: src/config/SSSDConfig/sssdoptions.py:507 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:506 +#: src/config/SSSDConfig/sssdoptions.py:511 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:507 +#: src/config/SSSDConfig/sssdoptions.py:512 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:508 +#: src/config/SSSDConfig/sssdoptions.py:513 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:509 +#: src/config/SSSDConfig/sssdoptions.py:514 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:513 +#: src/config/SSSDConfig/sssdoptions.py:518 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:514 +#: src/config/SSSDConfig/sssdoptions.py:519 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:515 +#: src/config/SSSDConfig/sssdoptions.py:520 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:516 +#: src/config/SSSDConfig/sssdoptions.py:521 msgid "Smart and full refresh random offset" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:517 +#: src/config/SSSDConfig/sssdoptions.py:522 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:518 +#: src/config/SSSDConfig/sssdoptions.py:523 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:519 +#: src/config/SSSDConfig/sssdoptions.py:524 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:520 +#: src/config/SSSDConfig/sssdoptions.py:525 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:521 +#: src/config/SSSDConfig/sssdoptions.py:526 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:522 +#: src/config/SSSDConfig/sssdoptions.py:527 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:523 +#: src/config/SSSDConfig/sssdoptions.py:528 msgid "Name of attribute that is used as object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:524 +#: src/config/SSSDConfig/sssdoptions.py:529 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:525 +#: src/config/SSSDConfig/sssdoptions.py:530 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:526 +#: src/config/SSSDConfig/sssdoptions.py:531 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:527 +#: src/config/SSSDConfig/sssdoptions.py:532 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:528 +#: src/config/SSSDConfig/sssdoptions.py:533 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:529 +#: src/config/SSSDConfig/sssdoptions.py:534 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:530 +#: src/config/SSSDConfig/sssdoptions.py:535 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:531 +#: src/config/SSSDConfig/sssdoptions.py:536 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:532 +#: src/config/SSSDConfig/sssdoptions.py:537 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:533 +#: src/config/SSSDConfig/sssdoptions.py:538 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:534 +#: src/config/SSSDConfig/sssdoptions.py:539 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:537 +#: src/config/SSSDConfig/sssdoptions.py:542 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:538 +#: src/config/SSSDConfig/sssdoptions.py:543 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:539 +#: src/config/SSSDConfig/sssdoptions.py:544 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:540 +#: src/config/SSSDConfig/sssdoptions.py:545 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:541 +#: src/config/SSSDConfig/sssdoptions.py:546 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:542 +#: src/config/SSSDConfig/sssdoptions.py:547 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:543 +#: src/config/SSSDConfig/sssdoptions.py:548 msgid "The name of the automount master map in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:546 +#: src/config/SSSDConfig/sssdoptions.py:551 msgid "Base DN for IP hosts lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:547 +#: src/config/SSSDConfig/sssdoptions.py:552 msgid "Object class for IP hosts" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:548 +#: src/config/SSSDConfig/sssdoptions.py:553 msgid "IP host name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:549 +#: src/config/SSSDConfig/sssdoptions.py:554 msgid "IP host number (address) attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:550 +#: src/config/SSSDConfig/sssdoptions.py:555 msgid "IP host entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:551 +#: src/config/SSSDConfig/sssdoptions.py:556 msgid "Base DN for IP networks lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:552 +#: src/config/SSSDConfig/sssdoptions.py:557 msgid "Object class for IP networks" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:553 +#: src/config/SSSDConfig/sssdoptions.py:558 msgid "IP network name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:554 +#: src/config/SSSDConfig/sssdoptions.py:559 msgid "IP network number (address) attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:555 +#: src/config/SSSDConfig/sssdoptions.py:560 msgid "IP network entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:558 +#: src/config/SSSDConfig/sssdoptions.py:563 msgid "Comma separated list of allowed users" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:559 +#: src/config/SSSDConfig/sssdoptions.py:564 msgid "Comma separated list of prohibited users" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:560 +#: src/config/SSSDConfig/sssdoptions.py:565 msgid "" "Comma separated list of groups that are allowed to log in. This applies only " "to groups within this SSSD domain. Local groups are not evaluated." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:562 +#: src/config/SSSDConfig/sssdoptions.py:567 msgid "" "Comma separated list of groups that are explicitly denied access. This " "applies only to groups within this SSSD domain. Local groups are not " "evaluated." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:566 +#: src/config/SSSDConfig/sssdoptions.py:571 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:569 +#: src/config/SSSDConfig/sssdoptions.py:574 msgid "The name of the NSS library to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:570 +#: src/config/SSSDConfig/sssdoptions.py:575 msgid "The name of the NSS library to use for hosts and networks lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:571 +#: src/config/SSSDConfig/sssdoptions.py:576 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:574 +#: src/config/SSSDConfig/sssdoptions.py:579 msgid "PAM stack to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:577 +#: src/config/SSSDConfig/sssdoptions.py:582 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:578 +#: src/config/SSSDConfig/sssdoptions.py:583 msgid "Path of group file sources." msgstr "" @@ -1897,76 +1915,72 @@ msgstr "" msgid "Can't read config: '%s'\n" msgstr "" -#: src/monitor/monitor.c:1953 +#: src/monitor/monitor.c:1956 #, c-format msgid "Failed to boostrap SSSD 'monitor' process: %s" msgstr "" -#: src/monitor/monitor.c:2050 +#: src/monitor/monitor.c:2053 msgid "Out of memory\n" msgstr "" -#: src/providers/krb5/krb5_child.c:4145 src/providers/ldap/ldap_child.c:994 -msgid "Allow core dumps" +#: src/providers/krb5/krb5_child.c:4113 src/providers/ldap/ldap_child.c:995 +msgid "Ignored, /proc/sys/fs/suid_dumpable setting is in force" msgstr "" -#: src/providers/krb5/krb5_child.c:4147 src/providers/ldap/ldap_child.c:996 -msgid "An open file descriptor for the debug logs" -msgstr "" - -#: src/providers/krb5/krb5_child.c:4150 -msgid "The user to create FAST ccache as" +#: src/providers/krb5/krb5_child.c:4115 src/providers/ldap/ldap_child.c:997 +msgid "Enable debug backtrace" msgstr "" -#: src/providers/krb5/krb5_child.c:4152 -msgid "The group to create FAST ccache as" +#: src/providers/krb5/krb5_child.c:4117 src/providers/ldap/ldap_child.c:999 +msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:4154 +#: src/providers/krb5/krb5_child.c:4120 msgid "Use anonymous PKINIT to request FAST armor ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:4156 +#: src/providers/krb5/krb5_child.c:4122 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:4158 +#: src/providers/krb5/krb5_child.c:4124 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:4160 +#: src/providers/krb5/krb5_child.c:4126 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:4162 +#: src/providers/krb5/krb5_child.c:4128 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:4165 +#: src/providers/krb5/krb5_child.c:4131 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:4167 +#: src/providers/krb5/krb5_child.c:4133 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/krb5/krb5_child.c:4169 +#: src/providers/krb5/krb5_child.c:4135 msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/krb5/krb5_child.c:4171 +#: src/providers/krb5/krb5_child.c:4137 msgid "Tevent chain ID used for logging purposes" msgstr "" -#: src/providers/krb5/krb5_child.c:4173 +#: src/providers/krb5/krb5_child.c:4139 msgid "Check PAC flags" msgstr "" -#: src/providers/krb5/krb5_child.c:4217 src/providers/ldap/ldap_child.c:1022 +#: src/providers/krb5/krb5_child.c:4187 src/providers/ldap/ldap_child.c:1029 msgid "talloc_asprintf failed.\n" msgstr "" -#: src/providers/krb5/krb5_child.c:4227 src/providers/ldap/ldap_child.c:1031 +#: src/providers/krb5/krb5_child.c:4197 src/providers/ldap/ldap_child.c:1038 msgid "set_debug_file_from_fd failed.\n" msgstr "" @@ -2130,7 +2144,7 @@ msgstr "" msgid "Current Password: " msgstr "" -#: src/sss_client/pam_sss.c:3147 +#: src/sss_client/pam_sss.c:3150 msgid "Password expired. Change your password now." msgstr "" @@ -2792,24 +2806,28 @@ msgstr "" #: src/tools/sssctl/sssctl_config.c:120 #, c-format -msgid "Failed to read '%s': %s\n" +msgid "Configuration validation failed: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_config.c:129 +#: src/tools/sssctl/sssctl_config.c:121 +msgid "Run with high debug level to see details.\n" +msgstr "" + +#: src/tools/sssctl/sssctl_config.c:130 msgid "Failed to run validators" msgstr "" -#: src/tools/sssctl/sssctl_config.c:133 +#: src/tools/sssctl/sssctl_config.c:134 #, c-format msgid "Issues identified by validators: %zu\n" msgstr "" -#: src/tools/sssctl/sssctl_config.c:144 +#: src/tools/sssctl/sssctl_config.c:145 #, c-format msgid "Messages generated during configuration merging: %zu\n" msgstr "" -#: src/tools/sssctl/sssctl_config.c:157 +#: src/tools/sssctl/sssctl_config.c:158 #, c-format msgid "Used configuration snippet files: %zu\n" msgstr "" @@ -3300,11 +3318,11 @@ msgstr "" msgid " - no env -\n" msgstr "" -#: src/util/util.h:98 +#: src/util/util.h:91 msgid "Specify a non-default config file" msgstr "" -#: src/util/util.h:105 +#: src/util/util.h:98 msgid "Informs that the responder has been socket-activated" msgstr "" diff --git a/po/nl.po b/po/nl.po index 2ec1c03c715..15f5333c817 100644 --- a/po/nl.po +++ b/po/nl.po @@ -13,7 +13,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2024-10-15 11:45+0200\n" +"POT-Creation-Date: 2024-12-10 14:35+0100\n" "PO-Revision-Date: 2014-12-14 11:47-0500\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Dutch (http://www.transifex.com/projects/p/sssd/language/" @@ -620,138 +620,157 @@ msgid "Whether to automatically update the client's DNS entry" msgstr "Of de DNS ingang van de cliënt automatisch vernieuwd moet worden" #: src/config/SSSDConfig/sssdoptions.py:200 -#: src/config/SSSDConfig/sssdoptions.py:233 +msgid "" +"Whether DNS update of A and AAAA record should be performed in one update or " +"in two separate updates" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:202 +#: src/config/SSSDConfig/sssdoptions.py:238 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" "De TTL die toegepast moet worden op de DNS ingang van de cliënt na het " "vernieuwen hiervan" -#: src/config/SSSDConfig/sssdoptions.py:201 -#: src/config/SSSDConfig/sssdoptions.py:234 +#: src/config/SSSDConfig/sssdoptions.py:203 +#: src/config/SSSDConfig/sssdoptions.py:239 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" "De adapter wiens IP-adres gebruikt moet worden voor het dynamisch bijwerken " "van de DNS" -#: src/config/SSSDConfig/sssdoptions.py:202 +#: src/config/SSSDConfig/sssdoptions.py:204 msgid "How often to periodically update the client's DNS entry" msgstr "Hoe vaak de DNS ingang van de client periodiek vernieuwd moet worden" -#: src/config/SSSDConfig/sssdoptions.py:203 +#: src/config/SSSDConfig/sssdoptions.py:205 #, fuzzy msgid "Maximum period deviation when updating the client's DNS entry" msgstr "Hoe vaak de DNS ingang van de client periodiek vernieuwd moet worden" -#: src/config/SSSDConfig/sssdoptions.py:204 +#: src/config/SSSDConfig/sssdoptions.py:206 msgid "Whether the provider should explicitly update the PTR record as well" msgstr "Of de provider ook de PTR record expliciet moet vernieuwen" -#: src/config/SSSDConfig/sssdoptions.py:205 +#: src/config/SSSDConfig/sssdoptions.py:207 msgid "Whether the nsupdate utility should default to using TCP" msgstr "Of het nsupdate hulpprogramma standaard TCP moet gebruiken" -#: src/config/SSSDConfig/sssdoptions.py:206 +#: src/config/SSSDConfig/sssdoptions.py:208 msgid "What kind of authentication should be used to perform the DNS update" msgstr "" "Welke soort authenticatie moet gebruikt worden om de DNS vernieuwing uit te " "voeren" -#: src/config/SSSDConfig/sssdoptions.py:207 +#: src/config/SSSDConfig/sssdoptions.py:209 msgid "Override the DNS server used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:208 +#: src/config/SSSDConfig/sssdoptions.py:210 +msgid "The file of the certificate authorities certificates for DoT" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:211 +#, fuzzy +msgid "The certificate(s) file for authentication for the DoT transport" +msgstr "Vereis verificatie van het TLS-certificaat" + +#: src/config/SSSDConfig/sssdoptions.py:212 +msgid "The key file for authenticated encryption for the DoT transport" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:213 msgid "Control enumeration of trusted domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:209 +#: src/config/SSSDConfig/sssdoptions.py:214 msgid "How often should subdomains list be refreshed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:210 +#: src/config/SSSDConfig/sssdoptions.py:215 msgid "Maximum period deviation when refreshing the subdomain list" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:211 +#: src/config/SSSDConfig/sssdoptions.py:216 msgid "List of options that should be inherited into a subdomain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:212 +#: src/config/SSSDConfig/sssdoptions.py:217 msgid "Default subdomain homedir value" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:213 +#: src/config/SSSDConfig/sssdoptions.py:218 msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:214 +#: src/config/SSSDConfig/sssdoptions.py:219 msgid "Whether to automatically create private groups for users" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:215 +#: src/config/SSSDConfig/sssdoptions.py:220 msgid "Display a warning N days before the password expires." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:216 +#: src/config/SSSDConfig/sssdoptions.py:221 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:217 +#: src/config/SSSDConfig/sssdoptions.py:222 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:219 +#: src/config/SSSDConfig/sssdoptions.py:224 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:221 +#: src/config/SSSDConfig/sssdoptions.py:226 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " "(long term password) must have to be saved as SHA512 hash into the cache." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:225 +#: src/config/SSSDConfig/sssdoptions.py:230 msgid "Local authentication methods policy " msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:228 +#: src/config/SSSDConfig/sssdoptions.py:233 msgid "IPA domain" msgstr "IPA-domein" -#: src/config/SSSDConfig/sssdoptions.py:229 +#: src/config/SSSDConfig/sssdoptions.py:234 msgid "IPA server address" msgstr "IPA-serveradres" -#: src/config/SSSDConfig/sssdoptions.py:230 +#: src/config/SSSDConfig/sssdoptions.py:235 msgid "Address of backup IPA server" msgstr "Adres van back-up IPA server" -#: src/config/SSSDConfig/sssdoptions.py:231 +#: src/config/SSSDConfig/sssdoptions.py:236 msgid "IPA client hostname" msgstr "IPA-clienthostname" -#: src/config/SSSDConfig/sssdoptions.py:232 +#: src/config/SSSDConfig/sssdoptions.py:237 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" "Of de DNS-gegevens van de client automatisch bijgewerkt moeten worden in " "FreeIPA" -#: src/config/SSSDConfig/sssdoptions.py:235 +#: src/config/SSSDConfig/sssdoptions.py:240 msgid "Search base for HBAC related objects" msgstr "Zoek basis voor HBAC gerelateerde objecten" -#: src/config/SSSDConfig/sssdoptions.py:236 +#: src/config/SSSDConfig/sssdoptions.py:241 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "De tijdsduur tussen het opzoeken van HBAC regels voor de IPA server" -#: src/config/SSSDConfig/sssdoptions.py:237 +#: src/config/SSSDConfig/sssdoptions.py:242 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" @@ -759,528 +778,528 @@ msgstr "" "De tijdsduur in seconden tussen zoekopdrachten in de SELinux mappen voor de " "IPA server" -#: src/config/SSSDConfig/sssdoptions.py:239 +#: src/config/SSSDConfig/sssdoptions.py:244 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" "Als dit op false ingesteld is, wordt het host argument gegeven door PAM " "genegeerd" -#: src/config/SSSDConfig/sssdoptions.py:240 +#: src/config/SSSDConfig/sssdoptions.py:245 msgid "The automounter location this IPA client is using" msgstr "De automounter locatie die door deze IPA client wordt gebruikt" -#: src/config/SSSDConfig/sssdoptions.py:241 +#: src/config/SSSDConfig/sssdoptions.py:246 msgid "Search base for object containing info about IPA domain" msgstr "Zoek in base voor object die info over IPA domein bevat " -#: src/config/SSSDConfig/sssdoptions.py:242 +#: src/config/SSSDConfig/sssdoptions.py:247 msgid "Search base for objects containing info about ID ranges" msgstr "Zoek in base voor objecten die info over ID bereiken bevat" -#: src/config/SSSDConfig/sssdoptions.py:243 -#: src/config/SSSDConfig/sssdoptions.py:299 +#: src/config/SSSDConfig/sssdoptions.py:248 +#: src/config/SSSDConfig/sssdoptions.py:304 msgid "Enable DNS sites - location based service discovery" msgstr "Zet DNS sites aan - locatie gebaseerde service ontdekking" -#: src/config/SSSDConfig/sssdoptions.py:244 +#: src/config/SSSDConfig/sssdoptions.py:249 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:245 +#: src/config/SSSDConfig/sssdoptions.py:250 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:246 +#: src/config/SSSDConfig/sssdoptions.py:251 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:247 +#: src/config/SSSDConfig/sssdoptions.py:252 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:248 +#: src/config/SSSDConfig/sssdoptions.py:253 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:249 +#: src/config/SSSDConfig/sssdoptions.py:254 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:250 +#: src/config/SSSDConfig/sssdoptions.py:255 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:251 +#: src/config/SSSDConfig/sssdoptions.py:256 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:252 +#: src/config/SSSDConfig/sssdoptions.py:257 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:254 +#: src/config/SSSDConfig/sssdoptions.py:259 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:257 +#: src/config/SSSDConfig/sssdoptions.py:262 #, fuzzy msgid "Search base for SUBID ranges" msgstr "Zoek basis voor HBAC gerelateerde objecten" -#: src/config/SSSDConfig/sssdoptions.py:258 -#: src/config/SSSDConfig/sssdoptions.py:503 +#: src/config/SSSDConfig/sssdoptions.py:263 +#: src/config/SSSDConfig/sssdoptions.py:508 msgid "Which rules should be used to evaluate access control" msgstr "" "Welke regels moeten gebruikt worden voor de evaluatie van toegangscontrole" -#: src/config/SSSDConfig/sssdoptions.py:259 +#: src/config/SSSDConfig/sssdoptions.py:264 msgid "The LDAP attribute that contains FQDN of the host." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:260 -#: src/config/SSSDConfig/sssdoptions.py:283 +#: src/config/SSSDConfig/sssdoptions.py:265 +#: src/config/SSSDConfig/sssdoptions.py:288 msgid "The object class of a host entry in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:261 +#: src/config/SSSDConfig/sssdoptions.py:266 msgid "Use the given string as search base for host objects." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:262 +#: src/config/SSSDConfig/sssdoptions.py:267 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:263 +#: src/config/SSSDConfig/sssdoptions.py:268 msgid "The LDAP attribute that contains NIS domain name of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:264 +#: src/config/SSSDConfig/sssdoptions.py:269 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:265 +#: src/config/SSSDConfig/sssdoptions.py:270 msgid "" "The LDAP attribute that lists FQDNs of hosts and host groups that are " "members of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:267 +#: src/config/SSSDConfig/sssdoptions.py:272 msgid "" "The LDAP attribute that lists hosts and host groups that are direct members " "of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:269 +#: src/config/SSSDConfig/sssdoptions.py:274 msgid "The LDAP attribute that lists netgroup's memberships." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:270 +#: src/config/SSSDConfig/sssdoptions.py:275 msgid "" "The LDAP attribute that lists system users and groups that are direct " "members of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:272 +#: src/config/SSSDConfig/sssdoptions.py:277 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:273 +#: src/config/SSSDConfig/sssdoptions.py:278 msgid "The object class of a netgroup entry in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:274 +#: src/config/SSSDConfig/sssdoptions.py:279 msgid "" "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:275 +#: src/config/SSSDConfig/sssdoptions.py:280 msgid "" "The LDAP attribute that contains whether or not is user map enabled for " "usage." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:277 +#: src/config/SSSDConfig/sssdoptions.py:282 msgid "The LDAP attribute that contains host category such as 'all'." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:278 +#: src/config/SSSDConfig/sssdoptions.py:283 msgid "" "The LDAP attribute that contains all hosts / hostgroups this rule match " "against." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:280 +#: src/config/SSSDConfig/sssdoptions.py:285 msgid "" "The LDAP attribute that contains all users / groups this rule match against." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:282 +#: src/config/SSSDConfig/sssdoptions.py:287 msgid "The LDAP attribute that contains the name of SELinux usermap." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:284 +#: src/config/SSSDConfig/sssdoptions.py:289 msgid "" "The LDAP attribute that contains DN of HBAC rule which can be used for " "matching instead of memberUser and memberHost." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:286 +#: src/config/SSSDConfig/sssdoptions.py:291 msgid "The LDAP attribute that contains SELinux user string itself." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:287 +#: src/config/SSSDConfig/sssdoptions.py:292 msgid "The LDAP attribute that contains user category such as 'all'." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:288 +#: src/config/SSSDConfig/sssdoptions.py:293 msgid "The LDAP attribute that contains unique ID of the user map." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:289 +#: src/config/SSSDConfig/sssdoptions.py:294 msgid "" "The option denotes that the SSSD is running on IPA server and should perform " "lookups of users and groups from trusted domains differently." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:291 +#: src/config/SSSDConfig/sssdoptions.py:296 msgid "Use the given string as search base for trusted domains." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:294 +#: src/config/SSSDConfig/sssdoptions.py:299 msgid "Active Directory domain" msgstr "Active Directory domein" -#: src/config/SSSDConfig/sssdoptions.py:295 +#: src/config/SSSDConfig/sssdoptions.py:300 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:296 +#: src/config/SSSDConfig/sssdoptions.py:301 msgid "Active Directory server address" msgstr "Active Directory server adres" -#: src/config/SSSDConfig/sssdoptions.py:297 +#: src/config/SSSDConfig/sssdoptions.py:302 msgid "Active Directory backup server address" msgstr "Active Directory back-up server adres" -#: src/config/SSSDConfig/sssdoptions.py:298 +#: src/config/SSSDConfig/sssdoptions.py:303 msgid "Active Directory client hostname" msgstr "Active Directory cliënt hostnaam" -#: src/config/SSSDConfig/sssdoptions.py:300 -#: src/config/SSSDConfig/sssdoptions.py:501 +#: src/config/SSSDConfig/sssdoptions.py:305 +#: src/config/SSSDConfig/sssdoptions.py:506 msgid "LDAP filter to determine access privileges" msgstr "LDAP-filter om toegangsprivileges mee te bepalen" -#: src/config/SSSDConfig/sssdoptions.py:301 +#: src/config/SSSDConfig/sssdoptions.py:306 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:302 +#: src/config/SSSDConfig/sssdoptions.py:307 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:303 +#: src/config/SSSDConfig/sssdoptions.py:308 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:304 +#: src/config/SSSDConfig/sssdoptions.py:309 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:306 +#: src/config/SSSDConfig/sssdoptions.py:311 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:308 +#: src/config/SSSDConfig/sssdoptions.py:313 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:309 +#: src/config/SSSDConfig/sssdoptions.py:314 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:310 +#: src/config/SSSDConfig/sssdoptions.py:315 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:311 +#: src/config/SSSDConfig/sssdoptions.py:316 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:312 +#: src/config/SSSDConfig/sssdoptions.py:317 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:313 +#: src/config/SSSDConfig/sssdoptions.py:318 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:314 +#: src/config/SSSDConfig/sssdoptions.py:319 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:315 +#: src/config/SSSDConfig/sssdoptions.py:320 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:317 +#: src/config/SSSDConfig/sssdoptions.py:322 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:318 +#: src/config/SSSDConfig/sssdoptions.py:323 msgid "Whether to update the machine account password in the Samba database" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:320 +#: src/config/SSSDConfig/sssdoptions.py:325 msgid "Use LDAPS port for LDAP and Global Catalog requests" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:321 +#: src/config/SSSDConfig/sssdoptions.py:326 msgid "Do not filter domain local groups from other domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:324 -#: src/config/SSSDConfig/sssdoptions.py:325 +#: src/config/SSSDConfig/sssdoptions.py:329 +#: src/config/SSSDConfig/sssdoptions.py:330 msgid "Kerberos server address" msgstr "Kerberos-serveradres" -#: src/config/SSSDConfig/sssdoptions.py:326 +#: src/config/SSSDConfig/sssdoptions.py:331 msgid "Kerberos backup server address" msgstr "Kerberos back-up server adres" -#: src/config/SSSDConfig/sssdoptions.py:327 +#: src/config/SSSDConfig/sssdoptions.py:332 msgid "Kerberos realm" msgstr "Kerberos-rijk" -#: src/config/SSSDConfig/sssdoptions.py:328 +#: src/config/SSSDConfig/sssdoptions.py:333 msgid "Authentication timeout" msgstr "Authenticatie timeout" -#: src/config/SSSDConfig/sssdoptions.py:329 +#: src/config/SSSDConfig/sssdoptions.py:334 msgid "Whether to create kdcinfo files" msgstr "Moeten kdcinfo bestanden aangemaakt worden" -#: src/config/SSSDConfig/sssdoptions.py:330 +#: src/config/SSSDConfig/sssdoptions.py:335 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:333 +#: src/config/SSSDConfig/sssdoptions.py:338 msgid "Directory to store credential caches" msgstr "Werkmap waar authenticatiegegevens opgeslagen worden" -#: src/config/SSSDConfig/sssdoptions.py:334 +#: src/config/SSSDConfig/sssdoptions.py:339 msgid "Location of the user's credential cache" msgstr "Locatie van de authenticatiecache van de gebruiker" -#: src/config/SSSDConfig/sssdoptions.py:335 +#: src/config/SSSDConfig/sssdoptions.py:340 msgid "Location of the keytab to validate credentials" msgstr "Locatie van de keytab om authenticatiegegevens te valideren" -#: src/config/SSSDConfig/sssdoptions.py:336 +#: src/config/SSSDConfig/sssdoptions.py:341 msgid "Enable credential validation" msgstr "Schakel authenticatiegegevensvalidatie in" -#: src/config/SSSDConfig/sssdoptions.py:337 +#: src/config/SSSDConfig/sssdoptions.py:342 msgid "Store password if offline for later online authentication" msgstr "" "Sla het wachtwoord op indien offline voor later gebruik bij online " "authenticatie" -#: src/config/SSSDConfig/sssdoptions.py:338 +#: src/config/SSSDConfig/sssdoptions.py:343 msgid "Renewable lifetime of the TGT" msgstr "Vernieuwbare levensduur van de TGT" -#: src/config/SSSDConfig/sssdoptions.py:339 +#: src/config/SSSDConfig/sssdoptions.py:344 msgid "Lifetime of the TGT" msgstr "Levensduur van de TGT" -#: src/config/SSSDConfig/sssdoptions.py:340 +#: src/config/SSSDConfig/sssdoptions.py:345 msgid "Time between two checks for renewal" msgstr "Tijd tussen twee checks voor vernieuwing" -#: src/config/SSSDConfig/sssdoptions.py:341 +#: src/config/SSSDConfig/sssdoptions.py:346 msgid "Enables FAST" msgstr "Zet FAST aan" -#: src/config/SSSDConfig/sssdoptions.py:342 +#: src/config/SSSDConfig/sssdoptions.py:347 msgid "Selects the principal to use for FAST" msgstr "Selecteert de hoofdpersoon te gebruiken voor FAST " -#: src/config/SSSDConfig/sssdoptions.py:343 +#: src/config/SSSDConfig/sssdoptions.py:348 msgid "Use anonymous PKINIT to request FAST credentials" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:344 +#: src/config/SSSDConfig/sssdoptions.py:349 msgid "Enables principal canonicalization" msgstr "Zet hoofdpersoon sanctioneren aan" -#: src/config/SSSDConfig/sssdoptions.py:345 +#: src/config/SSSDConfig/sssdoptions.py:350 msgid "Enables enterprise principals" msgstr "Zet enterprise principals aan" -#: src/config/SSSDConfig/sssdoptions.py:346 +#: src/config/SSSDConfig/sssdoptions.py:351 msgid "Enables using of subdomains realms for authentication" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:347 +#: src/config/SSSDConfig/sssdoptions.py:352 msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:350 -#: src/config/SSSDConfig/sssdoptions.py:351 +#: src/config/SSSDConfig/sssdoptions.py:355 +#: src/config/SSSDConfig/sssdoptions.py:356 msgid "Server where the change password service is running if not on the KDC" msgstr "" "Server waar het wachtwoord wijzigingsservice draait indien niet op de KDC" -#: src/config/SSSDConfig/sssdoptions.py:354 +#: src/config/SSSDConfig/sssdoptions.py:359 msgid "ldap_uri, The URI of the LDAP server" msgstr "ldap_uri, de URI van de LDAP server" -#: src/config/SSSDConfig/sssdoptions.py:355 +#: src/config/SSSDConfig/sssdoptions.py:360 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "ldap_backup_uri, De URI van de LDAP server" -#: src/config/SSSDConfig/sssdoptions.py:356 +#: src/config/SSSDConfig/sssdoptions.py:361 msgid "The default base DN" msgstr "De standaard base DN" -#: src/config/SSSDConfig/sssdoptions.py:357 +#: src/config/SSSDConfig/sssdoptions.py:362 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "Het schema type wat gebruikt wordt op de LDAP server, rfc2307" -#: src/config/SSSDConfig/sssdoptions.py:358 +#: src/config/SSSDConfig/sssdoptions.py:363 msgid "Mode used to change user password" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:359 +#: src/config/SSSDConfig/sssdoptions.py:364 msgid "The default bind DN" msgstr "De standaard bind DN" -#: src/config/SSSDConfig/sssdoptions.py:360 +#: src/config/SSSDConfig/sssdoptions.py:365 msgid "The type of the authentication token of the default bind DN" msgstr "Het type authenticatietoken van de standaard bind DN" -#: src/config/SSSDConfig/sssdoptions.py:361 +#: src/config/SSSDConfig/sssdoptions.py:366 msgid "The authentication token of the default bind DN" msgstr "Het authenticatietoken van de standaard bind DN" -#: src/config/SSSDConfig/sssdoptions.py:362 +#: src/config/SSSDConfig/sssdoptions.py:367 msgid "Length of time to attempt connection" msgstr "Hoe lang pogen te verbinden" -#: src/config/SSSDConfig/sssdoptions.py:363 +#: src/config/SSSDConfig/sssdoptions.py:368 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Hoe lang proberen synchroon LDAP te benaderen" -#: src/config/SSSDConfig/sssdoptions.py:364 +#: src/config/SSSDConfig/sssdoptions.py:369 msgid "Length of time between attempts to reconnect while offline" msgstr "" "Duur tussen pogingen om de verbinding opnieuw tot stand te brengen tijdens " "offline zijn" -#: src/config/SSSDConfig/sssdoptions.py:365 +#: src/config/SSSDConfig/sssdoptions.py:370 msgid "Use only the upper case for realm names" msgstr "Gebruik alleen hoofdletters voor gebiedsnamen" -#: src/config/SSSDConfig/sssdoptions.py:366 +#: src/config/SSSDConfig/sssdoptions.py:371 msgid "File that contains CA certificates" msgstr "Bestand dat de bekende CA-certificaten bevat" -#: src/config/SSSDConfig/sssdoptions.py:367 +#: src/config/SSSDConfig/sssdoptions.py:372 msgid "Path to CA certificate directory" msgstr "Pad naar de CA-certificatenmap" -#: src/config/SSSDConfig/sssdoptions.py:368 +#: src/config/SSSDConfig/sssdoptions.py:373 msgid "File that contains the client certificate" msgstr "Bestand dat het client certificaat bevat" -#: src/config/SSSDConfig/sssdoptions.py:369 +#: src/config/SSSDConfig/sssdoptions.py:374 msgid "File that contains the client key" msgstr "Bestand dat de client sleutel bevat" -#: src/config/SSSDConfig/sssdoptions.py:370 +#: src/config/SSSDConfig/sssdoptions.py:375 msgid "List of possible ciphers suites" msgstr "Lijst van mogelijke sleutel suites" -#: src/config/SSSDConfig/sssdoptions.py:371 +#: src/config/SSSDConfig/sssdoptions.py:376 msgid "Require TLS certificate verification" msgstr "Vereis verificatie van het TLS-certificaat" -#: src/config/SSSDConfig/sssdoptions.py:372 +#: src/config/SSSDConfig/sssdoptions.py:377 msgid "Specify the sasl mechanism to use" msgstr "Geef het SASL-mechanisme op wat gebruikt moet worden" -#: src/config/SSSDConfig/sssdoptions.py:373 +#: src/config/SSSDConfig/sssdoptions.py:378 msgid "Specify the sasl authorization id to use" msgstr "Geef het SASL-authorisatie-ID op wat gebruikt moet worden" -#: src/config/SSSDConfig/sssdoptions.py:374 +#: src/config/SSSDConfig/sssdoptions.py:379 msgid "Specify the sasl authorization realm to use" msgstr "Specificeer het te gebruiken sasl autorisatiegebied " -#: src/config/SSSDConfig/sssdoptions.py:375 +#: src/config/SSSDConfig/sssdoptions.py:380 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "Specificeer de minimale SSF voor LDAP sasl autorisatie" -#: src/config/SSSDConfig/sssdoptions.py:376 +#: src/config/SSSDConfig/sssdoptions.py:381 msgid "Specify the maximal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:377 +#: src/config/SSSDConfig/sssdoptions.py:382 msgid "Kerberos service keytab" msgstr "Kerberos service keytab" -#: src/config/SSSDConfig/sssdoptions.py:378 +#: src/config/SSSDConfig/sssdoptions.py:383 msgid "Use Kerberos auth for LDAP connection" msgstr "Gebruik Kerberos authenticatie voor LDAP-connectie" -#: src/config/SSSDConfig/sssdoptions.py:379 +#: src/config/SSSDConfig/sssdoptions.py:384 msgid "Follow LDAP referrals" msgstr "Volg LDAP-doorverwijzingen" -#: src/config/SSSDConfig/sssdoptions.py:380 +#: src/config/SSSDConfig/sssdoptions.py:385 msgid "Lifetime of TGT for LDAP connection" msgstr "Levensduur van TGT voor LDAP-connectie" -#: src/config/SSSDConfig/sssdoptions.py:381 +#: src/config/SSSDConfig/sssdoptions.py:386 msgid "How to dereference aliases" msgstr "Hoe moet de alias referentie verwijderd worden" -#: src/config/SSSDConfig/sssdoptions.py:382 +#: src/config/SSSDConfig/sssdoptions.py:387 msgid "Service name for DNS service lookups" msgstr "Service naam voor DNS service opzoeken" -#: src/config/SSSDConfig/sssdoptions.py:383 +#: src/config/SSSDConfig/sssdoptions.py:388 msgid "The number of records to retrieve in a single LDAP query" msgstr "" "Het aantal records dat opgehaald moet worden met een enkele LDAP bevraging" -#: src/config/SSSDConfig/sssdoptions.py:384 +#: src/config/SSSDConfig/sssdoptions.py:389 msgid "The number of members that must be missing to trigger a full deref" msgstr "" "Het aantal leden van moet ontbreken om een volledige de-referentie te " "veroorzaken" -#: src/config/SSSDConfig/sssdoptions.py:385 +#: src/config/SSSDConfig/sssdoptions.py:390 msgid "Ignore unreadable LDAP references" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:386 +#: src/config/SSSDConfig/sssdoptions.py:391 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" @@ -1288,419 +1307,419 @@ msgstr "" "Moet de LDAP bibliotheek omgekeerd opzoeken uitvoeren om de hostnaam te " "autoriseren tijdens een SASL binding" -#: src/config/SSSDConfig/sssdoptions.py:388 +#: src/config/SSSDConfig/sssdoptions.py:393 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:391 +#: src/config/SSSDConfig/sssdoptions.py:396 msgid "entryUSN attribute" msgstr "entryUSN attribuut" -#: src/config/SSSDConfig/sssdoptions.py:392 +#: src/config/SSSDConfig/sssdoptions.py:397 msgid "lastUSN attribute" msgstr "lastUSN attribuut" -#: src/config/SSSDConfig/sssdoptions.py:394 +#: src/config/SSSDConfig/sssdoptions.py:399 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" "Hoe lang een verbinding met de LDAP server gebouden moet blijven voordat het " "losgekoppeld wordt" -#: src/config/SSSDConfig/sssdoptions.py:397 +#: src/config/SSSDConfig/sssdoptions.py:402 msgid "Disable the LDAP paging control" msgstr "Het LDAP paging besturingselement uitschakelen" -#: src/config/SSSDConfig/sssdoptions.py:398 +#: src/config/SSSDConfig/sssdoptions.py:403 msgid "Disable Active Directory range retrieval" msgstr "Zet Active Directory bereik opvragen uit" -#: src/config/SSSDConfig/sssdoptions.py:399 +#: src/config/SSSDConfig/sssdoptions.py:404 msgid "Use the ppolicy extension" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:400 +#: src/config/SSSDConfig/sssdoptions.py:405 msgid "" "Force a password change when remaining grace logins reach or go below this " "threshold" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:403 +#: src/config/SSSDConfig/sssdoptions.py:408 msgid "Length of time to wait for a search request" msgstr "Tijd om te wachten op een zoekopdracht" -#: src/config/SSSDConfig/sssdoptions.py:404 +#: src/config/SSSDConfig/sssdoptions.py:409 msgid "Length of time to wait for a enumeration request" msgstr "Tijdsduur te wachten voor een opsommingsverzoek" -#: src/config/SSSDConfig/sssdoptions.py:405 +#: src/config/SSSDConfig/sssdoptions.py:410 msgid "Length of time between enumeration updates" msgstr "Tijd om te wachten tussen enumeratie-updates" -#: src/config/SSSDConfig/sssdoptions.py:406 +#: src/config/SSSDConfig/sssdoptions.py:411 #, fuzzy msgid "Maximum period deviation between enumeration updates" msgstr "Tijd om te wachten tussen enumeratie-updates" -#: src/config/SSSDConfig/sssdoptions.py:407 +#: src/config/SSSDConfig/sssdoptions.py:412 msgid "Length of time between cache cleanups" msgstr "Tijdsduur tussen cache opschoningen" -#: src/config/SSSDConfig/sssdoptions.py:408 +#: src/config/SSSDConfig/sssdoptions.py:413 #, fuzzy msgid "Maximum time deviation between cache cleanups" msgstr "Tijdsduur tussen cache opschoningen" -#: src/config/SSSDConfig/sssdoptions.py:409 +#: src/config/SSSDConfig/sssdoptions.py:414 msgid "Require TLS for ID lookups" msgstr "Vereis TLS voor het opzoeken van ID's" -#: src/config/SSSDConfig/sssdoptions.py:410 +#: src/config/SSSDConfig/sssdoptions.py:415 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "Gebruik ID-mapping van objectSID gebruiken in plaats van pre-set ID's" -#: src/config/SSSDConfig/sssdoptions.py:411 +#: src/config/SSSDConfig/sssdoptions.py:416 msgid "Base DN for user lookups" msgstr "Base DN voor het opzoeken van gebruikers" -#: src/config/SSSDConfig/sssdoptions.py:412 +#: src/config/SSSDConfig/sssdoptions.py:417 msgid "Scope of user lookups" msgstr "Scope voor het opzoeken van gebruikers" -#: src/config/SSSDConfig/sssdoptions.py:413 +#: src/config/SSSDConfig/sssdoptions.py:418 msgid "Filter for user lookups" msgstr "Filter voor het opzoeken van gebruikers" -#: src/config/SSSDConfig/sssdoptions.py:414 +#: src/config/SSSDConfig/sssdoptions.py:419 msgid "Objectclass for users" msgstr "Objectclass voor gebruikers" -#: src/config/SSSDConfig/sssdoptions.py:415 +#: src/config/SSSDConfig/sssdoptions.py:420 msgid "Username attribute" msgstr "Username-attribuut" -#: src/config/SSSDConfig/sssdoptions.py:416 +#: src/config/SSSDConfig/sssdoptions.py:421 msgid "UID attribute" msgstr "UID-attribuut" -#: src/config/SSSDConfig/sssdoptions.py:417 +#: src/config/SSSDConfig/sssdoptions.py:422 msgid "Primary GID attribute" msgstr "Primair GID-attribuut" -#: src/config/SSSDConfig/sssdoptions.py:418 +#: src/config/SSSDConfig/sssdoptions.py:423 msgid "GECOS attribute" msgstr "GECOS-attribuut" -#: src/config/SSSDConfig/sssdoptions.py:419 +#: src/config/SSSDConfig/sssdoptions.py:424 msgid "Home directory attribute" msgstr "Gebruikersmap-attribuut" -#: src/config/SSSDConfig/sssdoptions.py:420 +#: src/config/SSSDConfig/sssdoptions.py:425 msgid "Shell attribute" msgstr "Shell-attribuut" -#: src/config/SSSDConfig/sssdoptions.py:421 +#: src/config/SSSDConfig/sssdoptions.py:426 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:422 -#: src/config/SSSDConfig/sssdoptions.py:461 +#: src/config/SSSDConfig/sssdoptions.py:427 +#: src/config/SSSDConfig/sssdoptions.py:466 msgid "objectSID attribute" msgstr "objectSID attribuut" -#: src/config/SSSDConfig/sssdoptions.py:423 +#: src/config/SSSDConfig/sssdoptions.py:428 msgid "Active Directory primary group attribute for ID-mapping" msgstr "Active Directory primaire groep attribuut voor ID-mapping" -#: src/config/SSSDConfig/sssdoptions.py:424 +#: src/config/SSSDConfig/sssdoptions.py:429 msgid "User principal attribute (for Kerberos)" msgstr "Userprincipal-attribuut (voor Kerberos)" -#: src/config/SSSDConfig/sssdoptions.py:425 +#: src/config/SSSDConfig/sssdoptions.py:430 msgid "Full Name" msgstr "Volledige naam" -#: src/config/SSSDConfig/sssdoptions.py:426 +#: src/config/SSSDConfig/sssdoptions.py:431 msgid "memberOf attribute" msgstr "memberOf-attribuut" -#: src/config/SSSDConfig/sssdoptions.py:427 +#: src/config/SSSDConfig/sssdoptions.py:432 msgid "Modification time attribute" msgstr "Modification time-attribuut" -#: src/config/SSSDConfig/sssdoptions.py:428 +#: src/config/SSSDConfig/sssdoptions.py:433 msgid "shadowLastChange attribute" msgstr "shadowLastChange attribuut" -#: src/config/SSSDConfig/sssdoptions.py:429 +#: src/config/SSSDConfig/sssdoptions.py:434 msgid "shadowMin attribute" msgstr "shadowMin attribuut" -#: src/config/SSSDConfig/sssdoptions.py:430 +#: src/config/SSSDConfig/sssdoptions.py:435 msgid "shadowMax attribute" msgstr "shadowMax attribuut" -#: src/config/SSSDConfig/sssdoptions.py:431 +#: src/config/SSSDConfig/sssdoptions.py:436 msgid "shadowWarning attribute" msgstr "shadowWarning attribuut" -#: src/config/SSSDConfig/sssdoptions.py:432 +#: src/config/SSSDConfig/sssdoptions.py:437 msgid "shadowInactive attribute" msgstr "shadowInactive attribuut" -#: src/config/SSSDConfig/sssdoptions.py:433 +#: src/config/SSSDConfig/sssdoptions.py:438 msgid "shadowExpire attribute" msgstr "shadowExpire attribuut" -#: src/config/SSSDConfig/sssdoptions.py:434 +#: src/config/SSSDConfig/sssdoptions.py:439 msgid "shadowFlag attribute" msgstr "shadowFlag attribuut" -#: src/config/SSSDConfig/sssdoptions.py:435 +#: src/config/SSSDConfig/sssdoptions.py:440 msgid "Attribute listing authorized PAM services" msgstr "Attribuut voor tonen van geautoriseerde PAM services" -#: src/config/SSSDConfig/sssdoptions.py:436 +#: src/config/SSSDConfig/sssdoptions.py:441 msgid "Attribute listing authorized server hosts" msgstr "Attribuut dat geautoriseerde server hosts toont" -#: src/config/SSSDConfig/sssdoptions.py:437 +#: src/config/SSSDConfig/sssdoptions.py:442 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:438 +#: src/config/SSSDConfig/sssdoptions.py:443 msgid "krbLastPwdChange attribute" msgstr "krbLastPwdChange attribuut" -#: src/config/SSSDConfig/sssdoptions.py:439 +#: src/config/SSSDConfig/sssdoptions.py:444 msgid "krbPasswordExpiration attribute" msgstr "krbPasswordExpiration attribuut" -#: src/config/SSSDConfig/sssdoptions.py:440 +#: src/config/SSSDConfig/sssdoptions.py:445 msgid "Attribute indicating that server side password policies are active" msgstr "Attribuut welke aangeeft dat wachtwoordtactiek op de server actief is" -#: src/config/SSSDConfig/sssdoptions.py:441 +#: src/config/SSSDConfig/sssdoptions.py:446 msgid "accountExpires attribute of AD" msgstr "accountExpires attribuut van AD" -#: src/config/SSSDConfig/sssdoptions.py:442 +#: src/config/SSSDConfig/sssdoptions.py:447 msgid "userAccountControl attribute of AD" msgstr "userAccountControl attribuut van AD" -#: src/config/SSSDConfig/sssdoptions.py:443 +#: src/config/SSSDConfig/sssdoptions.py:448 msgid "nsAccountLock attribute" msgstr "nsAccountLock attribuut" -#: src/config/SSSDConfig/sssdoptions.py:444 +#: src/config/SSSDConfig/sssdoptions.py:449 msgid "loginDisabled attribute of NDS" msgstr "loginDisabled attribuut van NDS" -#: src/config/SSSDConfig/sssdoptions.py:445 +#: src/config/SSSDConfig/sssdoptions.py:450 msgid "loginExpirationTime attribute of NDS" msgstr "loginExpirationTime attribuut van NDS" -#: src/config/SSSDConfig/sssdoptions.py:446 +#: src/config/SSSDConfig/sssdoptions.py:451 msgid "loginAllowedTimeMap attribute of NDS" msgstr "loginAllowedTimeMap attribuut van NDS" -#: src/config/SSSDConfig/sssdoptions.py:447 +#: src/config/SSSDConfig/sssdoptions.py:452 msgid "SSH public key attribute" msgstr "SSH publieke sleutel attribuut" -#: src/config/SSSDConfig/sssdoptions.py:448 +#: src/config/SSSDConfig/sssdoptions.py:453 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:449 +#: src/config/SSSDConfig/sssdoptions.py:454 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:450 +#: src/config/SSSDConfig/sssdoptions.py:455 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:451 +#: src/config/SSSDConfig/sssdoptions.py:456 msgid "attribute containing the passkey mapping data of the user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:452 +#: src/config/SSSDConfig/sssdoptions.py:457 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:454 +#: src/config/SSSDConfig/sssdoptions.py:459 msgid "Base DN for group lookups" msgstr "Basis DN voor groep opzoeken" -#: src/config/SSSDConfig/sssdoptions.py:455 +#: src/config/SSSDConfig/sssdoptions.py:460 msgid "Objectclass for groups" msgstr "Objectklasse voor groepen" -#: src/config/SSSDConfig/sssdoptions.py:456 +#: src/config/SSSDConfig/sssdoptions.py:461 msgid "Group name" msgstr "Groepsnaam" -#: src/config/SSSDConfig/sssdoptions.py:457 +#: src/config/SSSDConfig/sssdoptions.py:462 msgid "Group password" msgstr "Groep wachtwoord" -#: src/config/SSSDConfig/sssdoptions.py:458 +#: src/config/SSSDConfig/sssdoptions.py:463 msgid "GID attribute" msgstr "GID attribuut" -#: src/config/SSSDConfig/sssdoptions.py:459 +#: src/config/SSSDConfig/sssdoptions.py:464 msgid "Group member attribute" msgstr "Groep deelnemer attribuut" -#: src/config/SSSDConfig/sssdoptions.py:460 +#: src/config/SSSDConfig/sssdoptions.py:465 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:462 +#: src/config/SSSDConfig/sssdoptions.py:467 msgid "Modification time attribute for groups" msgstr "Verandertijd attribuut voor groepen" -#: src/config/SSSDConfig/sssdoptions.py:463 +#: src/config/SSSDConfig/sssdoptions.py:468 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:464 +#: src/config/SSSDConfig/sssdoptions.py:469 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:465 +#: src/config/SSSDConfig/sssdoptions.py:470 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:466 +#: src/config/SSSDConfig/sssdoptions.py:471 msgid "Filter for group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:467 +#: src/config/SSSDConfig/sssdoptions.py:472 msgid "Scope of group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:469 +#: src/config/SSSDConfig/sssdoptions.py:474 msgid "Base DN for netgroup lookups" msgstr "Basis DN voor netgroep opzoeken" -#: src/config/SSSDConfig/sssdoptions.py:470 +#: src/config/SSSDConfig/sssdoptions.py:475 msgid "Objectclass for netgroups" msgstr "Objectklasse voor netgroepen" -#: src/config/SSSDConfig/sssdoptions.py:471 +#: src/config/SSSDConfig/sssdoptions.py:476 msgid "Netgroup name" msgstr "Netgroep naam" -#: src/config/SSSDConfig/sssdoptions.py:472 +#: src/config/SSSDConfig/sssdoptions.py:477 msgid "Netgroups members attribute" msgstr "Netgroep leden attribuut" -#: src/config/SSSDConfig/sssdoptions.py:473 +#: src/config/SSSDConfig/sssdoptions.py:478 msgid "Netgroup triple attribute" msgstr "Netgroep triple attibuut" -#: src/config/SSSDConfig/sssdoptions.py:474 +#: src/config/SSSDConfig/sssdoptions.py:479 msgid "Modification time attribute for netgroups" msgstr "Verandertijd attribuut voor netgroepen" -#: src/config/SSSDConfig/sssdoptions.py:476 +#: src/config/SSSDConfig/sssdoptions.py:481 msgid "Base DN for service lookups" msgstr "Basis DN voor service lookups" -#: src/config/SSSDConfig/sssdoptions.py:477 +#: src/config/SSSDConfig/sssdoptions.py:482 msgid "Objectclass for services" msgstr "Objectclass voor services" -#: src/config/SSSDConfig/sssdoptions.py:478 +#: src/config/SSSDConfig/sssdoptions.py:483 msgid "Service name attribute" msgstr "Service naam attribuut" -#: src/config/SSSDConfig/sssdoptions.py:479 +#: src/config/SSSDConfig/sssdoptions.py:484 msgid "Service port attribute" msgstr "Service port attribuut" -#: src/config/SSSDConfig/sssdoptions.py:480 +#: src/config/SSSDConfig/sssdoptions.py:485 msgid "Service protocol attribute" msgstr "Service protocol attribuut" -#: src/config/SSSDConfig/sssdoptions.py:482 +#: src/config/SSSDConfig/sssdoptions.py:487 msgid "Lower bound for ID-mapping" msgstr "Ondergrens voor ID-mapping" -#: src/config/SSSDConfig/sssdoptions.py:483 +#: src/config/SSSDConfig/sssdoptions.py:488 msgid "Upper bound for ID-mapping" msgstr "Bovengrens voor ID-mapping" -#: src/config/SSSDConfig/sssdoptions.py:484 +#: src/config/SSSDConfig/sssdoptions.py:489 msgid "Number of IDs for each slice when ID-mapping" msgstr "Aantal ID's voor elk segment bij ID-mapping" -#: src/config/SSSDConfig/sssdoptions.py:485 +#: src/config/SSSDConfig/sssdoptions.py:490 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "Gebruik autorid-compatibel algoritme voor ID-mapping" -#: src/config/SSSDConfig/sssdoptions.py:486 +#: src/config/SSSDConfig/sssdoptions.py:491 msgid "Name of the default domain for ID-mapping" msgstr "Naam van het standaard domein voor ID-mapping" -#: src/config/SSSDConfig/sssdoptions.py:487 +#: src/config/SSSDConfig/sssdoptions.py:492 msgid "SID of the default domain for ID-mapping" msgstr "SID van het standaard domein voor ID-mapping" -#: src/config/SSSDConfig/sssdoptions.py:488 +#: src/config/SSSDConfig/sssdoptions.py:493 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:490 +#: src/config/SSSDConfig/sssdoptions.py:495 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:491 +#: src/config/SSSDConfig/sssdoptions.py:496 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "Laagste grens instellen voor toegestane id's van de LDAP-server" -#: src/config/SSSDConfig/sssdoptions.py:492 +#: src/config/SSSDConfig/sssdoptions.py:497 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "Hoogste grens instellen voor toegestane id's van de LDAP-server" -#: src/config/SSSDConfig/sssdoptions.py:493 +#: src/config/SSSDConfig/sssdoptions.py:498 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:494 +#: src/config/SSSDConfig/sssdoptions.py:499 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:495 +#: src/config/SSSDConfig/sssdoptions.py:500 msgid "Set libldap debug level" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:498 +#: src/config/SSSDConfig/sssdoptions.py:503 msgid "Policy to evaluate the password expiration" msgstr "Policy om wacthwoordverloop mee te evalueren" -#: src/config/SSSDConfig/sssdoptions.py:502 +#: src/config/SSSDConfig/sssdoptions.py:507 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" "Welke attributen worden gebruikt voor evaluatie als het account verlopen is" -#: src/config/SSSDConfig/sssdoptions.py:506 +#: src/config/SSSDConfig/sssdoptions.py:511 msgid "URI of an LDAP server where password changes are allowed" msgstr "" "URI van een LDAP server waarop wachtwoord veranderingen toegestaan zijn" -#: src/config/SSSDConfig/sssdoptions.py:507 +#: src/config/SSSDConfig/sssdoptions.py:512 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" "URI van een back-up LDAP server waar wachtwoord veranderingen toegestaan zijn" -#: src/config/SSSDConfig/sssdoptions.py:508 +#: src/config/SSSDConfig/sssdoptions.py:513 msgid "DNS service name for LDAP password change server" msgstr "DNS service naam voor LDAP wachtwoord verander server" -#: src/config/SSSDConfig/sssdoptions.py:509 +#: src/config/SSSDConfig/sssdoptions.py:514 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" @@ -1708,27 +1727,27 @@ msgstr "" "Moet het ldap_user_shadow_last_change attribuut vernieuwd worden na een " "wachtwoordwijziging" -#: src/config/SSSDConfig/sssdoptions.py:513 +#: src/config/SSSDConfig/sssdoptions.py:518 msgid "Base DN for sudo rules lookups" msgstr "Basis DN voor sudo regels lookups" -#: src/config/SSSDConfig/sssdoptions.py:514 +#: src/config/SSSDConfig/sssdoptions.py:519 msgid "Automatic full refresh period" msgstr "Automatische volledige ververs periode" -#: src/config/SSSDConfig/sssdoptions.py:515 +#: src/config/SSSDConfig/sssdoptions.py:520 msgid "Automatic smart refresh period" msgstr "Automatische slimme ververs periode" -#: src/config/SSSDConfig/sssdoptions.py:516 +#: src/config/SSSDConfig/sssdoptions.py:521 msgid "Smart and full refresh random offset" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:517 +#: src/config/SSSDConfig/sssdoptions.py:522 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "Moeten regels gefilterd worden volgens hostnaam, IP adres en netwerk" -#: src/config/SSSDConfig/sssdoptions.py:518 +#: src/config/SSSDConfig/sssdoptions.py:523 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" @@ -1736,190 +1755,190 @@ msgstr "" "Hostnamen en/of volledig gekwalificeerde domeinnamen van deze machine voor " "het filteren van sudo regels" -#: src/config/SSSDConfig/sssdoptions.py:519 +#: src/config/SSSDConfig/sssdoptions.py:524 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" "IPv4 of IPv6 adressen of netwerk van deze machine voor het filteren van sudo " "regels" -#: src/config/SSSDConfig/sssdoptions.py:520 +#: src/config/SSSDConfig/sssdoptions.py:525 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" "Moeten regels toegevoegd worden die netgroep bevatten in host attribuut " -#: src/config/SSSDConfig/sssdoptions.py:521 +#: src/config/SSSDConfig/sssdoptions.py:526 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" "Moeten regels toegevoegd worden die regulaire expressie bevatten in host " "attribuut " -#: src/config/SSSDConfig/sssdoptions.py:522 +#: src/config/SSSDConfig/sssdoptions.py:527 msgid "Object class for sudo rules" msgstr "Objectklasse voor sudo regels" -#: src/config/SSSDConfig/sssdoptions.py:523 +#: src/config/SSSDConfig/sssdoptions.py:528 msgid "Name of attribute that is used as object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:524 +#: src/config/SSSDConfig/sssdoptions.py:529 msgid "Sudo rule name" msgstr "Sudo regelnaam" -#: src/config/SSSDConfig/sssdoptions.py:525 +#: src/config/SSSDConfig/sssdoptions.py:530 msgid "Sudo rule command attribute" msgstr "Sudo regel opdracht attribuut" -#: src/config/SSSDConfig/sssdoptions.py:526 +#: src/config/SSSDConfig/sssdoptions.py:531 msgid "Sudo rule host attribute" msgstr "Sudo regel host attribuut" -#: src/config/SSSDConfig/sssdoptions.py:527 +#: src/config/SSSDConfig/sssdoptions.py:532 msgid "Sudo rule user attribute" msgstr "Sudo regel gebruiker attribuut" -#: src/config/SSSDConfig/sssdoptions.py:528 +#: src/config/SSSDConfig/sssdoptions.py:533 msgid "Sudo rule option attribute" msgstr "Sudo regel optie attribuut" -#: src/config/SSSDConfig/sssdoptions.py:529 +#: src/config/SSSDConfig/sssdoptions.py:534 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:530 +#: src/config/SSSDConfig/sssdoptions.py:535 msgid "Sudo rule runasuser attribute" msgstr "Sudo regel runasuser attribuut" -#: src/config/SSSDConfig/sssdoptions.py:531 +#: src/config/SSSDConfig/sssdoptions.py:536 msgid "Sudo rule runasgroup attribute" msgstr "Sudo regel runasgroup attribuut" -#: src/config/SSSDConfig/sssdoptions.py:532 +#: src/config/SSSDConfig/sssdoptions.py:537 msgid "Sudo rule notbefore attribute" msgstr "Sudo regel notbefore attribuut" -#: src/config/SSSDConfig/sssdoptions.py:533 +#: src/config/SSSDConfig/sssdoptions.py:538 msgid "Sudo rule notafter attribute" msgstr "Sudo regel notafter attribuut" -#: src/config/SSSDConfig/sssdoptions.py:534 +#: src/config/SSSDConfig/sssdoptions.py:539 msgid "Sudo rule order attribute" msgstr "Sudo regel volgorde attribuut" -#: src/config/SSSDConfig/sssdoptions.py:537 +#: src/config/SSSDConfig/sssdoptions.py:542 msgid "Object class for automounter maps" msgstr "Object class voor automounter maps" -#: src/config/SSSDConfig/sssdoptions.py:538 +#: src/config/SSSDConfig/sssdoptions.py:543 msgid "Automounter map name attribute" msgstr "Automounter map naam attribuut" -#: src/config/SSSDConfig/sssdoptions.py:539 +#: src/config/SSSDConfig/sssdoptions.py:544 msgid "Object class for automounter map entries" msgstr "Objectklasse voor automounter map ingaven" -#: src/config/SSSDConfig/sssdoptions.py:540 +#: src/config/SSSDConfig/sssdoptions.py:545 msgid "Automounter map entry key attribute" msgstr "Automounter map sleutel ingave attribuut" -#: src/config/SSSDConfig/sssdoptions.py:541 +#: src/config/SSSDConfig/sssdoptions.py:546 msgid "Automounter map entry value attribute" msgstr "Automounter map ingavewaarde attribuut" -#: src/config/SSSDConfig/sssdoptions.py:542 +#: src/config/SSSDConfig/sssdoptions.py:547 msgid "Base DN for automounter map lookups" msgstr "Basis DN voor automounter kaart opzoeken" -#: src/config/SSSDConfig/sssdoptions.py:543 +#: src/config/SSSDConfig/sssdoptions.py:548 msgid "The name of the automount master map in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:546 +#: src/config/SSSDConfig/sssdoptions.py:551 msgid "Base DN for IP hosts lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:547 +#: src/config/SSSDConfig/sssdoptions.py:552 msgid "Object class for IP hosts" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:548 +#: src/config/SSSDConfig/sssdoptions.py:553 msgid "IP host name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:549 +#: src/config/SSSDConfig/sssdoptions.py:554 msgid "IP host number (address) attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:550 +#: src/config/SSSDConfig/sssdoptions.py:555 msgid "IP host entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:551 +#: src/config/SSSDConfig/sssdoptions.py:556 msgid "Base DN for IP networks lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:552 +#: src/config/SSSDConfig/sssdoptions.py:557 msgid "Object class for IP networks" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:553 +#: src/config/SSSDConfig/sssdoptions.py:558 msgid "IP network name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:554 +#: src/config/SSSDConfig/sssdoptions.py:559 msgid "IP network number (address) attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:555 +#: src/config/SSSDConfig/sssdoptions.py:560 msgid "IP network entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:558 +#: src/config/SSSDConfig/sssdoptions.py:563 msgid "Comma separated list of allowed users" msgstr "Kommagescheiden lijst van toegestane gebruikers" -#: src/config/SSSDConfig/sssdoptions.py:559 +#: src/config/SSSDConfig/sssdoptions.py:564 msgid "Comma separated list of prohibited users" msgstr "Kommagescheiden lijst van geweigerde gebruikers" -#: src/config/SSSDConfig/sssdoptions.py:560 +#: src/config/SSSDConfig/sssdoptions.py:565 msgid "" "Comma separated list of groups that are allowed to log in. This applies only " "to groups within this SSSD domain. Local groups are not evaluated." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:562 +#: src/config/SSSDConfig/sssdoptions.py:567 msgid "" "Comma separated list of groups that are explicitly denied access. This " "applies only to groups within this SSSD domain. Local groups are not " "evaluated." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:566 +#: src/config/SSSDConfig/sssdoptions.py:571 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:569 +#: src/config/SSSDConfig/sssdoptions.py:574 msgid "The name of the NSS library to use" msgstr "De naam van de NSS-bibliotheek die gebruikt wordt" -#: src/config/SSSDConfig/sssdoptions.py:570 +#: src/config/SSSDConfig/sssdoptions.py:575 msgid "The name of the NSS library to use for hosts and networks lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:571 +#: src/config/SSSDConfig/sssdoptions.py:576 msgid "Whether to look up canonical group name from cache if possible" msgstr "Moet indien mogelijk canonieke groepsnaam in cache opgezocht worden " -#: src/config/SSSDConfig/sssdoptions.py:574 +#: src/config/SSSDConfig/sssdoptions.py:579 msgid "PAM stack to use" msgstr "PAM-stack die gebruikt wordt" -#: src/config/SSSDConfig/sssdoptions.py:577 +#: src/config/SSSDConfig/sssdoptions.py:582 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:578 +#: src/config/SSSDConfig/sssdoptions.py:583 msgid "Path of group file sources." msgstr "" @@ -1974,76 +1993,72 @@ msgstr "" msgid "Can't read config: '%s'\n" msgstr "" -#: src/monitor/monitor.c:1953 +#: src/monitor/monitor.c:1956 #, c-format msgid "Failed to boostrap SSSD 'monitor' process: %s" msgstr "" -#: src/monitor/monitor.c:2050 +#: src/monitor/monitor.c:2053 msgid "Out of memory\n" msgstr "Het geheugen zit vol\n" -#: src/providers/krb5/krb5_child.c:4145 src/providers/ldap/ldap_child.c:994 -msgid "Allow core dumps" +#: src/providers/krb5/krb5_child.c:4113 src/providers/ldap/ldap_child.c:995 +msgid "Ignored, /proc/sys/fs/suid_dumpable setting is in force" msgstr "" -#: src/providers/krb5/krb5_child.c:4147 src/providers/ldap/ldap_child.c:996 -msgid "An open file descriptor for the debug logs" -msgstr "Een geopend bestand voor de debug logs" - -#: src/providers/krb5/krb5_child.c:4150 -msgid "The user to create FAST ccache as" +#: src/providers/krb5/krb5_child.c:4115 src/providers/ldap/ldap_child.c:997 +msgid "Enable debug backtrace" msgstr "" -#: src/providers/krb5/krb5_child.c:4152 -msgid "The group to create FAST ccache as" -msgstr "" +#: src/providers/krb5/krb5_child.c:4117 src/providers/ldap/ldap_child.c:999 +msgid "An open file descriptor for the debug logs" +msgstr "Een geopend bestand voor de debug logs" -#: src/providers/krb5/krb5_child.c:4154 +#: src/providers/krb5/krb5_child.c:4120 msgid "Use anonymous PKINIT to request FAST armor ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:4156 +#: src/providers/krb5/krb5_child.c:4122 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:4158 +#: src/providers/krb5/krb5_child.c:4124 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:4160 +#: src/providers/krb5/krb5_child.c:4126 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:4162 +#: src/providers/krb5/krb5_child.c:4128 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:4165 +#: src/providers/krb5/krb5_child.c:4131 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:4167 +#: src/providers/krb5/krb5_child.c:4133 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/krb5/krb5_child.c:4169 +#: src/providers/krb5/krb5_child.c:4135 msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/krb5/krb5_child.c:4171 +#: src/providers/krb5/krb5_child.c:4137 msgid "Tevent chain ID used for logging purposes" msgstr "" -#: src/providers/krb5/krb5_child.c:4173 +#: src/providers/krb5/krb5_child.c:4139 msgid "Check PAC flags" msgstr "" -#: src/providers/krb5/krb5_child.c:4217 src/providers/ldap/ldap_child.c:1022 +#: src/providers/krb5/krb5_child.c:4187 src/providers/ldap/ldap_child.c:1029 msgid "talloc_asprintf failed.\n" msgstr "" -#: src/providers/krb5/krb5_child.c:4227 src/providers/ldap/ldap_child.c:1031 +#: src/providers/krb5/krb5_child.c:4197 src/providers/ldap/ldap_child.c:1038 msgid "set_debug_file_from_fd failed.\n" msgstr "" @@ -2211,7 +2226,7 @@ msgstr "" msgid "Current Password: " msgstr "Huidig wachtwoord:" -#: src/sss_client/pam_sss.c:3147 +#: src/sss_client/pam_sss.c:3150 msgid "Password expired. Change your password now." msgstr "Wachtwoord verlopen. Verander nu uw wachtwoord." @@ -2882,25 +2897,29 @@ msgid "There is no configuration.\n" msgstr "" #: src/tools/sssctl/sssctl_config.c:120 -#, c-format -msgid "Failed to read '%s': %s\n" +#, fuzzy, c-format +msgid "Configuration validation failed: %s\n" +msgstr "Het post-verwijder commando mislukte: %1$s\n" + +#: src/tools/sssctl/sssctl_config.c:121 +msgid "Run with high debug level to see details.\n" msgstr "" -#: src/tools/sssctl/sssctl_config.c:129 +#: src/tools/sssctl/sssctl_config.c:130 msgid "Failed to run validators" msgstr "" -#: src/tools/sssctl/sssctl_config.c:133 +#: src/tools/sssctl/sssctl_config.c:134 #, c-format msgid "Issues identified by validators: %zu\n" msgstr "" -#: src/tools/sssctl/sssctl_config.c:144 +#: src/tools/sssctl/sssctl_config.c:145 #, c-format msgid "Messages generated during configuration merging: %zu\n" msgstr "" -#: src/tools/sssctl/sssctl_config.c:157 +#: src/tools/sssctl/sssctl_config.c:158 #, c-format msgid "Used configuration snippet files: %zu\n" msgstr "" @@ -3394,11 +3413,11 @@ msgstr "" msgid " - no env -\n" msgstr "" -#: src/util/util.h:98 +#: src/util/util.h:91 msgid "Specify a non-default config file" msgstr "Geef een niet-standaard configuratiebestand op" -#: src/util/util.h:105 +#: src/util/util.h:98 msgid "Informs that the responder has been socket-activated" msgstr "" diff --git a/po/pl.po b/po/pl.po index 5b090d89c5d..6c6849d42ea 100644 --- a/po/pl.po +++ b/po/pl.po @@ -15,7 +15,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2024-10-15 11:45+0200\n" +"POT-Creation-Date: 2024-12-10 14:35+0100\n" "PO-Revision-Date: 2023-09-16 09:18+0000\n" "Last-Translator: Piotr Drąg \n" "Language-Team: Polish \n" "Language-Team: Portuguese (http://www.transifex.com/projects/p/sssd/language/" @@ -595,1268 +595,1287 @@ msgid "Whether to automatically update the client's DNS entry" msgstr "" #: src/config/SSSDConfig/sssdoptions.py:200 -#: src/config/SSSDConfig/sssdoptions.py:233 +msgid "" +"Whether DNS update of A and AAAA record should be performed in one update or " +"in two separate updates" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:202 +#: src/config/SSSDConfig/sssdoptions.py:238 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:201 -#: src/config/SSSDConfig/sssdoptions.py:234 +#: src/config/SSSDConfig/sssdoptions.py:203 +#: src/config/SSSDConfig/sssdoptions.py:239 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:202 +#: src/config/SSSDConfig/sssdoptions.py:204 msgid "How often to periodically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:203 +#: src/config/SSSDConfig/sssdoptions.py:205 msgid "Maximum period deviation when updating the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:204 +#: src/config/SSSDConfig/sssdoptions.py:206 msgid "Whether the provider should explicitly update the PTR record as well" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:205 +#: src/config/SSSDConfig/sssdoptions.py:207 msgid "Whether the nsupdate utility should default to using TCP" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:206 +#: src/config/SSSDConfig/sssdoptions.py:208 msgid "What kind of authentication should be used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:207 +#: src/config/SSSDConfig/sssdoptions.py:209 msgid "Override the DNS server used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:208 +#: src/config/SSSDConfig/sssdoptions.py:210 +msgid "The file of the certificate authorities certificates for DoT" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:211 +#, fuzzy +msgid "The certificate(s) file for authentication for the DoT transport" +msgstr "Obriga a verificação de certificados TLS" + +#: src/config/SSSDConfig/sssdoptions.py:212 +msgid "The key file for authenticated encryption for the DoT transport" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:213 msgid "Control enumeration of trusted domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:209 +#: src/config/SSSDConfig/sssdoptions.py:214 msgid "How often should subdomains list be refreshed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:210 +#: src/config/SSSDConfig/sssdoptions.py:215 msgid "Maximum period deviation when refreshing the subdomain list" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:211 +#: src/config/SSSDConfig/sssdoptions.py:216 msgid "List of options that should be inherited into a subdomain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:212 +#: src/config/SSSDConfig/sssdoptions.py:217 msgid "Default subdomain homedir value" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:213 +#: src/config/SSSDConfig/sssdoptions.py:218 msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:214 +#: src/config/SSSDConfig/sssdoptions.py:219 msgid "Whether to automatically create private groups for users" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:215 +#: src/config/SSSDConfig/sssdoptions.py:220 msgid "Display a warning N days before the password expires." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:216 +#: src/config/SSSDConfig/sssdoptions.py:221 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:217 +#: src/config/SSSDConfig/sssdoptions.py:222 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:219 +#: src/config/SSSDConfig/sssdoptions.py:224 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:221 +#: src/config/SSSDConfig/sssdoptions.py:226 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " "(long term password) must have to be saved as SHA512 hash into the cache." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:225 +#: src/config/SSSDConfig/sssdoptions.py:230 msgid "Local authentication methods policy " msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:228 +#: src/config/SSSDConfig/sssdoptions.py:233 msgid "IPA domain" msgstr "Domínio IPA" -#: src/config/SSSDConfig/sssdoptions.py:229 +#: src/config/SSSDConfig/sssdoptions.py:234 msgid "IPA server address" msgstr "Endereço do servidor IPA" -#: src/config/SSSDConfig/sssdoptions.py:230 +#: src/config/SSSDConfig/sssdoptions.py:235 msgid "Address of backup IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:231 +#: src/config/SSSDConfig/sssdoptions.py:236 msgid "IPA client hostname" msgstr "Nome da máquina do cliente IPA" -#: src/config/SSSDConfig/sssdoptions.py:232 +#: src/config/SSSDConfig/sssdoptions.py:237 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:235 +#: src/config/SSSDConfig/sssdoptions.py:240 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:236 +#: src/config/SSSDConfig/sssdoptions.py:241 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:237 +#: src/config/SSSDConfig/sssdoptions.py:242 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:239 +#: src/config/SSSDConfig/sssdoptions.py:244 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:240 +#: src/config/SSSDConfig/sssdoptions.py:245 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:241 +#: src/config/SSSDConfig/sssdoptions.py:246 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:242 +#: src/config/SSSDConfig/sssdoptions.py:247 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:243 -#: src/config/SSSDConfig/sssdoptions.py:299 +#: src/config/SSSDConfig/sssdoptions.py:248 +#: src/config/SSSDConfig/sssdoptions.py:304 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:244 +#: src/config/SSSDConfig/sssdoptions.py:249 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:245 +#: src/config/SSSDConfig/sssdoptions.py:250 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:246 +#: src/config/SSSDConfig/sssdoptions.py:251 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:247 +#: src/config/SSSDConfig/sssdoptions.py:252 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:248 +#: src/config/SSSDConfig/sssdoptions.py:253 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:249 +#: src/config/SSSDConfig/sssdoptions.py:254 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:250 +#: src/config/SSSDConfig/sssdoptions.py:255 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:251 +#: src/config/SSSDConfig/sssdoptions.py:256 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:252 +#: src/config/SSSDConfig/sssdoptions.py:257 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:254 +#: src/config/SSSDConfig/sssdoptions.py:259 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:257 +#: src/config/SSSDConfig/sssdoptions.py:262 msgid "Search base for SUBID ranges" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:258 -#: src/config/SSSDConfig/sssdoptions.py:503 +#: src/config/SSSDConfig/sssdoptions.py:263 +#: src/config/SSSDConfig/sssdoptions.py:508 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:259 +#: src/config/SSSDConfig/sssdoptions.py:264 msgid "The LDAP attribute that contains FQDN of the host." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:260 -#: src/config/SSSDConfig/sssdoptions.py:283 +#: src/config/SSSDConfig/sssdoptions.py:265 +#: src/config/SSSDConfig/sssdoptions.py:288 msgid "The object class of a host entry in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:261 +#: src/config/SSSDConfig/sssdoptions.py:266 msgid "Use the given string as search base for host objects." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:262 +#: src/config/SSSDConfig/sssdoptions.py:267 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:263 +#: src/config/SSSDConfig/sssdoptions.py:268 msgid "The LDAP attribute that contains NIS domain name of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:264 +#: src/config/SSSDConfig/sssdoptions.py:269 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:265 +#: src/config/SSSDConfig/sssdoptions.py:270 msgid "" "The LDAP attribute that lists FQDNs of hosts and host groups that are " "members of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:267 +#: src/config/SSSDConfig/sssdoptions.py:272 msgid "" "The LDAP attribute that lists hosts and host groups that are direct members " "of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:269 +#: src/config/SSSDConfig/sssdoptions.py:274 msgid "The LDAP attribute that lists netgroup's memberships." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:270 +#: src/config/SSSDConfig/sssdoptions.py:275 msgid "" "The LDAP attribute that lists system users and groups that are direct " "members of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:272 +#: src/config/SSSDConfig/sssdoptions.py:277 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:273 +#: src/config/SSSDConfig/sssdoptions.py:278 msgid "The object class of a netgroup entry in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:274 +#: src/config/SSSDConfig/sssdoptions.py:279 msgid "" "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:275 +#: src/config/SSSDConfig/sssdoptions.py:280 msgid "" "The LDAP attribute that contains whether or not is user map enabled for " "usage." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:277 +#: src/config/SSSDConfig/sssdoptions.py:282 msgid "The LDAP attribute that contains host category such as 'all'." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:278 +#: src/config/SSSDConfig/sssdoptions.py:283 msgid "" "The LDAP attribute that contains all hosts / hostgroups this rule match " "against." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:280 +#: src/config/SSSDConfig/sssdoptions.py:285 msgid "" "The LDAP attribute that contains all users / groups this rule match against." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:282 +#: src/config/SSSDConfig/sssdoptions.py:287 msgid "The LDAP attribute that contains the name of SELinux usermap." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:284 +#: src/config/SSSDConfig/sssdoptions.py:289 msgid "" "The LDAP attribute that contains DN of HBAC rule which can be used for " "matching instead of memberUser and memberHost." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:286 +#: src/config/SSSDConfig/sssdoptions.py:291 msgid "The LDAP attribute that contains SELinux user string itself." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:287 +#: src/config/SSSDConfig/sssdoptions.py:292 msgid "The LDAP attribute that contains user category such as 'all'." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:288 +#: src/config/SSSDConfig/sssdoptions.py:293 msgid "The LDAP attribute that contains unique ID of the user map." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:289 +#: src/config/SSSDConfig/sssdoptions.py:294 msgid "" "The option denotes that the SSSD is running on IPA server and should perform " "lookups of users and groups from trusted domains differently." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:291 +#: src/config/SSSDConfig/sssdoptions.py:296 msgid "Use the given string as search base for trusted domains." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:294 +#: src/config/SSSDConfig/sssdoptions.py:299 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:295 +#: src/config/SSSDConfig/sssdoptions.py:300 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:296 +#: src/config/SSSDConfig/sssdoptions.py:301 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:297 +#: src/config/SSSDConfig/sssdoptions.py:302 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:298 +#: src/config/SSSDConfig/sssdoptions.py:303 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:300 -#: src/config/SSSDConfig/sssdoptions.py:501 +#: src/config/SSSDConfig/sssdoptions.py:305 +#: src/config/SSSDConfig/sssdoptions.py:506 msgid "LDAP filter to determine access privileges" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:301 +#: src/config/SSSDConfig/sssdoptions.py:306 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:302 +#: src/config/SSSDConfig/sssdoptions.py:307 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:303 +#: src/config/SSSDConfig/sssdoptions.py:308 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:304 +#: src/config/SSSDConfig/sssdoptions.py:309 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:306 +#: src/config/SSSDConfig/sssdoptions.py:311 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:308 +#: src/config/SSSDConfig/sssdoptions.py:313 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:309 +#: src/config/SSSDConfig/sssdoptions.py:314 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:310 +#: src/config/SSSDConfig/sssdoptions.py:315 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:311 +#: src/config/SSSDConfig/sssdoptions.py:316 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:312 +#: src/config/SSSDConfig/sssdoptions.py:317 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:313 +#: src/config/SSSDConfig/sssdoptions.py:318 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:314 +#: src/config/SSSDConfig/sssdoptions.py:319 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:315 +#: src/config/SSSDConfig/sssdoptions.py:320 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:317 +#: src/config/SSSDConfig/sssdoptions.py:322 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:318 +#: src/config/SSSDConfig/sssdoptions.py:323 msgid "Whether to update the machine account password in the Samba database" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:320 +#: src/config/SSSDConfig/sssdoptions.py:325 msgid "Use LDAPS port for LDAP and Global Catalog requests" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:321 +#: src/config/SSSDConfig/sssdoptions.py:326 msgid "Do not filter domain local groups from other domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:324 -#: src/config/SSSDConfig/sssdoptions.py:325 +#: src/config/SSSDConfig/sssdoptions.py:329 +#: src/config/SSSDConfig/sssdoptions.py:330 msgid "Kerberos server address" msgstr "Endereço do servidor Kerberos" -#: src/config/SSSDConfig/sssdoptions.py:326 +#: src/config/SSSDConfig/sssdoptions.py:331 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:327 +#: src/config/SSSDConfig/sssdoptions.py:332 msgid "Kerberos realm" msgstr "Reino Kerberos" -#: src/config/SSSDConfig/sssdoptions.py:328 +#: src/config/SSSDConfig/sssdoptions.py:333 msgid "Authentication timeout" msgstr "Tempo de expiração da autenticação" -#: src/config/SSSDConfig/sssdoptions.py:329 +#: src/config/SSSDConfig/sssdoptions.py:334 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:330 +#: src/config/SSSDConfig/sssdoptions.py:335 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:333 +#: src/config/SSSDConfig/sssdoptions.py:338 msgid "Directory to store credential caches" msgstr "Directório para armazenar as caches de credenciais" -#: src/config/SSSDConfig/sssdoptions.py:334 +#: src/config/SSSDConfig/sssdoptions.py:339 msgid "Location of the user's credential cache" msgstr "Localização da cache de credenciais dos utilizadores" -#: src/config/SSSDConfig/sssdoptions.py:335 +#: src/config/SSSDConfig/sssdoptions.py:340 msgid "Location of the keytab to validate credentials" msgstr "Localização da tabela de chaves (keytab) para validar credenciais" -#: src/config/SSSDConfig/sssdoptions.py:336 +#: src/config/SSSDConfig/sssdoptions.py:341 msgid "Enable credential validation" msgstr "Activar validação de credenciais" -#: src/config/SSSDConfig/sssdoptions.py:337 +#: src/config/SSSDConfig/sssdoptions.py:342 msgid "Store password if offline for later online authentication" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:338 +#: src/config/SSSDConfig/sssdoptions.py:343 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:339 +#: src/config/SSSDConfig/sssdoptions.py:344 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:340 +#: src/config/SSSDConfig/sssdoptions.py:345 msgid "Time between two checks for renewal" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:341 +#: src/config/SSSDConfig/sssdoptions.py:346 msgid "Enables FAST" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:342 +#: src/config/SSSDConfig/sssdoptions.py:347 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:343 +#: src/config/SSSDConfig/sssdoptions.py:348 msgid "Use anonymous PKINIT to request FAST credentials" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:344 +#: src/config/SSSDConfig/sssdoptions.py:349 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:345 +#: src/config/SSSDConfig/sssdoptions.py:350 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:346 +#: src/config/SSSDConfig/sssdoptions.py:351 msgid "Enables using of subdomains realms for authentication" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:347 +#: src/config/SSSDConfig/sssdoptions.py:352 msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:350 -#: src/config/SSSDConfig/sssdoptions.py:351 +#: src/config/SSSDConfig/sssdoptions.py:355 +#: src/config/SSSDConfig/sssdoptions.py:356 msgid "Server where the change password service is running if not on the KDC" msgstr "" "Servidor onde está em execução o serviço de alteração de senha, se não " "coincide com o KDC" -#: src/config/SSSDConfig/sssdoptions.py:354 +#: src/config/SSSDConfig/sssdoptions.py:359 msgid "ldap_uri, The URI of the LDAP server" msgstr "ldap_uri, O URI do servidor LDAP" -#: src/config/SSSDConfig/sssdoptions.py:355 +#: src/config/SSSDConfig/sssdoptions.py:360 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:356 +#: src/config/SSSDConfig/sssdoptions.py:361 msgid "The default base DN" msgstr "A base DN por omissão" -#: src/config/SSSDConfig/sssdoptions.py:357 +#: src/config/SSSDConfig/sssdoptions.py:362 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "O tipo de Schema em utilização no servidor LDAP, rfc2307" -#: src/config/SSSDConfig/sssdoptions.py:358 +#: src/config/SSSDConfig/sssdoptions.py:363 msgid "Mode used to change user password" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:359 +#: src/config/SSSDConfig/sssdoptions.py:364 msgid "The default bind DN" msgstr "O DN por omissão para a ligação" -#: src/config/SSSDConfig/sssdoptions.py:360 +#: src/config/SSSDConfig/sssdoptions.py:365 msgid "The type of the authentication token of the default bind DN" msgstr "O tipo de token de autenticação do bind DN por omissão" -#: src/config/SSSDConfig/sssdoptions.py:361 +#: src/config/SSSDConfig/sssdoptions.py:366 msgid "The authentication token of the default bind DN" msgstr "O token de autenticação do bind DN por omissão" -#: src/config/SSSDConfig/sssdoptions.py:362 +#: src/config/SSSDConfig/sssdoptions.py:367 msgid "Length of time to attempt connection" msgstr "Período de tempo para tentar ligação" -#: src/config/SSSDConfig/sssdoptions.py:363 +#: src/config/SSSDConfig/sssdoptions.py:368 msgid "Length of time to attempt synchronous LDAP operations" msgstr "Tempo de espera para tentar operações LDAP síncronas" -#: src/config/SSSDConfig/sssdoptions.py:364 +#: src/config/SSSDConfig/sssdoptions.py:369 msgid "Length of time between attempts to reconnect while offline" msgstr "Tempo de espera entre tentativas para re-conectar quando desligado" -#: src/config/SSSDConfig/sssdoptions.py:365 +#: src/config/SSSDConfig/sssdoptions.py:370 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:366 +#: src/config/SSSDConfig/sssdoptions.py:371 msgid "File that contains CA certificates" msgstr "Ficheiro que contêm os certificados CA" -#: src/config/SSSDConfig/sssdoptions.py:367 +#: src/config/SSSDConfig/sssdoptions.py:372 msgid "Path to CA certificate directory" msgstr "Caminho para o directório do certificado CA" -#: src/config/SSSDConfig/sssdoptions.py:368 +#: src/config/SSSDConfig/sssdoptions.py:373 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:369 +#: src/config/SSSDConfig/sssdoptions.py:374 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:370 +#: src/config/SSSDConfig/sssdoptions.py:375 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:371 +#: src/config/SSSDConfig/sssdoptions.py:376 msgid "Require TLS certificate verification" msgstr "Obriga a verificação de certificados TLS" -#: src/config/SSSDConfig/sssdoptions.py:372 +#: src/config/SSSDConfig/sssdoptions.py:377 msgid "Specify the sasl mechanism to use" msgstr "Especificar mecanismo sasl a utilizar" -#: src/config/SSSDConfig/sssdoptions.py:373 +#: src/config/SSSDConfig/sssdoptions.py:378 msgid "Specify the sasl authorization id to use" msgstr "Especifique o id sasl para utilizar na autorização" -#: src/config/SSSDConfig/sssdoptions.py:374 +#: src/config/SSSDConfig/sssdoptions.py:379 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:375 +#: src/config/SSSDConfig/sssdoptions.py:380 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:376 +#: src/config/SSSDConfig/sssdoptions.py:381 msgid "Specify the maximal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:377 +#: src/config/SSSDConfig/sssdoptions.py:382 msgid "Kerberos service keytab" msgstr "Separador chave do serviço Kerberos" -#: src/config/SSSDConfig/sssdoptions.py:378 +#: src/config/SSSDConfig/sssdoptions.py:383 msgid "Use Kerberos auth for LDAP connection" msgstr "Utilizar autenticação Kerberos para ligações LDAP" -#: src/config/SSSDConfig/sssdoptions.py:379 +#: src/config/SSSDConfig/sssdoptions.py:384 msgid "Follow LDAP referrals" msgstr "Seguir os referrals LDAP" -#: src/config/SSSDConfig/sssdoptions.py:380 +#: src/config/SSSDConfig/sssdoptions.py:385 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:381 +#: src/config/SSSDConfig/sssdoptions.py:386 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:382 +#: src/config/SSSDConfig/sssdoptions.py:387 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:383 +#: src/config/SSSDConfig/sssdoptions.py:388 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:384 +#: src/config/SSSDConfig/sssdoptions.py:389 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:385 +#: src/config/SSSDConfig/sssdoptions.py:390 msgid "Ignore unreadable LDAP references" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:386 +#: src/config/SSSDConfig/sssdoptions.py:391 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:388 +#: src/config/SSSDConfig/sssdoptions.py:393 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:391 +#: src/config/SSSDConfig/sssdoptions.py:396 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:392 +#: src/config/SSSDConfig/sssdoptions.py:397 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:394 +#: src/config/SSSDConfig/sssdoptions.py:399 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:397 +#: src/config/SSSDConfig/sssdoptions.py:402 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:398 +#: src/config/SSSDConfig/sssdoptions.py:403 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:399 +#: src/config/SSSDConfig/sssdoptions.py:404 msgid "Use the ppolicy extension" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:400 +#: src/config/SSSDConfig/sssdoptions.py:405 msgid "" "Force a password change when remaining grace logins reach or go below this " "threshold" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:403 +#: src/config/SSSDConfig/sssdoptions.py:408 msgid "Length of time to wait for a search request" msgstr "Tempo de espera por um pedido de pesquisa" -#: src/config/SSSDConfig/sssdoptions.py:404 +#: src/config/SSSDConfig/sssdoptions.py:409 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:405 +#: src/config/SSSDConfig/sssdoptions.py:410 msgid "Length of time between enumeration updates" msgstr "Período de tempo entre enumeração de actualizações" -#: src/config/SSSDConfig/sssdoptions.py:406 +#: src/config/SSSDConfig/sssdoptions.py:411 #, fuzzy msgid "Maximum period deviation between enumeration updates" msgstr "Período de tempo entre enumeração de actualizações" -#: src/config/SSSDConfig/sssdoptions.py:407 +#: src/config/SSSDConfig/sssdoptions.py:412 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:408 +#: src/config/SSSDConfig/sssdoptions.py:413 msgid "Maximum time deviation between cache cleanups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:409 +#: src/config/SSSDConfig/sssdoptions.py:414 msgid "Require TLS for ID lookups" msgstr "Requer TLS para consultas de ID" -#: src/config/SSSDConfig/sssdoptions.py:410 +#: src/config/SSSDConfig/sssdoptions.py:415 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:411 +#: src/config/SSSDConfig/sssdoptions.py:416 msgid "Base DN for user lookups" msgstr "DN base para pesquisa de utilizadores" -#: src/config/SSSDConfig/sssdoptions.py:412 +#: src/config/SSSDConfig/sssdoptions.py:417 msgid "Scope of user lookups" msgstr "Âmbito das pesquisas do utilizador" -#: src/config/SSSDConfig/sssdoptions.py:413 +#: src/config/SSSDConfig/sssdoptions.py:418 msgid "Filter for user lookups" msgstr "Filtro para as pesquisas do utilizador" -#: src/config/SSSDConfig/sssdoptions.py:414 +#: src/config/SSSDConfig/sssdoptions.py:419 msgid "Objectclass for users" msgstr "Objectclass para utilizadores" -#: src/config/SSSDConfig/sssdoptions.py:415 +#: src/config/SSSDConfig/sssdoptions.py:420 msgid "Username attribute" msgstr "Atributo do nome do utilizador" -#: src/config/SSSDConfig/sssdoptions.py:416 +#: src/config/SSSDConfig/sssdoptions.py:421 msgid "UID attribute" msgstr "Atributo UID" -#: src/config/SSSDConfig/sssdoptions.py:417 +#: src/config/SSSDConfig/sssdoptions.py:422 msgid "Primary GID attribute" msgstr "Atributo GID primário" -#: src/config/SSSDConfig/sssdoptions.py:418 +#: src/config/SSSDConfig/sssdoptions.py:423 msgid "GECOS attribute" msgstr "Atributo GECOS" -#: src/config/SSSDConfig/sssdoptions.py:419 +#: src/config/SSSDConfig/sssdoptions.py:424 msgid "Home directory attribute" msgstr "Atributo da pasta pessoal" -#: src/config/SSSDConfig/sssdoptions.py:420 +#: src/config/SSSDConfig/sssdoptions.py:425 msgid "Shell attribute" msgstr "Atributo da Shell" -#: src/config/SSSDConfig/sssdoptions.py:421 +#: src/config/SSSDConfig/sssdoptions.py:426 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:422 -#: src/config/SSSDConfig/sssdoptions.py:461 +#: src/config/SSSDConfig/sssdoptions.py:427 +#: src/config/SSSDConfig/sssdoptions.py:466 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:423 +#: src/config/SSSDConfig/sssdoptions.py:428 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:424 +#: src/config/SSSDConfig/sssdoptions.py:429 msgid "User principal attribute (for Kerberos)" msgstr "Atributo principal do utilizador (para Kerberos)" -#: src/config/SSSDConfig/sssdoptions.py:425 +#: src/config/SSSDConfig/sssdoptions.py:430 msgid "Full Name" msgstr "Nome Completo" -#: src/config/SSSDConfig/sssdoptions.py:426 +#: src/config/SSSDConfig/sssdoptions.py:431 msgid "memberOf attribute" msgstr "Atributo memberOf" -#: src/config/SSSDConfig/sssdoptions.py:427 +#: src/config/SSSDConfig/sssdoptions.py:432 msgid "Modification time attribute" msgstr "Atributo da alteração da data" -#: src/config/SSSDConfig/sssdoptions.py:428 +#: src/config/SSSDConfig/sssdoptions.py:433 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:429 +#: src/config/SSSDConfig/sssdoptions.py:434 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:430 +#: src/config/SSSDConfig/sssdoptions.py:435 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:431 +#: src/config/SSSDConfig/sssdoptions.py:436 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:432 +#: src/config/SSSDConfig/sssdoptions.py:437 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:433 +#: src/config/SSSDConfig/sssdoptions.py:438 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:434 +#: src/config/SSSDConfig/sssdoptions.py:439 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:435 +#: src/config/SSSDConfig/sssdoptions.py:440 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:436 +#: src/config/SSSDConfig/sssdoptions.py:441 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:437 +#: src/config/SSSDConfig/sssdoptions.py:442 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:438 +#: src/config/SSSDConfig/sssdoptions.py:443 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:439 +#: src/config/SSSDConfig/sssdoptions.py:444 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:440 +#: src/config/SSSDConfig/sssdoptions.py:445 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:441 +#: src/config/SSSDConfig/sssdoptions.py:446 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:442 +#: src/config/SSSDConfig/sssdoptions.py:447 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:443 +#: src/config/SSSDConfig/sssdoptions.py:448 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:444 +#: src/config/SSSDConfig/sssdoptions.py:449 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:445 +#: src/config/SSSDConfig/sssdoptions.py:450 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:446 +#: src/config/SSSDConfig/sssdoptions.py:451 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:447 +#: src/config/SSSDConfig/sssdoptions.py:452 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:448 +#: src/config/SSSDConfig/sssdoptions.py:453 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:449 +#: src/config/SSSDConfig/sssdoptions.py:454 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:450 +#: src/config/SSSDConfig/sssdoptions.py:455 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:451 +#: src/config/SSSDConfig/sssdoptions.py:456 msgid "attribute containing the passkey mapping data of the user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:452 +#: src/config/SSSDConfig/sssdoptions.py:457 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:454 +#: src/config/SSSDConfig/sssdoptions.py:459 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:455 +#: src/config/SSSDConfig/sssdoptions.py:460 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:456 +#: src/config/SSSDConfig/sssdoptions.py:461 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:457 +#: src/config/SSSDConfig/sssdoptions.py:462 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:458 +#: src/config/SSSDConfig/sssdoptions.py:463 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:459 +#: src/config/SSSDConfig/sssdoptions.py:464 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:460 +#: src/config/SSSDConfig/sssdoptions.py:465 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:462 +#: src/config/SSSDConfig/sssdoptions.py:467 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:463 +#: src/config/SSSDConfig/sssdoptions.py:468 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:464 +#: src/config/SSSDConfig/sssdoptions.py:469 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:465 +#: src/config/SSSDConfig/sssdoptions.py:470 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:466 +#: src/config/SSSDConfig/sssdoptions.py:471 msgid "Filter for group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:467 +#: src/config/SSSDConfig/sssdoptions.py:472 msgid "Scope of group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:469 +#: src/config/SSSDConfig/sssdoptions.py:474 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:470 +#: src/config/SSSDConfig/sssdoptions.py:475 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:471 +#: src/config/SSSDConfig/sssdoptions.py:476 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:472 +#: src/config/SSSDConfig/sssdoptions.py:477 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:473 +#: src/config/SSSDConfig/sssdoptions.py:478 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:474 +#: src/config/SSSDConfig/sssdoptions.py:479 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:476 +#: src/config/SSSDConfig/sssdoptions.py:481 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:477 +#: src/config/SSSDConfig/sssdoptions.py:482 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:478 +#: src/config/SSSDConfig/sssdoptions.py:483 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:479 +#: src/config/SSSDConfig/sssdoptions.py:484 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:480 +#: src/config/SSSDConfig/sssdoptions.py:485 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:482 +#: src/config/SSSDConfig/sssdoptions.py:487 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:483 +#: src/config/SSSDConfig/sssdoptions.py:488 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:484 +#: src/config/SSSDConfig/sssdoptions.py:489 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:485 +#: src/config/SSSDConfig/sssdoptions.py:490 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:486 +#: src/config/SSSDConfig/sssdoptions.py:491 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:487 +#: src/config/SSSDConfig/sssdoptions.py:492 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:488 +#: src/config/SSSDConfig/sssdoptions.py:493 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:490 +#: src/config/SSSDConfig/sssdoptions.py:495 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:491 +#: src/config/SSSDConfig/sssdoptions.py:496 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:492 +#: src/config/SSSDConfig/sssdoptions.py:497 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:493 +#: src/config/SSSDConfig/sssdoptions.py:498 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:494 +#: src/config/SSSDConfig/sssdoptions.py:499 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:495 +#: src/config/SSSDConfig/sssdoptions.py:500 msgid "Set libldap debug level" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:498 +#: src/config/SSSDConfig/sssdoptions.py:503 msgid "Policy to evaluate the password expiration" msgstr "Politica para avaliar a expiração da senha" -#: src/config/SSSDConfig/sssdoptions.py:502 +#: src/config/SSSDConfig/sssdoptions.py:507 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:506 +#: src/config/SSSDConfig/sssdoptions.py:511 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:507 +#: src/config/SSSDConfig/sssdoptions.py:512 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:508 +#: src/config/SSSDConfig/sssdoptions.py:513 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:509 +#: src/config/SSSDConfig/sssdoptions.py:514 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:513 +#: src/config/SSSDConfig/sssdoptions.py:518 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:514 +#: src/config/SSSDConfig/sssdoptions.py:519 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:515 +#: src/config/SSSDConfig/sssdoptions.py:520 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:516 +#: src/config/SSSDConfig/sssdoptions.py:521 msgid "Smart and full refresh random offset" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:517 +#: src/config/SSSDConfig/sssdoptions.py:522 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:518 +#: src/config/SSSDConfig/sssdoptions.py:523 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:519 +#: src/config/SSSDConfig/sssdoptions.py:524 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:520 +#: src/config/SSSDConfig/sssdoptions.py:525 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:521 +#: src/config/SSSDConfig/sssdoptions.py:526 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:522 +#: src/config/SSSDConfig/sssdoptions.py:527 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:523 +#: src/config/SSSDConfig/sssdoptions.py:528 msgid "Name of attribute that is used as object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:524 +#: src/config/SSSDConfig/sssdoptions.py:529 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:525 +#: src/config/SSSDConfig/sssdoptions.py:530 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:526 +#: src/config/SSSDConfig/sssdoptions.py:531 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:527 +#: src/config/SSSDConfig/sssdoptions.py:532 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:528 +#: src/config/SSSDConfig/sssdoptions.py:533 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:529 +#: src/config/SSSDConfig/sssdoptions.py:534 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:530 +#: src/config/SSSDConfig/sssdoptions.py:535 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:531 +#: src/config/SSSDConfig/sssdoptions.py:536 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:532 +#: src/config/SSSDConfig/sssdoptions.py:537 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:533 +#: src/config/SSSDConfig/sssdoptions.py:538 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:534 +#: src/config/SSSDConfig/sssdoptions.py:539 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:537 +#: src/config/SSSDConfig/sssdoptions.py:542 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:538 +#: src/config/SSSDConfig/sssdoptions.py:543 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:539 +#: src/config/SSSDConfig/sssdoptions.py:544 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:540 +#: src/config/SSSDConfig/sssdoptions.py:545 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:541 +#: src/config/SSSDConfig/sssdoptions.py:546 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:542 +#: src/config/SSSDConfig/sssdoptions.py:547 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:543 +#: src/config/SSSDConfig/sssdoptions.py:548 msgid "The name of the automount master map in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:546 +#: src/config/SSSDConfig/sssdoptions.py:551 msgid "Base DN for IP hosts lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:547 +#: src/config/SSSDConfig/sssdoptions.py:552 msgid "Object class for IP hosts" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:548 +#: src/config/SSSDConfig/sssdoptions.py:553 msgid "IP host name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:549 +#: src/config/SSSDConfig/sssdoptions.py:554 msgid "IP host number (address) attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:550 +#: src/config/SSSDConfig/sssdoptions.py:555 msgid "IP host entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:551 +#: src/config/SSSDConfig/sssdoptions.py:556 msgid "Base DN for IP networks lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:552 +#: src/config/SSSDConfig/sssdoptions.py:557 msgid "Object class for IP networks" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:553 +#: src/config/SSSDConfig/sssdoptions.py:558 msgid "IP network name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:554 +#: src/config/SSSDConfig/sssdoptions.py:559 msgid "IP network number (address) attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:555 +#: src/config/SSSDConfig/sssdoptions.py:560 msgid "IP network entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:558 +#: src/config/SSSDConfig/sssdoptions.py:563 msgid "Comma separated list of allowed users" msgstr "Lista de utilizadores autorizados separados por vírgulas" -#: src/config/SSSDConfig/sssdoptions.py:559 +#: src/config/SSSDConfig/sssdoptions.py:564 msgid "Comma separated list of prohibited users" msgstr "Lista de utilizadores não autorizados separados por vírgulas" -#: src/config/SSSDConfig/sssdoptions.py:560 +#: src/config/SSSDConfig/sssdoptions.py:565 msgid "" "Comma separated list of groups that are allowed to log in. This applies only " "to groups within this SSSD domain. Local groups are not evaluated." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:562 +#: src/config/SSSDConfig/sssdoptions.py:567 msgid "" "Comma separated list of groups that are explicitly denied access. This " "applies only to groups within this SSSD domain. Local groups are not " "evaluated." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:566 +#: src/config/SSSDConfig/sssdoptions.py:571 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:569 +#: src/config/SSSDConfig/sssdoptions.py:574 msgid "The name of the NSS library to use" msgstr "O nome da biblioteca NSS a utilizar" -#: src/config/SSSDConfig/sssdoptions.py:570 +#: src/config/SSSDConfig/sssdoptions.py:575 msgid "The name of the NSS library to use for hosts and networks lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:571 +#: src/config/SSSDConfig/sssdoptions.py:576 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:574 +#: src/config/SSSDConfig/sssdoptions.py:579 msgid "PAM stack to use" msgstr "Stack PAM a utilizar" -#: src/config/SSSDConfig/sssdoptions.py:577 +#: src/config/SSSDConfig/sssdoptions.py:582 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:578 +#: src/config/SSSDConfig/sssdoptions.py:583 msgid "Path of group file sources." msgstr "" @@ -1910,76 +1929,72 @@ msgstr "" msgid "Can't read config: '%s'\n" msgstr "" -#: src/monitor/monitor.c:1953 +#: src/monitor/monitor.c:1956 #, c-format msgid "Failed to boostrap SSSD 'monitor' process: %s" msgstr "" -#: src/monitor/monitor.c:2050 +#: src/monitor/monitor.c:2053 msgid "Out of memory\n" msgstr "Memória esgotada\n" -#: src/providers/krb5/krb5_child.c:4145 src/providers/ldap/ldap_child.c:994 -msgid "Allow core dumps" +#: src/providers/krb5/krb5_child.c:4113 src/providers/ldap/ldap_child.c:995 +msgid "Ignored, /proc/sys/fs/suid_dumpable setting is in force" msgstr "" -#: src/providers/krb5/krb5_child.c:4147 src/providers/ldap/ldap_child.c:996 -msgid "An open file descriptor for the debug logs" -msgstr "Um descritor de ficheiro aberto para os registos de depuração" - -#: src/providers/krb5/krb5_child.c:4150 -msgid "The user to create FAST ccache as" +#: src/providers/krb5/krb5_child.c:4115 src/providers/ldap/ldap_child.c:997 +msgid "Enable debug backtrace" msgstr "" -#: src/providers/krb5/krb5_child.c:4152 -msgid "The group to create FAST ccache as" -msgstr "" +#: src/providers/krb5/krb5_child.c:4117 src/providers/ldap/ldap_child.c:999 +msgid "An open file descriptor for the debug logs" +msgstr "Um descritor de ficheiro aberto para os registos de depuração" -#: src/providers/krb5/krb5_child.c:4154 +#: src/providers/krb5/krb5_child.c:4120 msgid "Use anonymous PKINIT to request FAST armor ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:4156 +#: src/providers/krb5/krb5_child.c:4122 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:4158 +#: src/providers/krb5/krb5_child.c:4124 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:4160 +#: src/providers/krb5/krb5_child.c:4126 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:4162 +#: src/providers/krb5/krb5_child.c:4128 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:4165 +#: src/providers/krb5/krb5_child.c:4131 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:4167 +#: src/providers/krb5/krb5_child.c:4133 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/krb5/krb5_child.c:4169 +#: src/providers/krb5/krb5_child.c:4135 msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/krb5/krb5_child.c:4171 +#: src/providers/krb5/krb5_child.c:4137 msgid "Tevent chain ID used for logging purposes" msgstr "" -#: src/providers/krb5/krb5_child.c:4173 +#: src/providers/krb5/krb5_child.c:4139 msgid "Check PAC flags" msgstr "" -#: src/providers/krb5/krb5_child.c:4217 src/providers/ldap/ldap_child.c:1022 +#: src/providers/krb5/krb5_child.c:4187 src/providers/ldap/ldap_child.c:1029 msgid "talloc_asprintf failed.\n" msgstr "" -#: src/providers/krb5/krb5_child.c:4227 src/providers/ldap/ldap_child.c:1031 +#: src/providers/krb5/krb5_child.c:4197 src/providers/ldap/ldap_child.c:1038 msgid "set_debug_file_from_fd failed.\n" msgstr "" @@ -2143,7 +2158,7 @@ msgstr "" msgid "Current Password: " msgstr "Senha actual: " -#: src/sss_client/pam_sss.c:3147 +#: src/sss_client/pam_sss.c:3150 msgid "Password expired. Change your password now." msgstr "A senha expirou. Altere a sua senha agora." @@ -2808,24 +2823,28 @@ msgstr "" #: src/tools/sssctl/sssctl_config.c:120 #, c-format -msgid "Failed to read '%s': %s\n" +msgid "Configuration validation failed: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_config.c:129 +#: src/tools/sssctl/sssctl_config.c:121 +msgid "Run with high debug level to see details.\n" +msgstr "" + +#: src/tools/sssctl/sssctl_config.c:130 msgid "Failed to run validators" msgstr "" -#: src/tools/sssctl/sssctl_config.c:133 +#: src/tools/sssctl/sssctl_config.c:134 #, c-format msgid "Issues identified by validators: %zu\n" msgstr "" -#: src/tools/sssctl/sssctl_config.c:144 +#: src/tools/sssctl/sssctl_config.c:145 #, c-format msgid "Messages generated during configuration merging: %zu\n" msgstr "" -#: src/tools/sssctl/sssctl_config.c:157 +#: src/tools/sssctl/sssctl_config.c:158 #, c-format msgid "Used configuration snippet files: %zu\n" msgstr "" @@ -3317,11 +3336,11 @@ msgstr "" msgid " - no env -\n" msgstr "" -#: src/util/util.h:98 +#: src/util/util.h:91 msgid "Specify a non-default config file" msgstr "Especificar um ficheiro de configuração não standard" -#: src/util/util.h:105 +#: src/util/util.h:98 msgid "Informs that the responder has been socket-activated" msgstr "" diff --git a/po/pt_BR.po b/po/pt_BR.po index 0b26546d4bf..fc081388e44 100644 --- a/po/pt_BR.po +++ b/po/pt_BR.po @@ -3,7 +3,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2024-10-15 11:45+0200\n" +"POT-Creation-Date: 2024-12-10 14:35+0100\n" "PO-Revision-Date: 2015-10-27 08:15-0400\n" "Last-Translator: Marco Aurélio Krause \n" "Language-Team: Portuguese (Brazil)\n" @@ -579,1265 +579,1283 @@ msgid "Whether to automatically update the client's DNS entry" msgstr "" #: src/config/SSSDConfig/sssdoptions.py:200 -#: src/config/SSSDConfig/sssdoptions.py:233 +msgid "" +"Whether DNS update of A and AAAA record should be performed in one update or " +"in two separate updates" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:202 +#: src/config/SSSDConfig/sssdoptions.py:238 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:201 -#: src/config/SSSDConfig/sssdoptions.py:234 +#: src/config/SSSDConfig/sssdoptions.py:203 +#: src/config/SSSDConfig/sssdoptions.py:239 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:202 +#: src/config/SSSDConfig/sssdoptions.py:204 msgid "How often to periodically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:203 +#: src/config/SSSDConfig/sssdoptions.py:205 msgid "Maximum period deviation when updating the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:204 +#: src/config/SSSDConfig/sssdoptions.py:206 msgid "Whether the provider should explicitly update the PTR record as well" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:205 +#: src/config/SSSDConfig/sssdoptions.py:207 msgid "Whether the nsupdate utility should default to using TCP" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:206 +#: src/config/SSSDConfig/sssdoptions.py:208 msgid "What kind of authentication should be used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:207 +#: src/config/SSSDConfig/sssdoptions.py:209 msgid "Override the DNS server used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:208 +#: src/config/SSSDConfig/sssdoptions.py:210 +msgid "The file of the certificate authorities certificates for DoT" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:211 +msgid "The certificate(s) file for authentication for the DoT transport" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:212 +msgid "The key file for authenticated encryption for the DoT transport" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:213 msgid "Control enumeration of trusted domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:209 +#: src/config/SSSDConfig/sssdoptions.py:214 msgid "How often should subdomains list be refreshed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:210 +#: src/config/SSSDConfig/sssdoptions.py:215 msgid "Maximum period deviation when refreshing the subdomain list" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:211 +#: src/config/SSSDConfig/sssdoptions.py:216 msgid "List of options that should be inherited into a subdomain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:212 +#: src/config/SSSDConfig/sssdoptions.py:217 msgid "Default subdomain homedir value" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:213 +#: src/config/SSSDConfig/sssdoptions.py:218 msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:214 +#: src/config/SSSDConfig/sssdoptions.py:219 msgid "Whether to automatically create private groups for users" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:215 +#: src/config/SSSDConfig/sssdoptions.py:220 msgid "Display a warning N days before the password expires." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:216 +#: src/config/SSSDConfig/sssdoptions.py:221 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:217 +#: src/config/SSSDConfig/sssdoptions.py:222 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:219 +#: src/config/SSSDConfig/sssdoptions.py:224 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:221 +#: src/config/SSSDConfig/sssdoptions.py:226 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " "(long term password) must have to be saved as SHA512 hash into the cache." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:225 +#: src/config/SSSDConfig/sssdoptions.py:230 msgid "Local authentication methods policy " msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:228 +#: src/config/SSSDConfig/sssdoptions.py:233 msgid "IPA domain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:229 +#: src/config/SSSDConfig/sssdoptions.py:234 msgid "IPA server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:230 +#: src/config/SSSDConfig/sssdoptions.py:235 msgid "Address of backup IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:231 +#: src/config/SSSDConfig/sssdoptions.py:236 msgid "IPA client hostname" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:232 +#: src/config/SSSDConfig/sssdoptions.py:237 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:235 +#: src/config/SSSDConfig/sssdoptions.py:240 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:236 +#: src/config/SSSDConfig/sssdoptions.py:241 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:237 +#: src/config/SSSDConfig/sssdoptions.py:242 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:239 +#: src/config/SSSDConfig/sssdoptions.py:244 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:240 +#: src/config/SSSDConfig/sssdoptions.py:245 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:241 +#: src/config/SSSDConfig/sssdoptions.py:246 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:242 +#: src/config/SSSDConfig/sssdoptions.py:247 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:243 -#: src/config/SSSDConfig/sssdoptions.py:299 +#: src/config/SSSDConfig/sssdoptions.py:248 +#: src/config/SSSDConfig/sssdoptions.py:304 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:244 +#: src/config/SSSDConfig/sssdoptions.py:249 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:245 +#: src/config/SSSDConfig/sssdoptions.py:250 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:246 +#: src/config/SSSDConfig/sssdoptions.py:251 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:247 +#: src/config/SSSDConfig/sssdoptions.py:252 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:248 +#: src/config/SSSDConfig/sssdoptions.py:253 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:249 +#: src/config/SSSDConfig/sssdoptions.py:254 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:250 +#: src/config/SSSDConfig/sssdoptions.py:255 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:251 +#: src/config/SSSDConfig/sssdoptions.py:256 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:252 +#: src/config/SSSDConfig/sssdoptions.py:257 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:254 +#: src/config/SSSDConfig/sssdoptions.py:259 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:257 +#: src/config/SSSDConfig/sssdoptions.py:262 msgid "Search base for SUBID ranges" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:258 -#: src/config/SSSDConfig/sssdoptions.py:503 +#: src/config/SSSDConfig/sssdoptions.py:263 +#: src/config/SSSDConfig/sssdoptions.py:508 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:259 +#: src/config/SSSDConfig/sssdoptions.py:264 msgid "The LDAP attribute that contains FQDN of the host." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:260 -#: src/config/SSSDConfig/sssdoptions.py:283 +#: src/config/SSSDConfig/sssdoptions.py:265 +#: src/config/SSSDConfig/sssdoptions.py:288 msgid "The object class of a host entry in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:261 +#: src/config/SSSDConfig/sssdoptions.py:266 msgid "Use the given string as search base for host objects." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:262 +#: src/config/SSSDConfig/sssdoptions.py:267 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:263 +#: src/config/SSSDConfig/sssdoptions.py:268 msgid "The LDAP attribute that contains NIS domain name of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:264 +#: src/config/SSSDConfig/sssdoptions.py:269 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:265 +#: src/config/SSSDConfig/sssdoptions.py:270 msgid "" "The LDAP attribute that lists FQDNs of hosts and host groups that are " "members of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:267 +#: src/config/SSSDConfig/sssdoptions.py:272 msgid "" "The LDAP attribute that lists hosts and host groups that are direct members " "of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:269 +#: src/config/SSSDConfig/sssdoptions.py:274 msgid "The LDAP attribute that lists netgroup's memberships." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:270 +#: src/config/SSSDConfig/sssdoptions.py:275 msgid "" "The LDAP attribute that lists system users and groups that are direct " "members of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:272 +#: src/config/SSSDConfig/sssdoptions.py:277 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:273 +#: src/config/SSSDConfig/sssdoptions.py:278 msgid "The object class of a netgroup entry in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:274 +#: src/config/SSSDConfig/sssdoptions.py:279 msgid "" "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:275 +#: src/config/SSSDConfig/sssdoptions.py:280 msgid "" "The LDAP attribute that contains whether or not is user map enabled for " "usage." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:277 +#: src/config/SSSDConfig/sssdoptions.py:282 msgid "The LDAP attribute that contains host category such as 'all'." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:278 +#: src/config/SSSDConfig/sssdoptions.py:283 msgid "" "The LDAP attribute that contains all hosts / hostgroups this rule match " "against." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:280 +#: src/config/SSSDConfig/sssdoptions.py:285 msgid "" "The LDAP attribute that contains all users / groups this rule match against." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:282 +#: src/config/SSSDConfig/sssdoptions.py:287 msgid "The LDAP attribute that contains the name of SELinux usermap." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:284 +#: src/config/SSSDConfig/sssdoptions.py:289 msgid "" "The LDAP attribute that contains DN of HBAC rule which can be used for " "matching instead of memberUser and memberHost." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:286 +#: src/config/SSSDConfig/sssdoptions.py:291 msgid "The LDAP attribute that contains SELinux user string itself." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:287 +#: src/config/SSSDConfig/sssdoptions.py:292 msgid "The LDAP attribute that contains user category such as 'all'." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:288 +#: src/config/SSSDConfig/sssdoptions.py:293 msgid "The LDAP attribute that contains unique ID of the user map." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:289 +#: src/config/SSSDConfig/sssdoptions.py:294 msgid "" "The option denotes that the SSSD is running on IPA server and should perform " "lookups of users and groups from trusted domains differently." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:291 +#: src/config/SSSDConfig/sssdoptions.py:296 msgid "Use the given string as search base for trusted domains." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:294 +#: src/config/SSSDConfig/sssdoptions.py:299 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:295 +#: src/config/SSSDConfig/sssdoptions.py:300 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:296 +#: src/config/SSSDConfig/sssdoptions.py:301 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:297 +#: src/config/SSSDConfig/sssdoptions.py:302 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:298 +#: src/config/SSSDConfig/sssdoptions.py:303 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:300 -#: src/config/SSSDConfig/sssdoptions.py:501 +#: src/config/SSSDConfig/sssdoptions.py:305 +#: src/config/SSSDConfig/sssdoptions.py:506 msgid "LDAP filter to determine access privileges" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:301 +#: src/config/SSSDConfig/sssdoptions.py:306 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:302 +#: src/config/SSSDConfig/sssdoptions.py:307 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:303 +#: src/config/SSSDConfig/sssdoptions.py:308 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:304 +#: src/config/SSSDConfig/sssdoptions.py:309 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:306 +#: src/config/SSSDConfig/sssdoptions.py:311 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:308 +#: src/config/SSSDConfig/sssdoptions.py:313 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:309 +#: src/config/SSSDConfig/sssdoptions.py:314 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:310 +#: src/config/SSSDConfig/sssdoptions.py:315 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:311 +#: src/config/SSSDConfig/sssdoptions.py:316 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:312 +#: src/config/SSSDConfig/sssdoptions.py:317 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:313 +#: src/config/SSSDConfig/sssdoptions.py:318 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:314 +#: src/config/SSSDConfig/sssdoptions.py:319 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:315 +#: src/config/SSSDConfig/sssdoptions.py:320 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:317 +#: src/config/SSSDConfig/sssdoptions.py:322 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:318 +#: src/config/SSSDConfig/sssdoptions.py:323 msgid "Whether to update the machine account password in the Samba database" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:320 +#: src/config/SSSDConfig/sssdoptions.py:325 msgid "Use LDAPS port for LDAP and Global Catalog requests" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:321 +#: src/config/SSSDConfig/sssdoptions.py:326 msgid "Do not filter domain local groups from other domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:324 -#: src/config/SSSDConfig/sssdoptions.py:325 +#: src/config/SSSDConfig/sssdoptions.py:329 +#: src/config/SSSDConfig/sssdoptions.py:330 msgid "Kerberos server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:326 +#: src/config/SSSDConfig/sssdoptions.py:331 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:327 +#: src/config/SSSDConfig/sssdoptions.py:332 msgid "Kerberos realm" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:328 +#: src/config/SSSDConfig/sssdoptions.py:333 msgid "Authentication timeout" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:329 +#: src/config/SSSDConfig/sssdoptions.py:334 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:330 +#: src/config/SSSDConfig/sssdoptions.py:335 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:333 +#: src/config/SSSDConfig/sssdoptions.py:338 msgid "Directory to store credential caches" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:334 +#: src/config/SSSDConfig/sssdoptions.py:339 msgid "Location of the user's credential cache" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:335 +#: src/config/SSSDConfig/sssdoptions.py:340 msgid "Location of the keytab to validate credentials" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:336 +#: src/config/SSSDConfig/sssdoptions.py:341 msgid "Enable credential validation" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:337 +#: src/config/SSSDConfig/sssdoptions.py:342 msgid "Store password if offline for later online authentication" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:338 +#: src/config/SSSDConfig/sssdoptions.py:343 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:339 +#: src/config/SSSDConfig/sssdoptions.py:344 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:340 +#: src/config/SSSDConfig/sssdoptions.py:345 msgid "Time between two checks for renewal" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:341 +#: src/config/SSSDConfig/sssdoptions.py:346 msgid "Enables FAST" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:342 +#: src/config/SSSDConfig/sssdoptions.py:347 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:343 +#: src/config/SSSDConfig/sssdoptions.py:348 msgid "Use anonymous PKINIT to request FAST credentials" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:344 +#: src/config/SSSDConfig/sssdoptions.py:349 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:345 +#: src/config/SSSDConfig/sssdoptions.py:350 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:346 +#: src/config/SSSDConfig/sssdoptions.py:351 msgid "Enables using of subdomains realms for authentication" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:347 +#: src/config/SSSDConfig/sssdoptions.py:352 msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:350 -#: src/config/SSSDConfig/sssdoptions.py:351 +#: src/config/SSSDConfig/sssdoptions.py:355 +#: src/config/SSSDConfig/sssdoptions.py:356 msgid "Server where the change password service is running if not on the KDC" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:354 +#: src/config/SSSDConfig/sssdoptions.py:359 msgid "ldap_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:355 +#: src/config/SSSDConfig/sssdoptions.py:360 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:356 +#: src/config/SSSDConfig/sssdoptions.py:361 msgid "The default base DN" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:357 +#: src/config/SSSDConfig/sssdoptions.py:362 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:358 +#: src/config/SSSDConfig/sssdoptions.py:363 msgid "Mode used to change user password" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:359 +#: src/config/SSSDConfig/sssdoptions.py:364 msgid "The default bind DN" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:360 +#: src/config/SSSDConfig/sssdoptions.py:365 msgid "The type of the authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:361 +#: src/config/SSSDConfig/sssdoptions.py:366 msgid "The authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:362 +#: src/config/SSSDConfig/sssdoptions.py:367 msgid "Length of time to attempt connection" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:363 +#: src/config/SSSDConfig/sssdoptions.py:368 msgid "Length of time to attempt synchronous LDAP operations" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:364 +#: src/config/SSSDConfig/sssdoptions.py:369 msgid "Length of time between attempts to reconnect while offline" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:365 +#: src/config/SSSDConfig/sssdoptions.py:370 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:366 +#: src/config/SSSDConfig/sssdoptions.py:371 msgid "File that contains CA certificates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:367 +#: src/config/SSSDConfig/sssdoptions.py:372 msgid "Path to CA certificate directory" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:368 +#: src/config/SSSDConfig/sssdoptions.py:373 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:369 +#: src/config/SSSDConfig/sssdoptions.py:374 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:370 +#: src/config/SSSDConfig/sssdoptions.py:375 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:371 +#: src/config/SSSDConfig/sssdoptions.py:376 msgid "Require TLS certificate verification" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:372 +#: src/config/SSSDConfig/sssdoptions.py:377 msgid "Specify the sasl mechanism to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:373 +#: src/config/SSSDConfig/sssdoptions.py:378 msgid "Specify the sasl authorization id to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:374 +#: src/config/SSSDConfig/sssdoptions.py:379 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:375 +#: src/config/SSSDConfig/sssdoptions.py:380 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:376 +#: src/config/SSSDConfig/sssdoptions.py:381 msgid "Specify the maximal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:377 +#: src/config/SSSDConfig/sssdoptions.py:382 msgid "Kerberos service keytab" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:378 +#: src/config/SSSDConfig/sssdoptions.py:383 msgid "Use Kerberos auth for LDAP connection" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:379 +#: src/config/SSSDConfig/sssdoptions.py:384 msgid "Follow LDAP referrals" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:380 +#: src/config/SSSDConfig/sssdoptions.py:385 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:381 +#: src/config/SSSDConfig/sssdoptions.py:386 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:382 +#: src/config/SSSDConfig/sssdoptions.py:387 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:383 +#: src/config/SSSDConfig/sssdoptions.py:388 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:384 +#: src/config/SSSDConfig/sssdoptions.py:389 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:385 +#: src/config/SSSDConfig/sssdoptions.py:390 msgid "Ignore unreadable LDAP references" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:386 +#: src/config/SSSDConfig/sssdoptions.py:391 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:388 +#: src/config/SSSDConfig/sssdoptions.py:393 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:391 +#: src/config/SSSDConfig/sssdoptions.py:396 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:392 +#: src/config/SSSDConfig/sssdoptions.py:397 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:394 +#: src/config/SSSDConfig/sssdoptions.py:399 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:397 +#: src/config/SSSDConfig/sssdoptions.py:402 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:398 +#: src/config/SSSDConfig/sssdoptions.py:403 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:399 +#: src/config/SSSDConfig/sssdoptions.py:404 msgid "Use the ppolicy extension" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:400 +#: src/config/SSSDConfig/sssdoptions.py:405 msgid "" "Force a password change when remaining grace logins reach or go below this " "threshold" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:403 +#: src/config/SSSDConfig/sssdoptions.py:408 msgid "Length of time to wait for a search request" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:404 +#: src/config/SSSDConfig/sssdoptions.py:409 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:405 +#: src/config/SSSDConfig/sssdoptions.py:410 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:406 +#: src/config/SSSDConfig/sssdoptions.py:411 msgid "Maximum period deviation between enumeration updates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:407 +#: src/config/SSSDConfig/sssdoptions.py:412 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:408 +#: src/config/SSSDConfig/sssdoptions.py:413 msgid "Maximum time deviation between cache cleanups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:409 +#: src/config/SSSDConfig/sssdoptions.py:414 msgid "Require TLS for ID lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:410 +#: src/config/SSSDConfig/sssdoptions.py:415 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:411 +#: src/config/SSSDConfig/sssdoptions.py:416 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:412 +#: src/config/SSSDConfig/sssdoptions.py:417 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:413 +#: src/config/SSSDConfig/sssdoptions.py:418 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:414 +#: src/config/SSSDConfig/sssdoptions.py:419 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:415 +#: src/config/SSSDConfig/sssdoptions.py:420 msgid "Username attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:416 +#: src/config/SSSDConfig/sssdoptions.py:421 msgid "UID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:417 +#: src/config/SSSDConfig/sssdoptions.py:422 msgid "Primary GID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:418 +#: src/config/SSSDConfig/sssdoptions.py:423 msgid "GECOS attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:419 +#: src/config/SSSDConfig/sssdoptions.py:424 msgid "Home directory attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:420 +#: src/config/SSSDConfig/sssdoptions.py:425 msgid "Shell attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:421 +#: src/config/SSSDConfig/sssdoptions.py:426 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:422 -#: src/config/SSSDConfig/sssdoptions.py:461 +#: src/config/SSSDConfig/sssdoptions.py:427 +#: src/config/SSSDConfig/sssdoptions.py:466 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:423 +#: src/config/SSSDConfig/sssdoptions.py:428 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:424 +#: src/config/SSSDConfig/sssdoptions.py:429 msgid "User principal attribute (for Kerberos)" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:425 +#: src/config/SSSDConfig/sssdoptions.py:430 msgid "Full Name" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:426 +#: src/config/SSSDConfig/sssdoptions.py:431 msgid "memberOf attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:427 +#: src/config/SSSDConfig/sssdoptions.py:432 msgid "Modification time attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:428 +#: src/config/SSSDConfig/sssdoptions.py:433 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:429 +#: src/config/SSSDConfig/sssdoptions.py:434 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:430 +#: src/config/SSSDConfig/sssdoptions.py:435 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:431 +#: src/config/SSSDConfig/sssdoptions.py:436 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:432 +#: src/config/SSSDConfig/sssdoptions.py:437 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:433 +#: src/config/SSSDConfig/sssdoptions.py:438 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:434 +#: src/config/SSSDConfig/sssdoptions.py:439 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:435 +#: src/config/SSSDConfig/sssdoptions.py:440 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:436 +#: src/config/SSSDConfig/sssdoptions.py:441 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:437 +#: src/config/SSSDConfig/sssdoptions.py:442 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:438 +#: src/config/SSSDConfig/sssdoptions.py:443 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:439 +#: src/config/SSSDConfig/sssdoptions.py:444 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:440 +#: src/config/SSSDConfig/sssdoptions.py:445 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:441 +#: src/config/SSSDConfig/sssdoptions.py:446 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:442 +#: src/config/SSSDConfig/sssdoptions.py:447 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:443 +#: src/config/SSSDConfig/sssdoptions.py:448 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:444 +#: src/config/SSSDConfig/sssdoptions.py:449 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:445 +#: src/config/SSSDConfig/sssdoptions.py:450 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:446 +#: src/config/SSSDConfig/sssdoptions.py:451 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:447 +#: src/config/SSSDConfig/sssdoptions.py:452 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:448 +#: src/config/SSSDConfig/sssdoptions.py:453 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:449 +#: src/config/SSSDConfig/sssdoptions.py:454 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:450 +#: src/config/SSSDConfig/sssdoptions.py:455 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:451 +#: src/config/SSSDConfig/sssdoptions.py:456 msgid "attribute containing the passkey mapping data of the user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:452 +#: src/config/SSSDConfig/sssdoptions.py:457 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:454 +#: src/config/SSSDConfig/sssdoptions.py:459 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:455 +#: src/config/SSSDConfig/sssdoptions.py:460 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:456 +#: src/config/SSSDConfig/sssdoptions.py:461 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:457 +#: src/config/SSSDConfig/sssdoptions.py:462 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:458 +#: src/config/SSSDConfig/sssdoptions.py:463 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:459 +#: src/config/SSSDConfig/sssdoptions.py:464 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:460 +#: src/config/SSSDConfig/sssdoptions.py:465 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:462 +#: src/config/SSSDConfig/sssdoptions.py:467 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:463 +#: src/config/SSSDConfig/sssdoptions.py:468 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:464 +#: src/config/SSSDConfig/sssdoptions.py:469 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:465 +#: src/config/SSSDConfig/sssdoptions.py:470 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:466 +#: src/config/SSSDConfig/sssdoptions.py:471 msgid "Filter for group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:467 +#: src/config/SSSDConfig/sssdoptions.py:472 msgid "Scope of group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:469 +#: src/config/SSSDConfig/sssdoptions.py:474 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:470 +#: src/config/SSSDConfig/sssdoptions.py:475 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:471 +#: src/config/SSSDConfig/sssdoptions.py:476 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:472 +#: src/config/SSSDConfig/sssdoptions.py:477 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:473 +#: src/config/SSSDConfig/sssdoptions.py:478 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:474 +#: src/config/SSSDConfig/sssdoptions.py:479 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:476 +#: src/config/SSSDConfig/sssdoptions.py:481 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:477 +#: src/config/SSSDConfig/sssdoptions.py:482 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:478 +#: src/config/SSSDConfig/sssdoptions.py:483 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:479 +#: src/config/SSSDConfig/sssdoptions.py:484 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:480 +#: src/config/SSSDConfig/sssdoptions.py:485 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:482 +#: src/config/SSSDConfig/sssdoptions.py:487 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:483 +#: src/config/SSSDConfig/sssdoptions.py:488 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:484 +#: src/config/SSSDConfig/sssdoptions.py:489 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:485 +#: src/config/SSSDConfig/sssdoptions.py:490 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:486 +#: src/config/SSSDConfig/sssdoptions.py:491 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:487 +#: src/config/SSSDConfig/sssdoptions.py:492 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:488 +#: src/config/SSSDConfig/sssdoptions.py:493 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:490 +#: src/config/SSSDConfig/sssdoptions.py:495 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:491 +#: src/config/SSSDConfig/sssdoptions.py:496 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:492 +#: src/config/SSSDConfig/sssdoptions.py:497 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:493 +#: src/config/SSSDConfig/sssdoptions.py:498 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:494 +#: src/config/SSSDConfig/sssdoptions.py:499 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:495 +#: src/config/SSSDConfig/sssdoptions.py:500 msgid "Set libldap debug level" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:498 +#: src/config/SSSDConfig/sssdoptions.py:503 msgid "Policy to evaluate the password expiration" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:502 +#: src/config/SSSDConfig/sssdoptions.py:507 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:506 +#: src/config/SSSDConfig/sssdoptions.py:511 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:507 +#: src/config/SSSDConfig/sssdoptions.py:512 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:508 +#: src/config/SSSDConfig/sssdoptions.py:513 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:509 +#: src/config/SSSDConfig/sssdoptions.py:514 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:513 +#: src/config/SSSDConfig/sssdoptions.py:518 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:514 +#: src/config/SSSDConfig/sssdoptions.py:519 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:515 +#: src/config/SSSDConfig/sssdoptions.py:520 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:516 +#: src/config/SSSDConfig/sssdoptions.py:521 msgid "Smart and full refresh random offset" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:517 +#: src/config/SSSDConfig/sssdoptions.py:522 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:518 +#: src/config/SSSDConfig/sssdoptions.py:523 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:519 +#: src/config/SSSDConfig/sssdoptions.py:524 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:520 +#: src/config/SSSDConfig/sssdoptions.py:525 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:521 +#: src/config/SSSDConfig/sssdoptions.py:526 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:522 +#: src/config/SSSDConfig/sssdoptions.py:527 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:523 +#: src/config/SSSDConfig/sssdoptions.py:528 msgid "Name of attribute that is used as object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:524 +#: src/config/SSSDConfig/sssdoptions.py:529 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:525 +#: src/config/SSSDConfig/sssdoptions.py:530 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:526 +#: src/config/SSSDConfig/sssdoptions.py:531 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:527 +#: src/config/SSSDConfig/sssdoptions.py:532 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:528 +#: src/config/SSSDConfig/sssdoptions.py:533 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:529 +#: src/config/SSSDConfig/sssdoptions.py:534 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:530 +#: src/config/SSSDConfig/sssdoptions.py:535 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:531 +#: src/config/SSSDConfig/sssdoptions.py:536 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:532 +#: src/config/SSSDConfig/sssdoptions.py:537 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:533 +#: src/config/SSSDConfig/sssdoptions.py:538 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:534 +#: src/config/SSSDConfig/sssdoptions.py:539 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:537 +#: src/config/SSSDConfig/sssdoptions.py:542 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:538 +#: src/config/SSSDConfig/sssdoptions.py:543 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:539 +#: src/config/SSSDConfig/sssdoptions.py:544 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:540 +#: src/config/SSSDConfig/sssdoptions.py:545 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:541 +#: src/config/SSSDConfig/sssdoptions.py:546 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:542 +#: src/config/SSSDConfig/sssdoptions.py:547 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:543 +#: src/config/SSSDConfig/sssdoptions.py:548 msgid "The name of the automount master map in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:546 +#: src/config/SSSDConfig/sssdoptions.py:551 msgid "Base DN for IP hosts lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:547 +#: src/config/SSSDConfig/sssdoptions.py:552 msgid "Object class for IP hosts" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:548 +#: src/config/SSSDConfig/sssdoptions.py:553 msgid "IP host name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:549 +#: src/config/SSSDConfig/sssdoptions.py:554 msgid "IP host number (address) attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:550 +#: src/config/SSSDConfig/sssdoptions.py:555 msgid "IP host entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:551 +#: src/config/SSSDConfig/sssdoptions.py:556 msgid "Base DN for IP networks lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:552 +#: src/config/SSSDConfig/sssdoptions.py:557 msgid "Object class for IP networks" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:553 +#: src/config/SSSDConfig/sssdoptions.py:558 msgid "IP network name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:554 +#: src/config/SSSDConfig/sssdoptions.py:559 msgid "IP network number (address) attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:555 +#: src/config/SSSDConfig/sssdoptions.py:560 msgid "IP network entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:558 +#: src/config/SSSDConfig/sssdoptions.py:563 msgid "Comma separated list of allowed users" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:559 +#: src/config/SSSDConfig/sssdoptions.py:564 msgid "Comma separated list of prohibited users" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:560 +#: src/config/SSSDConfig/sssdoptions.py:565 msgid "" "Comma separated list of groups that are allowed to log in. This applies only " "to groups within this SSSD domain. Local groups are not evaluated." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:562 +#: src/config/SSSDConfig/sssdoptions.py:567 msgid "" "Comma separated list of groups that are explicitly denied access. This " "applies only to groups within this SSSD domain. Local groups are not " "evaluated." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:566 +#: src/config/SSSDConfig/sssdoptions.py:571 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:569 +#: src/config/SSSDConfig/sssdoptions.py:574 msgid "The name of the NSS library to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:570 +#: src/config/SSSDConfig/sssdoptions.py:575 msgid "The name of the NSS library to use for hosts and networks lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:571 +#: src/config/SSSDConfig/sssdoptions.py:576 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:574 +#: src/config/SSSDConfig/sssdoptions.py:579 msgid "PAM stack to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:577 +#: src/config/SSSDConfig/sssdoptions.py:582 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:578 +#: src/config/SSSDConfig/sssdoptions.py:583 msgid "Path of group file sources." msgstr "" @@ -1891,76 +1909,72 @@ msgstr "" msgid "Can't read config: '%s'\n" msgstr "" -#: src/monitor/monitor.c:1953 +#: src/monitor/monitor.c:1956 #, c-format msgid "Failed to boostrap SSSD 'monitor' process: %s" msgstr "" -#: src/monitor/monitor.c:2050 +#: src/monitor/monitor.c:2053 msgid "Out of memory\n" msgstr "" -#: src/providers/krb5/krb5_child.c:4145 src/providers/ldap/ldap_child.c:994 -msgid "Allow core dumps" +#: src/providers/krb5/krb5_child.c:4113 src/providers/ldap/ldap_child.c:995 +msgid "Ignored, /proc/sys/fs/suid_dumpable setting is in force" msgstr "" -#: src/providers/krb5/krb5_child.c:4147 src/providers/ldap/ldap_child.c:996 -msgid "An open file descriptor for the debug logs" -msgstr "" - -#: src/providers/krb5/krb5_child.c:4150 -msgid "The user to create FAST ccache as" +#: src/providers/krb5/krb5_child.c:4115 src/providers/ldap/ldap_child.c:997 +msgid "Enable debug backtrace" msgstr "" -#: src/providers/krb5/krb5_child.c:4152 -msgid "The group to create FAST ccache as" +#: src/providers/krb5/krb5_child.c:4117 src/providers/ldap/ldap_child.c:999 +msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:4154 +#: src/providers/krb5/krb5_child.c:4120 msgid "Use anonymous PKINIT to request FAST armor ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:4156 +#: src/providers/krb5/krb5_child.c:4122 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:4158 +#: src/providers/krb5/krb5_child.c:4124 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:4160 +#: src/providers/krb5/krb5_child.c:4126 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:4162 +#: src/providers/krb5/krb5_child.c:4128 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:4165 +#: src/providers/krb5/krb5_child.c:4131 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:4167 +#: src/providers/krb5/krb5_child.c:4133 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/krb5/krb5_child.c:4169 +#: src/providers/krb5/krb5_child.c:4135 msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/krb5/krb5_child.c:4171 +#: src/providers/krb5/krb5_child.c:4137 msgid "Tevent chain ID used for logging purposes" msgstr "" -#: src/providers/krb5/krb5_child.c:4173 +#: src/providers/krb5/krb5_child.c:4139 msgid "Check PAC flags" msgstr "" -#: src/providers/krb5/krb5_child.c:4217 src/providers/ldap/ldap_child.c:1022 +#: src/providers/krb5/krb5_child.c:4187 src/providers/ldap/ldap_child.c:1029 msgid "talloc_asprintf failed.\n" msgstr "" -#: src/providers/krb5/krb5_child.c:4227 src/providers/ldap/ldap_child.c:1031 +#: src/providers/krb5/krb5_child.c:4197 src/providers/ldap/ldap_child.c:1038 msgid "set_debug_file_from_fd failed.\n" msgstr "" @@ -2124,7 +2138,7 @@ msgstr "" msgid "Current Password: " msgstr "" -#: src/sss_client/pam_sss.c:3147 +#: src/sss_client/pam_sss.c:3150 msgid "Password expired. Change your password now." msgstr "" @@ -2786,24 +2800,28 @@ msgstr "" #: src/tools/sssctl/sssctl_config.c:120 #, c-format -msgid "Failed to read '%s': %s\n" +msgid "Configuration validation failed: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_config.c:129 +#: src/tools/sssctl/sssctl_config.c:121 +msgid "Run with high debug level to see details.\n" +msgstr "" + +#: src/tools/sssctl/sssctl_config.c:130 msgid "Failed to run validators" msgstr "" -#: src/tools/sssctl/sssctl_config.c:133 +#: src/tools/sssctl/sssctl_config.c:134 #, c-format msgid "Issues identified by validators: %zu\n" msgstr "" -#: src/tools/sssctl/sssctl_config.c:144 +#: src/tools/sssctl/sssctl_config.c:145 #, c-format msgid "Messages generated during configuration merging: %zu\n" msgstr "" -#: src/tools/sssctl/sssctl_config.c:157 +#: src/tools/sssctl/sssctl_config.c:158 #, c-format msgid "Used configuration snippet files: %zu\n" msgstr "" @@ -3292,11 +3310,11 @@ msgstr "" msgid " - no env -\n" msgstr "" -#: src/util/util.h:98 +#: src/util/util.h:91 msgid "Specify a non-default config file" msgstr "" -#: src/util/util.h:105 +#: src/util/util.h:98 msgid "Informs that the responder has been socket-activated" msgstr "" diff --git a/po/ru.po b/po/ru.po index 37702f06f98..3ae7ca26238 100644 --- a/po/ru.po +++ b/po/ru.po @@ -12,7 +12,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2024-10-15 11:45+0200\n" +"POT-Creation-Date: 2024-12-10 14:35+0100\n" "PO-Revision-Date: 2024-06-27 05:36+0000\n" "Last-Translator: Elena Mishina \n" "Language-Team: Russian \n" "Language-Team: LANGUAGE \n" @@ -582,1265 +582,1283 @@ msgid "Whether to automatically update the client's DNS entry" msgstr "" #: src/config/SSSDConfig/sssdoptions.py:200 -#: src/config/SSSDConfig/sssdoptions.py:233 +msgid "" +"Whether DNS update of A and AAAA record should be performed in one update or " +"in two separate updates" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:202 +#: src/config/SSSDConfig/sssdoptions.py:238 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:201 -#: src/config/SSSDConfig/sssdoptions.py:234 +#: src/config/SSSDConfig/sssdoptions.py:203 +#: src/config/SSSDConfig/sssdoptions.py:239 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:202 +#: src/config/SSSDConfig/sssdoptions.py:204 msgid "How often to periodically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:203 +#: src/config/SSSDConfig/sssdoptions.py:205 msgid "Maximum period deviation when updating the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:204 +#: src/config/SSSDConfig/sssdoptions.py:206 msgid "Whether the provider should explicitly update the PTR record as well" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:205 +#: src/config/SSSDConfig/sssdoptions.py:207 msgid "Whether the nsupdate utility should default to using TCP" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:206 +#: src/config/SSSDConfig/sssdoptions.py:208 msgid "What kind of authentication should be used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:207 +#: src/config/SSSDConfig/sssdoptions.py:209 msgid "Override the DNS server used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:208 +#: src/config/SSSDConfig/sssdoptions.py:210 +msgid "The file of the certificate authorities certificates for DoT" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:211 +msgid "The certificate(s) file for authentication for the DoT transport" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:212 +msgid "The key file for authenticated encryption for the DoT transport" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:213 msgid "Control enumeration of trusted domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:209 +#: src/config/SSSDConfig/sssdoptions.py:214 msgid "How often should subdomains list be refreshed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:210 +#: src/config/SSSDConfig/sssdoptions.py:215 msgid "Maximum period deviation when refreshing the subdomain list" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:211 +#: src/config/SSSDConfig/sssdoptions.py:216 msgid "List of options that should be inherited into a subdomain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:212 +#: src/config/SSSDConfig/sssdoptions.py:217 msgid "Default subdomain homedir value" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:213 +#: src/config/SSSDConfig/sssdoptions.py:218 msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:214 +#: src/config/SSSDConfig/sssdoptions.py:219 msgid "Whether to automatically create private groups for users" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:215 +#: src/config/SSSDConfig/sssdoptions.py:220 msgid "Display a warning N days before the password expires." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:216 +#: src/config/SSSDConfig/sssdoptions.py:221 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:217 +#: src/config/SSSDConfig/sssdoptions.py:222 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:219 +#: src/config/SSSDConfig/sssdoptions.py:224 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:221 +#: src/config/SSSDConfig/sssdoptions.py:226 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " "(long term password) must have to be saved as SHA512 hash into the cache." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:225 +#: src/config/SSSDConfig/sssdoptions.py:230 msgid "Local authentication methods policy " msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:228 +#: src/config/SSSDConfig/sssdoptions.py:233 msgid "IPA domain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:229 +#: src/config/SSSDConfig/sssdoptions.py:234 msgid "IPA server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:230 +#: src/config/SSSDConfig/sssdoptions.py:235 msgid "Address of backup IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:231 +#: src/config/SSSDConfig/sssdoptions.py:236 msgid "IPA client hostname" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:232 +#: src/config/SSSDConfig/sssdoptions.py:237 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:235 +#: src/config/SSSDConfig/sssdoptions.py:240 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:236 +#: src/config/SSSDConfig/sssdoptions.py:241 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:237 +#: src/config/SSSDConfig/sssdoptions.py:242 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:239 +#: src/config/SSSDConfig/sssdoptions.py:244 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:240 +#: src/config/SSSDConfig/sssdoptions.py:245 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:241 +#: src/config/SSSDConfig/sssdoptions.py:246 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:242 +#: src/config/SSSDConfig/sssdoptions.py:247 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:243 -#: src/config/SSSDConfig/sssdoptions.py:299 +#: src/config/SSSDConfig/sssdoptions.py:248 +#: src/config/SSSDConfig/sssdoptions.py:304 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:244 +#: src/config/SSSDConfig/sssdoptions.py:249 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:245 +#: src/config/SSSDConfig/sssdoptions.py:250 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:246 +#: src/config/SSSDConfig/sssdoptions.py:251 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:247 +#: src/config/SSSDConfig/sssdoptions.py:252 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:248 +#: src/config/SSSDConfig/sssdoptions.py:253 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:249 +#: src/config/SSSDConfig/sssdoptions.py:254 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:250 +#: src/config/SSSDConfig/sssdoptions.py:255 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:251 +#: src/config/SSSDConfig/sssdoptions.py:256 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:252 +#: src/config/SSSDConfig/sssdoptions.py:257 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:254 +#: src/config/SSSDConfig/sssdoptions.py:259 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:257 +#: src/config/SSSDConfig/sssdoptions.py:262 msgid "Search base for SUBID ranges" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:258 -#: src/config/SSSDConfig/sssdoptions.py:503 +#: src/config/SSSDConfig/sssdoptions.py:263 +#: src/config/SSSDConfig/sssdoptions.py:508 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:259 +#: src/config/SSSDConfig/sssdoptions.py:264 msgid "The LDAP attribute that contains FQDN of the host." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:260 -#: src/config/SSSDConfig/sssdoptions.py:283 +#: src/config/SSSDConfig/sssdoptions.py:265 +#: src/config/SSSDConfig/sssdoptions.py:288 msgid "The object class of a host entry in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:261 +#: src/config/SSSDConfig/sssdoptions.py:266 msgid "Use the given string as search base for host objects." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:262 +#: src/config/SSSDConfig/sssdoptions.py:267 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:263 +#: src/config/SSSDConfig/sssdoptions.py:268 msgid "The LDAP attribute that contains NIS domain name of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:264 +#: src/config/SSSDConfig/sssdoptions.py:269 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:265 +#: src/config/SSSDConfig/sssdoptions.py:270 msgid "" "The LDAP attribute that lists FQDNs of hosts and host groups that are " "members of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:267 +#: src/config/SSSDConfig/sssdoptions.py:272 msgid "" "The LDAP attribute that lists hosts and host groups that are direct members " "of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:269 +#: src/config/SSSDConfig/sssdoptions.py:274 msgid "The LDAP attribute that lists netgroup's memberships." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:270 +#: src/config/SSSDConfig/sssdoptions.py:275 msgid "" "The LDAP attribute that lists system users and groups that are direct " "members of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:272 +#: src/config/SSSDConfig/sssdoptions.py:277 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:273 +#: src/config/SSSDConfig/sssdoptions.py:278 msgid "The object class of a netgroup entry in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:274 +#: src/config/SSSDConfig/sssdoptions.py:279 msgid "" "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:275 +#: src/config/SSSDConfig/sssdoptions.py:280 msgid "" "The LDAP attribute that contains whether or not is user map enabled for " "usage." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:277 +#: src/config/SSSDConfig/sssdoptions.py:282 msgid "The LDAP attribute that contains host category such as 'all'." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:278 +#: src/config/SSSDConfig/sssdoptions.py:283 msgid "" "The LDAP attribute that contains all hosts / hostgroups this rule match " "against." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:280 +#: src/config/SSSDConfig/sssdoptions.py:285 msgid "" "The LDAP attribute that contains all users / groups this rule match against." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:282 +#: src/config/SSSDConfig/sssdoptions.py:287 msgid "The LDAP attribute that contains the name of SELinux usermap." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:284 +#: src/config/SSSDConfig/sssdoptions.py:289 msgid "" "The LDAP attribute that contains DN of HBAC rule which can be used for " "matching instead of memberUser and memberHost." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:286 +#: src/config/SSSDConfig/sssdoptions.py:291 msgid "The LDAP attribute that contains SELinux user string itself." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:287 +#: src/config/SSSDConfig/sssdoptions.py:292 msgid "The LDAP attribute that contains user category such as 'all'." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:288 +#: src/config/SSSDConfig/sssdoptions.py:293 msgid "The LDAP attribute that contains unique ID of the user map." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:289 +#: src/config/SSSDConfig/sssdoptions.py:294 msgid "" "The option denotes that the SSSD is running on IPA server and should perform " "lookups of users and groups from trusted domains differently." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:291 +#: src/config/SSSDConfig/sssdoptions.py:296 msgid "Use the given string as search base for trusted domains." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:294 +#: src/config/SSSDConfig/sssdoptions.py:299 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:295 +#: src/config/SSSDConfig/sssdoptions.py:300 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:296 +#: src/config/SSSDConfig/sssdoptions.py:301 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:297 +#: src/config/SSSDConfig/sssdoptions.py:302 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:298 +#: src/config/SSSDConfig/sssdoptions.py:303 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:300 -#: src/config/SSSDConfig/sssdoptions.py:501 +#: src/config/SSSDConfig/sssdoptions.py:305 +#: src/config/SSSDConfig/sssdoptions.py:506 msgid "LDAP filter to determine access privileges" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:301 +#: src/config/SSSDConfig/sssdoptions.py:306 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:302 +#: src/config/SSSDConfig/sssdoptions.py:307 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:303 +#: src/config/SSSDConfig/sssdoptions.py:308 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:304 +#: src/config/SSSDConfig/sssdoptions.py:309 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:306 +#: src/config/SSSDConfig/sssdoptions.py:311 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:308 +#: src/config/SSSDConfig/sssdoptions.py:313 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:309 +#: src/config/SSSDConfig/sssdoptions.py:314 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:310 +#: src/config/SSSDConfig/sssdoptions.py:315 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:311 +#: src/config/SSSDConfig/sssdoptions.py:316 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:312 +#: src/config/SSSDConfig/sssdoptions.py:317 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:313 +#: src/config/SSSDConfig/sssdoptions.py:318 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:314 +#: src/config/SSSDConfig/sssdoptions.py:319 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:315 +#: src/config/SSSDConfig/sssdoptions.py:320 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:317 +#: src/config/SSSDConfig/sssdoptions.py:322 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:318 +#: src/config/SSSDConfig/sssdoptions.py:323 msgid "Whether to update the machine account password in the Samba database" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:320 +#: src/config/SSSDConfig/sssdoptions.py:325 msgid "Use LDAPS port for LDAP and Global Catalog requests" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:321 +#: src/config/SSSDConfig/sssdoptions.py:326 msgid "Do not filter domain local groups from other domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:324 -#: src/config/SSSDConfig/sssdoptions.py:325 +#: src/config/SSSDConfig/sssdoptions.py:329 +#: src/config/SSSDConfig/sssdoptions.py:330 msgid "Kerberos server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:326 +#: src/config/SSSDConfig/sssdoptions.py:331 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:327 +#: src/config/SSSDConfig/sssdoptions.py:332 msgid "Kerberos realm" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:328 +#: src/config/SSSDConfig/sssdoptions.py:333 msgid "Authentication timeout" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:329 +#: src/config/SSSDConfig/sssdoptions.py:334 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:330 +#: src/config/SSSDConfig/sssdoptions.py:335 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:333 +#: src/config/SSSDConfig/sssdoptions.py:338 msgid "Directory to store credential caches" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:334 +#: src/config/SSSDConfig/sssdoptions.py:339 msgid "Location of the user's credential cache" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:335 +#: src/config/SSSDConfig/sssdoptions.py:340 msgid "Location of the keytab to validate credentials" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:336 +#: src/config/SSSDConfig/sssdoptions.py:341 msgid "Enable credential validation" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:337 +#: src/config/SSSDConfig/sssdoptions.py:342 msgid "Store password if offline for later online authentication" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:338 +#: src/config/SSSDConfig/sssdoptions.py:343 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:339 +#: src/config/SSSDConfig/sssdoptions.py:344 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:340 +#: src/config/SSSDConfig/sssdoptions.py:345 msgid "Time between two checks for renewal" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:341 +#: src/config/SSSDConfig/sssdoptions.py:346 msgid "Enables FAST" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:342 +#: src/config/SSSDConfig/sssdoptions.py:347 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:343 +#: src/config/SSSDConfig/sssdoptions.py:348 msgid "Use anonymous PKINIT to request FAST credentials" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:344 +#: src/config/SSSDConfig/sssdoptions.py:349 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:345 +#: src/config/SSSDConfig/sssdoptions.py:350 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:346 +#: src/config/SSSDConfig/sssdoptions.py:351 msgid "Enables using of subdomains realms for authentication" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:347 +#: src/config/SSSDConfig/sssdoptions.py:352 msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:350 -#: src/config/SSSDConfig/sssdoptions.py:351 +#: src/config/SSSDConfig/sssdoptions.py:355 +#: src/config/SSSDConfig/sssdoptions.py:356 msgid "Server where the change password service is running if not on the KDC" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:354 +#: src/config/SSSDConfig/sssdoptions.py:359 msgid "ldap_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:355 +#: src/config/SSSDConfig/sssdoptions.py:360 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:356 +#: src/config/SSSDConfig/sssdoptions.py:361 msgid "The default base DN" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:357 +#: src/config/SSSDConfig/sssdoptions.py:362 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:358 +#: src/config/SSSDConfig/sssdoptions.py:363 msgid "Mode used to change user password" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:359 +#: src/config/SSSDConfig/sssdoptions.py:364 msgid "The default bind DN" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:360 +#: src/config/SSSDConfig/sssdoptions.py:365 msgid "The type of the authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:361 +#: src/config/SSSDConfig/sssdoptions.py:366 msgid "The authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:362 +#: src/config/SSSDConfig/sssdoptions.py:367 msgid "Length of time to attempt connection" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:363 +#: src/config/SSSDConfig/sssdoptions.py:368 msgid "Length of time to attempt synchronous LDAP operations" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:364 +#: src/config/SSSDConfig/sssdoptions.py:369 msgid "Length of time between attempts to reconnect while offline" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:365 +#: src/config/SSSDConfig/sssdoptions.py:370 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:366 +#: src/config/SSSDConfig/sssdoptions.py:371 msgid "File that contains CA certificates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:367 +#: src/config/SSSDConfig/sssdoptions.py:372 msgid "Path to CA certificate directory" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:368 +#: src/config/SSSDConfig/sssdoptions.py:373 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:369 +#: src/config/SSSDConfig/sssdoptions.py:374 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:370 +#: src/config/SSSDConfig/sssdoptions.py:375 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:371 +#: src/config/SSSDConfig/sssdoptions.py:376 msgid "Require TLS certificate verification" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:372 +#: src/config/SSSDConfig/sssdoptions.py:377 msgid "Specify the sasl mechanism to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:373 +#: src/config/SSSDConfig/sssdoptions.py:378 msgid "Specify the sasl authorization id to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:374 +#: src/config/SSSDConfig/sssdoptions.py:379 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:375 +#: src/config/SSSDConfig/sssdoptions.py:380 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:376 +#: src/config/SSSDConfig/sssdoptions.py:381 msgid "Specify the maximal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:377 +#: src/config/SSSDConfig/sssdoptions.py:382 msgid "Kerberos service keytab" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:378 +#: src/config/SSSDConfig/sssdoptions.py:383 msgid "Use Kerberos auth for LDAP connection" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:379 +#: src/config/SSSDConfig/sssdoptions.py:384 msgid "Follow LDAP referrals" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:380 +#: src/config/SSSDConfig/sssdoptions.py:385 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:381 +#: src/config/SSSDConfig/sssdoptions.py:386 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:382 +#: src/config/SSSDConfig/sssdoptions.py:387 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:383 +#: src/config/SSSDConfig/sssdoptions.py:388 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:384 +#: src/config/SSSDConfig/sssdoptions.py:389 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:385 +#: src/config/SSSDConfig/sssdoptions.py:390 msgid "Ignore unreadable LDAP references" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:386 +#: src/config/SSSDConfig/sssdoptions.py:391 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:388 +#: src/config/SSSDConfig/sssdoptions.py:393 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:391 +#: src/config/SSSDConfig/sssdoptions.py:396 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:392 +#: src/config/SSSDConfig/sssdoptions.py:397 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:394 +#: src/config/SSSDConfig/sssdoptions.py:399 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:397 +#: src/config/SSSDConfig/sssdoptions.py:402 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:398 +#: src/config/SSSDConfig/sssdoptions.py:403 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:399 +#: src/config/SSSDConfig/sssdoptions.py:404 msgid "Use the ppolicy extension" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:400 +#: src/config/SSSDConfig/sssdoptions.py:405 msgid "" "Force a password change when remaining grace logins reach or go below this " "threshold" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:403 +#: src/config/SSSDConfig/sssdoptions.py:408 msgid "Length of time to wait for a search request" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:404 +#: src/config/SSSDConfig/sssdoptions.py:409 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:405 +#: src/config/SSSDConfig/sssdoptions.py:410 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:406 +#: src/config/SSSDConfig/sssdoptions.py:411 msgid "Maximum period deviation between enumeration updates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:407 +#: src/config/SSSDConfig/sssdoptions.py:412 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:408 +#: src/config/SSSDConfig/sssdoptions.py:413 msgid "Maximum time deviation between cache cleanups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:409 +#: src/config/SSSDConfig/sssdoptions.py:414 msgid "Require TLS for ID lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:410 +#: src/config/SSSDConfig/sssdoptions.py:415 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:411 +#: src/config/SSSDConfig/sssdoptions.py:416 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:412 +#: src/config/SSSDConfig/sssdoptions.py:417 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:413 +#: src/config/SSSDConfig/sssdoptions.py:418 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:414 +#: src/config/SSSDConfig/sssdoptions.py:419 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:415 +#: src/config/SSSDConfig/sssdoptions.py:420 msgid "Username attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:416 +#: src/config/SSSDConfig/sssdoptions.py:421 msgid "UID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:417 +#: src/config/SSSDConfig/sssdoptions.py:422 msgid "Primary GID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:418 +#: src/config/SSSDConfig/sssdoptions.py:423 msgid "GECOS attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:419 +#: src/config/SSSDConfig/sssdoptions.py:424 msgid "Home directory attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:420 +#: src/config/SSSDConfig/sssdoptions.py:425 msgid "Shell attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:421 +#: src/config/SSSDConfig/sssdoptions.py:426 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:422 -#: src/config/SSSDConfig/sssdoptions.py:461 +#: src/config/SSSDConfig/sssdoptions.py:427 +#: src/config/SSSDConfig/sssdoptions.py:466 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:423 +#: src/config/SSSDConfig/sssdoptions.py:428 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:424 +#: src/config/SSSDConfig/sssdoptions.py:429 msgid "User principal attribute (for Kerberos)" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:425 +#: src/config/SSSDConfig/sssdoptions.py:430 msgid "Full Name" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:426 +#: src/config/SSSDConfig/sssdoptions.py:431 msgid "memberOf attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:427 +#: src/config/SSSDConfig/sssdoptions.py:432 msgid "Modification time attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:428 +#: src/config/SSSDConfig/sssdoptions.py:433 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:429 +#: src/config/SSSDConfig/sssdoptions.py:434 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:430 +#: src/config/SSSDConfig/sssdoptions.py:435 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:431 +#: src/config/SSSDConfig/sssdoptions.py:436 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:432 +#: src/config/SSSDConfig/sssdoptions.py:437 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:433 +#: src/config/SSSDConfig/sssdoptions.py:438 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:434 +#: src/config/SSSDConfig/sssdoptions.py:439 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:435 +#: src/config/SSSDConfig/sssdoptions.py:440 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:436 +#: src/config/SSSDConfig/sssdoptions.py:441 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:437 +#: src/config/SSSDConfig/sssdoptions.py:442 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:438 +#: src/config/SSSDConfig/sssdoptions.py:443 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:439 +#: src/config/SSSDConfig/sssdoptions.py:444 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:440 +#: src/config/SSSDConfig/sssdoptions.py:445 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:441 +#: src/config/SSSDConfig/sssdoptions.py:446 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:442 +#: src/config/SSSDConfig/sssdoptions.py:447 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:443 +#: src/config/SSSDConfig/sssdoptions.py:448 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:444 +#: src/config/SSSDConfig/sssdoptions.py:449 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:445 +#: src/config/SSSDConfig/sssdoptions.py:450 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:446 +#: src/config/SSSDConfig/sssdoptions.py:451 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:447 +#: src/config/SSSDConfig/sssdoptions.py:452 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:448 +#: src/config/SSSDConfig/sssdoptions.py:453 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:449 +#: src/config/SSSDConfig/sssdoptions.py:454 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:450 +#: src/config/SSSDConfig/sssdoptions.py:455 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:451 +#: src/config/SSSDConfig/sssdoptions.py:456 msgid "attribute containing the passkey mapping data of the user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:452 +#: src/config/SSSDConfig/sssdoptions.py:457 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:454 +#: src/config/SSSDConfig/sssdoptions.py:459 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:455 +#: src/config/SSSDConfig/sssdoptions.py:460 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:456 +#: src/config/SSSDConfig/sssdoptions.py:461 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:457 +#: src/config/SSSDConfig/sssdoptions.py:462 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:458 +#: src/config/SSSDConfig/sssdoptions.py:463 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:459 +#: src/config/SSSDConfig/sssdoptions.py:464 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:460 +#: src/config/SSSDConfig/sssdoptions.py:465 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:462 +#: src/config/SSSDConfig/sssdoptions.py:467 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:463 +#: src/config/SSSDConfig/sssdoptions.py:468 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:464 +#: src/config/SSSDConfig/sssdoptions.py:469 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:465 +#: src/config/SSSDConfig/sssdoptions.py:470 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:466 +#: src/config/SSSDConfig/sssdoptions.py:471 msgid "Filter for group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:467 +#: src/config/SSSDConfig/sssdoptions.py:472 msgid "Scope of group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:469 +#: src/config/SSSDConfig/sssdoptions.py:474 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:470 +#: src/config/SSSDConfig/sssdoptions.py:475 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:471 +#: src/config/SSSDConfig/sssdoptions.py:476 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:472 +#: src/config/SSSDConfig/sssdoptions.py:477 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:473 +#: src/config/SSSDConfig/sssdoptions.py:478 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:474 +#: src/config/SSSDConfig/sssdoptions.py:479 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:476 +#: src/config/SSSDConfig/sssdoptions.py:481 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:477 +#: src/config/SSSDConfig/sssdoptions.py:482 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:478 +#: src/config/SSSDConfig/sssdoptions.py:483 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:479 +#: src/config/SSSDConfig/sssdoptions.py:484 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:480 +#: src/config/SSSDConfig/sssdoptions.py:485 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:482 +#: src/config/SSSDConfig/sssdoptions.py:487 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:483 +#: src/config/SSSDConfig/sssdoptions.py:488 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:484 +#: src/config/SSSDConfig/sssdoptions.py:489 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:485 +#: src/config/SSSDConfig/sssdoptions.py:490 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:486 +#: src/config/SSSDConfig/sssdoptions.py:491 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:487 +#: src/config/SSSDConfig/sssdoptions.py:492 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:488 +#: src/config/SSSDConfig/sssdoptions.py:493 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:490 +#: src/config/SSSDConfig/sssdoptions.py:495 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:491 +#: src/config/SSSDConfig/sssdoptions.py:496 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:492 +#: src/config/SSSDConfig/sssdoptions.py:497 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:493 +#: src/config/SSSDConfig/sssdoptions.py:498 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:494 +#: src/config/SSSDConfig/sssdoptions.py:499 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:495 +#: src/config/SSSDConfig/sssdoptions.py:500 msgid "Set libldap debug level" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:498 +#: src/config/SSSDConfig/sssdoptions.py:503 msgid "Policy to evaluate the password expiration" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:502 +#: src/config/SSSDConfig/sssdoptions.py:507 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:506 +#: src/config/SSSDConfig/sssdoptions.py:511 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:507 +#: src/config/SSSDConfig/sssdoptions.py:512 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:508 +#: src/config/SSSDConfig/sssdoptions.py:513 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:509 +#: src/config/SSSDConfig/sssdoptions.py:514 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:513 +#: src/config/SSSDConfig/sssdoptions.py:518 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:514 +#: src/config/SSSDConfig/sssdoptions.py:519 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:515 +#: src/config/SSSDConfig/sssdoptions.py:520 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:516 +#: src/config/SSSDConfig/sssdoptions.py:521 msgid "Smart and full refresh random offset" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:517 +#: src/config/SSSDConfig/sssdoptions.py:522 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:518 +#: src/config/SSSDConfig/sssdoptions.py:523 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:519 +#: src/config/SSSDConfig/sssdoptions.py:524 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:520 +#: src/config/SSSDConfig/sssdoptions.py:525 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:521 +#: src/config/SSSDConfig/sssdoptions.py:526 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:522 +#: src/config/SSSDConfig/sssdoptions.py:527 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:523 +#: src/config/SSSDConfig/sssdoptions.py:528 msgid "Name of attribute that is used as object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:524 +#: src/config/SSSDConfig/sssdoptions.py:529 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:525 +#: src/config/SSSDConfig/sssdoptions.py:530 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:526 +#: src/config/SSSDConfig/sssdoptions.py:531 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:527 +#: src/config/SSSDConfig/sssdoptions.py:532 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:528 +#: src/config/SSSDConfig/sssdoptions.py:533 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:529 +#: src/config/SSSDConfig/sssdoptions.py:534 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:530 +#: src/config/SSSDConfig/sssdoptions.py:535 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:531 +#: src/config/SSSDConfig/sssdoptions.py:536 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:532 +#: src/config/SSSDConfig/sssdoptions.py:537 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:533 +#: src/config/SSSDConfig/sssdoptions.py:538 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:534 +#: src/config/SSSDConfig/sssdoptions.py:539 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:537 +#: src/config/SSSDConfig/sssdoptions.py:542 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:538 +#: src/config/SSSDConfig/sssdoptions.py:543 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:539 +#: src/config/SSSDConfig/sssdoptions.py:544 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:540 +#: src/config/SSSDConfig/sssdoptions.py:545 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:541 +#: src/config/SSSDConfig/sssdoptions.py:546 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:542 +#: src/config/SSSDConfig/sssdoptions.py:547 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:543 +#: src/config/SSSDConfig/sssdoptions.py:548 msgid "The name of the automount master map in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:546 +#: src/config/SSSDConfig/sssdoptions.py:551 msgid "Base DN for IP hosts lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:547 +#: src/config/SSSDConfig/sssdoptions.py:552 msgid "Object class for IP hosts" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:548 +#: src/config/SSSDConfig/sssdoptions.py:553 msgid "IP host name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:549 +#: src/config/SSSDConfig/sssdoptions.py:554 msgid "IP host number (address) attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:550 +#: src/config/SSSDConfig/sssdoptions.py:555 msgid "IP host entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:551 +#: src/config/SSSDConfig/sssdoptions.py:556 msgid "Base DN for IP networks lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:552 +#: src/config/SSSDConfig/sssdoptions.py:557 msgid "Object class for IP networks" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:553 +#: src/config/SSSDConfig/sssdoptions.py:558 msgid "IP network name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:554 +#: src/config/SSSDConfig/sssdoptions.py:559 msgid "IP network number (address) attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:555 +#: src/config/SSSDConfig/sssdoptions.py:560 msgid "IP network entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:558 +#: src/config/SSSDConfig/sssdoptions.py:563 msgid "Comma separated list of allowed users" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:559 +#: src/config/SSSDConfig/sssdoptions.py:564 msgid "Comma separated list of prohibited users" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:560 +#: src/config/SSSDConfig/sssdoptions.py:565 msgid "" "Comma separated list of groups that are allowed to log in. This applies only " "to groups within this SSSD domain. Local groups are not evaluated." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:562 +#: src/config/SSSDConfig/sssdoptions.py:567 msgid "" "Comma separated list of groups that are explicitly denied access. This " "applies only to groups within this SSSD domain. Local groups are not " "evaluated." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:566 +#: src/config/SSSDConfig/sssdoptions.py:571 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:569 +#: src/config/SSSDConfig/sssdoptions.py:574 msgid "The name of the NSS library to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:570 +#: src/config/SSSDConfig/sssdoptions.py:575 msgid "The name of the NSS library to use for hosts and networks lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:571 +#: src/config/SSSDConfig/sssdoptions.py:576 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:574 +#: src/config/SSSDConfig/sssdoptions.py:579 msgid "PAM stack to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:577 +#: src/config/SSSDConfig/sssdoptions.py:582 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:578 +#: src/config/SSSDConfig/sssdoptions.py:583 msgid "Path of group file sources." msgstr "" @@ -1894,76 +1912,72 @@ msgstr "" msgid "Can't read config: '%s'\n" msgstr "" -#: src/monitor/monitor.c:1953 +#: src/monitor/monitor.c:1956 #, c-format msgid "Failed to boostrap SSSD 'monitor' process: %s" msgstr "" -#: src/monitor/monitor.c:2050 +#: src/monitor/monitor.c:2053 msgid "Out of memory\n" msgstr "" -#: src/providers/krb5/krb5_child.c:4145 src/providers/ldap/ldap_child.c:994 -msgid "Allow core dumps" +#: src/providers/krb5/krb5_child.c:4113 src/providers/ldap/ldap_child.c:995 +msgid "Ignored, /proc/sys/fs/suid_dumpable setting is in force" msgstr "" -#: src/providers/krb5/krb5_child.c:4147 src/providers/ldap/ldap_child.c:996 -msgid "An open file descriptor for the debug logs" -msgstr "" - -#: src/providers/krb5/krb5_child.c:4150 -msgid "The user to create FAST ccache as" +#: src/providers/krb5/krb5_child.c:4115 src/providers/ldap/ldap_child.c:997 +msgid "Enable debug backtrace" msgstr "" -#: src/providers/krb5/krb5_child.c:4152 -msgid "The group to create FAST ccache as" +#: src/providers/krb5/krb5_child.c:4117 src/providers/ldap/ldap_child.c:999 +msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:4154 +#: src/providers/krb5/krb5_child.c:4120 msgid "Use anonymous PKINIT to request FAST armor ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:4156 +#: src/providers/krb5/krb5_child.c:4122 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:4158 +#: src/providers/krb5/krb5_child.c:4124 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:4160 +#: src/providers/krb5/krb5_child.c:4126 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:4162 +#: src/providers/krb5/krb5_child.c:4128 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:4165 +#: src/providers/krb5/krb5_child.c:4131 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:4167 +#: src/providers/krb5/krb5_child.c:4133 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/krb5/krb5_child.c:4169 +#: src/providers/krb5/krb5_child.c:4135 msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/krb5/krb5_child.c:4171 +#: src/providers/krb5/krb5_child.c:4137 msgid "Tevent chain ID used for logging purposes" msgstr "" -#: src/providers/krb5/krb5_child.c:4173 +#: src/providers/krb5/krb5_child.c:4139 msgid "Check PAC flags" msgstr "" -#: src/providers/krb5/krb5_child.c:4217 src/providers/ldap/ldap_child.c:1022 +#: src/providers/krb5/krb5_child.c:4187 src/providers/ldap/ldap_child.c:1029 msgid "talloc_asprintf failed.\n" msgstr "" -#: src/providers/krb5/krb5_child.c:4227 src/providers/ldap/ldap_child.c:1031 +#: src/providers/krb5/krb5_child.c:4197 src/providers/ldap/ldap_child.c:1038 msgid "set_debug_file_from_fd failed.\n" msgstr "" @@ -2127,7 +2141,7 @@ msgstr "" msgid "Current Password: " msgstr "" -#: src/sss_client/pam_sss.c:3147 +#: src/sss_client/pam_sss.c:3150 msgid "Password expired. Change your password now." msgstr "" @@ -2789,24 +2803,28 @@ msgstr "" #: src/tools/sssctl/sssctl_config.c:120 #, c-format -msgid "Failed to read '%s': %s\n" +msgid "Configuration validation failed: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_config.c:129 +#: src/tools/sssctl/sssctl_config.c:121 +msgid "Run with high debug level to see details.\n" +msgstr "" + +#: src/tools/sssctl/sssctl_config.c:130 msgid "Failed to run validators" msgstr "" -#: src/tools/sssctl/sssctl_config.c:133 +#: src/tools/sssctl/sssctl_config.c:134 #, c-format msgid "Issues identified by validators: %zu\n" msgstr "" -#: src/tools/sssctl/sssctl_config.c:144 +#: src/tools/sssctl/sssctl_config.c:145 #, c-format msgid "Messages generated during configuration merging: %zu\n" msgstr "" -#: src/tools/sssctl/sssctl_config.c:157 +#: src/tools/sssctl/sssctl_config.c:158 #, c-format msgid "Used configuration snippet files: %zu\n" msgstr "" @@ -3295,10 +3313,10 @@ msgstr "" msgid " - no env -\n" msgstr "" -#: src/util/util.h:98 +#: src/util/util.h:91 msgid "Specify a non-default config file" msgstr "" -#: src/util/util.h:105 +#: src/util/util.h:98 msgid "Informs that the responder has been socket-activated" msgstr "" diff --git a/po/sv.po b/po/sv.po index cca3c98d4bb..0f27de383dc 100644 --- a/po/sv.po +++ b/po/sv.po @@ -14,7 +14,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2024-10-15 11:45+0200\n" +"POT-Creation-Date: 2024-12-10 14:35+0100\n" "PO-Revision-Date: 2024-08-29 20:38+0000\n" "Last-Translator: Göran Uddeborg \n" "Language-Team: Swedish \n" "Language-Team: Tajik (http://www.transifex.com/projects/p/sssd/language/" @@ -584,1265 +584,1283 @@ msgid "Whether to automatically update the client's DNS entry" msgstr "" #: src/config/SSSDConfig/sssdoptions.py:200 -#: src/config/SSSDConfig/sssdoptions.py:233 +msgid "" +"Whether DNS update of A and AAAA record should be performed in one update or " +"in two separate updates" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:202 +#: src/config/SSSDConfig/sssdoptions.py:238 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:201 -#: src/config/SSSDConfig/sssdoptions.py:234 +#: src/config/SSSDConfig/sssdoptions.py:203 +#: src/config/SSSDConfig/sssdoptions.py:239 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:202 +#: src/config/SSSDConfig/sssdoptions.py:204 msgid "How often to periodically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:203 +#: src/config/SSSDConfig/sssdoptions.py:205 msgid "Maximum period deviation when updating the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:204 +#: src/config/SSSDConfig/sssdoptions.py:206 msgid "Whether the provider should explicitly update the PTR record as well" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:205 +#: src/config/SSSDConfig/sssdoptions.py:207 msgid "Whether the nsupdate utility should default to using TCP" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:206 +#: src/config/SSSDConfig/sssdoptions.py:208 msgid "What kind of authentication should be used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:207 +#: src/config/SSSDConfig/sssdoptions.py:209 msgid "Override the DNS server used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:208 +#: src/config/SSSDConfig/sssdoptions.py:210 +msgid "The file of the certificate authorities certificates for DoT" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:211 +msgid "The certificate(s) file for authentication for the DoT transport" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:212 +msgid "The key file for authenticated encryption for the DoT transport" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:213 msgid "Control enumeration of trusted domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:209 +#: src/config/SSSDConfig/sssdoptions.py:214 msgid "How often should subdomains list be refreshed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:210 +#: src/config/SSSDConfig/sssdoptions.py:215 msgid "Maximum period deviation when refreshing the subdomain list" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:211 +#: src/config/SSSDConfig/sssdoptions.py:216 msgid "List of options that should be inherited into a subdomain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:212 +#: src/config/SSSDConfig/sssdoptions.py:217 msgid "Default subdomain homedir value" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:213 +#: src/config/SSSDConfig/sssdoptions.py:218 msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:214 +#: src/config/SSSDConfig/sssdoptions.py:219 msgid "Whether to automatically create private groups for users" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:215 +#: src/config/SSSDConfig/sssdoptions.py:220 msgid "Display a warning N days before the password expires." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:216 +#: src/config/SSSDConfig/sssdoptions.py:221 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:217 +#: src/config/SSSDConfig/sssdoptions.py:222 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:219 +#: src/config/SSSDConfig/sssdoptions.py:224 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:221 +#: src/config/SSSDConfig/sssdoptions.py:226 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " "(long term password) must have to be saved as SHA512 hash into the cache." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:225 +#: src/config/SSSDConfig/sssdoptions.py:230 msgid "Local authentication methods policy " msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:228 +#: src/config/SSSDConfig/sssdoptions.py:233 msgid "IPA domain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:229 +#: src/config/SSSDConfig/sssdoptions.py:234 msgid "IPA server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:230 +#: src/config/SSSDConfig/sssdoptions.py:235 msgid "Address of backup IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:231 +#: src/config/SSSDConfig/sssdoptions.py:236 msgid "IPA client hostname" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:232 +#: src/config/SSSDConfig/sssdoptions.py:237 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:235 +#: src/config/SSSDConfig/sssdoptions.py:240 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:236 +#: src/config/SSSDConfig/sssdoptions.py:241 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:237 +#: src/config/SSSDConfig/sssdoptions.py:242 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:239 +#: src/config/SSSDConfig/sssdoptions.py:244 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:240 +#: src/config/SSSDConfig/sssdoptions.py:245 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:241 +#: src/config/SSSDConfig/sssdoptions.py:246 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:242 +#: src/config/SSSDConfig/sssdoptions.py:247 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:243 -#: src/config/SSSDConfig/sssdoptions.py:299 +#: src/config/SSSDConfig/sssdoptions.py:248 +#: src/config/SSSDConfig/sssdoptions.py:304 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:244 +#: src/config/SSSDConfig/sssdoptions.py:249 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:245 +#: src/config/SSSDConfig/sssdoptions.py:250 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:246 +#: src/config/SSSDConfig/sssdoptions.py:251 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:247 +#: src/config/SSSDConfig/sssdoptions.py:252 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:248 +#: src/config/SSSDConfig/sssdoptions.py:253 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:249 +#: src/config/SSSDConfig/sssdoptions.py:254 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:250 +#: src/config/SSSDConfig/sssdoptions.py:255 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:251 +#: src/config/SSSDConfig/sssdoptions.py:256 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:252 +#: src/config/SSSDConfig/sssdoptions.py:257 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:254 +#: src/config/SSSDConfig/sssdoptions.py:259 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:257 +#: src/config/SSSDConfig/sssdoptions.py:262 msgid "Search base for SUBID ranges" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:258 -#: src/config/SSSDConfig/sssdoptions.py:503 +#: src/config/SSSDConfig/sssdoptions.py:263 +#: src/config/SSSDConfig/sssdoptions.py:508 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:259 +#: src/config/SSSDConfig/sssdoptions.py:264 msgid "The LDAP attribute that contains FQDN of the host." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:260 -#: src/config/SSSDConfig/sssdoptions.py:283 +#: src/config/SSSDConfig/sssdoptions.py:265 +#: src/config/SSSDConfig/sssdoptions.py:288 msgid "The object class of a host entry in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:261 +#: src/config/SSSDConfig/sssdoptions.py:266 msgid "Use the given string as search base for host objects." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:262 +#: src/config/SSSDConfig/sssdoptions.py:267 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:263 +#: src/config/SSSDConfig/sssdoptions.py:268 msgid "The LDAP attribute that contains NIS domain name of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:264 +#: src/config/SSSDConfig/sssdoptions.py:269 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:265 +#: src/config/SSSDConfig/sssdoptions.py:270 msgid "" "The LDAP attribute that lists FQDNs of hosts and host groups that are " "members of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:267 +#: src/config/SSSDConfig/sssdoptions.py:272 msgid "" "The LDAP attribute that lists hosts and host groups that are direct members " "of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:269 +#: src/config/SSSDConfig/sssdoptions.py:274 msgid "The LDAP attribute that lists netgroup's memberships." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:270 +#: src/config/SSSDConfig/sssdoptions.py:275 msgid "" "The LDAP attribute that lists system users and groups that are direct " "members of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:272 +#: src/config/SSSDConfig/sssdoptions.py:277 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:273 +#: src/config/SSSDConfig/sssdoptions.py:278 msgid "The object class of a netgroup entry in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:274 +#: src/config/SSSDConfig/sssdoptions.py:279 msgid "" "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:275 +#: src/config/SSSDConfig/sssdoptions.py:280 msgid "" "The LDAP attribute that contains whether or not is user map enabled for " "usage." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:277 +#: src/config/SSSDConfig/sssdoptions.py:282 msgid "The LDAP attribute that contains host category such as 'all'." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:278 +#: src/config/SSSDConfig/sssdoptions.py:283 msgid "" "The LDAP attribute that contains all hosts / hostgroups this rule match " "against." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:280 +#: src/config/SSSDConfig/sssdoptions.py:285 msgid "" "The LDAP attribute that contains all users / groups this rule match against." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:282 +#: src/config/SSSDConfig/sssdoptions.py:287 msgid "The LDAP attribute that contains the name of SELinux usermap." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:284 +#: src/config/SSSDConfig/sssdoptions.py:289 msgid "" "The LDAP attribute that contains DN of HBAC rule which can be used for " "matching instead of memberUser and memberHost." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:286 +#: src/config/SSSDConfig/sssdoptions.py:291 msgid "The LDAP attribute that contains SELinux user string itself." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:287 +#: src/config/SSSDConfig/sssdoptions.py:292 msgid "The LDAP attribute that contains user category such as 'all'." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:288 +#: src/config/SSSDConfig/sssdoptions.py:293 msgid "The LDAP attribute that contains unique ID of the user map." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:289 +#: src/config/SSSDConfig/sssdoptions.py:294 msgid "" "The option denotes that the SSSD is running on IPA server and should perform " "lookups of users and groups from trusted domains differently." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:291 +#: src/config/SSSDConfig/sssdoptions.py:296 msgid "Use the given string as search base for trusted domains." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:294 +#: src/config/SSSDConfig/sssdoptions.py:299 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:295 +#: src/config/SSSDConfig/sssdoptions.py:300 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:296 +#: src/config/SSSDConfig/sssdoptions.py:301 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:297 +#: src/config/SSSDConfig/sssdoptions.py:302 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:298 +#: src/config/SSSDConfig/sssdoptions.py:303 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:300 -#: src/config/SSSDConfig/sssdoptions.py:501 +#: src/config/SSSDConfig/sssdoptions.py:305 +#: src/config/SSSDConfig/sssdoptions.py:506 msgid "LDAP filter to determine access privileges" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:301 +#: src/config/SSSDConfig/sssdoptions.py:306 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:302 +#: src/config/SSSDConfig/sssdoptions.py:307 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:303 +#: src/config/SSSDConfig/sssdoptions.py:308 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:304 +#: src/config/SSSDConfig/sssdoptions.py:309 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:306 +#: src/config/SSSDConfig/sssdoptions.py:311 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:308 +#: src/config/SSSDConfig/sssdoptions.py:313 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:309 +#: src/config/SSSDConfig/sssdoptions.py:314 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:310 +#: src/config/SSSDConfig/sssdoptions.py:315 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:311 +#: src/config/SSSDConfig/sssdoptions.py:316 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:312 +#: src/config/SSSDConfig/sssdoptions.py:317 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:313 +#: src/config/SSSDConfig/sssdoptions.py:318 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:314 +#: src/config/SSSDConfig/sssdoptions.py:319 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:315 +#: src/config/SSSDConfig/sssdoptions.py:320 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:317 +#: src/config/SSSDConfig/sssdoptions.py:322 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:318 +#: src/config/SSSDConfig/sssdoptions.py:323 msgid "Whether to update the machine account password in the Samba database" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:320 +#: src/config/SSSDConfig/sssdoptions.py:325 msgid "Use LDAPS port for LDAP and Global Catalog requests" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:321 +#: src/config/SSSDConfig/sssdoptions.py:326 msgid "Do not filter domain local groups from other domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:324 -#: src/config/SSSDConfig/sssdoptions.py:325 +#: src/config/SSSDConfig/sssdoptions.py:329 +#: src/config/SSSDConfig/sssdoptions.py:330 msgid "Kerberos server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:326 +#: src/config/SSSDConfig/sssdoptions.py:331 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:327 +#: src/config/SSSDConfig/sssdoptions.py:332 msgid "Kerberos realm" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:328 +#: src/config/SSSDConfig/sssdoptions.py:333 msgid "Authentication timeout" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:329 +#: src/config/SSSDConfig/sssdoptions.py:334 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:330 +#: src/config/SSSDConfig/sssdoptions.py:335 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:333 +#: src/config/SSSDConfig/sssdoptions.py:338 msgid "Directory to store credential caches" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:334 +#: src/config/SSSDConfig/sssdoptions.py:339 msgid "Location of the user's credential cache" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:335 +#: src/config/SSSDConfig/sssdoptions.py:340 msgid "Location of the keytab to validate credentials" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:336 +#: src/config/SSSDConfig/sssdoptions.py:341 msgid "Enable credential validation" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:337 +#: src/config/SSSDConfig/sssdoptions.py:342 msgid "Store password if offline for later online authentication" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:338 +#: src/config/SSSDConfig/sssdoptions.py:343 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:339 +#: src/config/SSSDConfig/sssdoptions.py:344 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:340 +#: src/config/SSSDConfig/sssdoptions.py:345 msgid "Time between two checks for renewal" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:341 +#: src/config/SSSDConfig/sssdoptions.py:346 msgid "Enables FAST" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:342 +#: src/config/SSSDConfig/sssdoptions.py:347 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:343 +#: src/config/SSSDConfig/sssdoptions.py:348 msgid "Use anonymous PKINIT to request FAST credentials" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:344 +#: src/config/SSSDConfig/sssdoptions.py:349 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:345 +#: src/config/SSSDConfig/sssdoptions.py:350 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:346 +#: src/config/SSSDConfig/sssdoptions.py:351 msgid "Enables using of subdomains realms for authentication" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:347 +#: src/config/SSSDConfig/sssdoptions.py:352 msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:350 -#: src/config/SSSDConfig/sssdoptions.py:351 +#: src/config/SSSDConfig/sssdoptions.py:355 +#: src/config/SSSDConfig/sssdoptions.py:356 msgid "Server where the change password service is running if not on the KDC" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:354 +#: src/config/SSSDConfig/sssdoptions.py:359 msgid "ldap_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:355 +#: src/config/SSSDConfig/sssdoptions.py:360 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:356 +#: src/config/SSSDConfig/sssdoptions.py:361 msgid "The default base DN" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:357 +#: src/config/SSSDConfig/sssdoptions.py:362 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:358 +#: src/config/SSSDConfig/sssdoptions.py:363 msgid "Mode used to change user password" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:359 +#: src/config/SSSDConfig/sssdoptions.py:364 msgid "The default bind DN" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:360 +#: src/config/SSSDConfig/sssdoptions.py:365 msgid "The type of the authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:361 +#: src/config/SSSDConfig/sssdoptions.py:366 msgid "The authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:362 +#: src/config/SSSDConfig/sssdoptions.py:367 msgid "Length of time to attempt connection" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:363 +#: src/config/SSSDConfig/sssdoptions.py:368 msgid "Length of time to attempt synchronous LDAP operations" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:364 +#: src/config/SSSDConfig/sssdoptions.py:369 msgid "Length of time between attempts to reconnect while offline" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:365 +#: src/config/SSSDConfig/sssdoptions.py:370 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:366 +#: src/config/SSSDConfig/sssdoptions.py:371 msgid "File that contains CA certificates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:367 +#: src/config/SSSDConfig/sssdoptions.py:372 msgid "Path to CA certificate directory" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:368 +#: src/config/SSSDConfig/sssdoptions.py:373 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:369 +#: src/config/SSSDConfig/sssdoptions.py:374 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:370 +#: src/config/SSSDConfig/sssdoptions.py:375 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:371 +#: src/config/SSSDConfig/sssdoptions.py:376 msgid "Require TLS certificate verification" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:372 +#: src/config/SSSDConfig/sssdoptions.py:377 msgid "Specify the sasl mechanism to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:373 +#: src/config/SSSDConfig/sssdoptions.py:378 msgid "Specify the sasl authorization id to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:374 +#: src/config/SSSDConfig/sssdoptions.py:379 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:375 +#: src/config/SSSDConfig/sssdoptions.py:380 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:376 +#: src/config/SSSDConfig/sssdoptions.py:381 msgid "Specify the maximal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:377 +#: src/config/SSSDConfig/sssdoptions.py:382 msgid "Kerberos service keytab" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:378 +#: src/config/SSSDConfig/sssdoptions.py:383 msgid "Use Kerberos auth for LDAP connection" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:379 +#: src/config/SSSDConfig/sssdoptions.py:384 msgid "Follow LDAP referrals" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:380 +#: src/config/SSSDConfig/sssdoptions.py:385 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:381 +#: src/config/SSSDConfig/sssdoptions.py:386 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:382 +#: src/config/SSSDConfig/sssdoptions.py:387 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:383 +#: src/config/SSSDConfig/sssdoptions.py:388 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:384 +#: src/config/SSSDConfig/sssdoptions.py:389 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:385 +#: src/config/SSSDConfig/sssdoptions.py:390 msgid "Ignore unreadable LDAP references" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:386 +#: src/config/SSSDConfig/sssdoptions.py:391 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:388 +#: src/config/SSSDConfig/sssdoptions.py:393 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:391 +#: src/config/SSSDConfig/sssdoptions.py:396 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:392 +#: src/config/SSSDConfig/sssdoptions.py:397 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:394 +#: src/config/SSSDConfig/sssdoptions.py:399 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:397 +#: src/config/SSSDConfig/sssdoptions.py:402 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:398 +#: src/config/SSSDConfig/sssdoptions.py:403 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:399 +#: src/config/SSSDConfig/sssdoptions.py:404 msgid "Use the ppolicy extension" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:400 +#: src/config/SSSDConfig/sssdoptions.py:405 msgid "" "Force a password change when remaining grace logins reach or go below this " "threshold" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:403 +#: src/config/SSSDConfig/sssdoptions.py:408 msgid "Length of time to wait for a search request" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:404 +#: src/config/SSSDConfig/sssdoptions.py:409 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:405 +#: src/config/SSSDConfig/sssdoptions.py:410 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:406 +#: src/config/SSSDConfig/sssdoptions.py:411 msgid "Maximum period deviation between enumeration updates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:407 +#: src/config/SSSDConfig/sssdoptions.py:412 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:408 +#: src/config/SSSDConfig/sssdoptions.py:413 msgid "Maximum time deviation between cache cleanups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:409 +#: src/config/SSSDConfig/sssdoptions.py:414 msgid "Require TLS for ID lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:410 +#: src/config/SSSDConfig/sssdoptions.py:415 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:411 +#: src/config/SSSDConfig/sssdoptions.py:416 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:412 +#: src/config/SSSDConfig/sssdoptions.py:417 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:413 +#: src/config/SSSDConfig/sssdoptions.py:418 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:414 +#: src/config/SSSDConfig/sssdoptions.py:419 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:415 +#: src/config/SSSDConfig/sssdoptions.py:420 msgid "Username attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:416 +#: src/config/SSSDConfig/sssdoptions.py:421 msgid "UID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:417 +#: src/config/SSSDConfig/sssdoptions.py:422 msgid "Primary GID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:418 +#: src/config/SSSDConfig/sssdoptions.py:423 msgid "GECOS attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:419 +#: src/config/SSSDConfig/sssdoptions.py:424 msgid "Home directory attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:420 +#: src/config/SSSDConfig/sssdoptions.py:425 msgid "Shell attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:421 +#: src/config/SSSDConfig/sssdoptions.py:426 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:422 -#: src/config/SSSDConfig/sssdoptions.py:461 +#: src/config/SSSDConfig/sssdoptions.py:427 +#: src/config/SSSDConfig/sssdoptions.py:466 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:423 +#: src/config/SSSDConfig/sssdoptions.py:428 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:424 +#: src/config/SSSDConfig/sssdoptions.py:429 msgid "User principal attribute (for Kerberos)" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:425 +#: src/config/SSSDConfig/sssdoptions.py:430 msgid "Full Name" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:426 +#: src/config/SSSDConfig/sssdoptions.py:431 msgid "memberOf attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:427 +#: src/config/SSSDConfig/sssdoptions.py:432 msgid "Modification time attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:428 +#: src/config/SSSDConfig/sssdoptions.py:433 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:429 +#: src/config/SSSDConfig/sssdoptions.py:434 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:430 +#: src/config/SSSDConfig/sssdoptions.py:435 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:431 +#: src/config/SSSDConfig/sssdoptions.py:436 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:432 +#: src/config/SSSDConfig/sssdoptions.py:437 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:433 +#: src/config/SSSDConfig/sssdoptions.py:438 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:434 +#: src/config/SSSDConfig/sssdoptions.py:439 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:435 +#: src/config/SSSDConfig/sssdoptions.py:440 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:436 +#: src/config/SSSDConfig/sssdoptions.py:441 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:437 +#: src/config/SSSDConfig/sssdoptions.py:442 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:438 +#: src/config/SSSDConfig/sssdoptions.py:443 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:439 +#: src/config/SSSDConfig/sssdoptions.py:444 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:440 +#: src/config/SSSDConfig/sssdoptions.py:445 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:441 +#: src/config/SSSDConfig/sssdoptions.py:446 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:442 +#: src/config/SSSDConfig/sssdoptions.py:447 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:443 +#: src/config/SSSDConfig/sssdoptions.py:448 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:444 +#: src/config/SSSDConfig/sssdoptions.py:449 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:445 +#: src/config/SSSDConfig/sssdoptions.py:450 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:446 +#: src/config/SSSDConfig/sssdoptions.py:451 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:447 +#: src/config/SSSDConfig/sssdoptions.py:452 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:448 +#: src/config/SSSDConfig/sssdoptions.py:453 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:449 +#: src/config/SSSDConfig/sssdoptions.py:454 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:450 +#: src/config/SSSDConfig/sssdoptions.py:455 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:451 +#: src/config/SSSDConfig/sssdoptions.py:456 msgid "attribute containing the passkey mapping data of the user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:452 +#: src/config/SSSDConfig/sssdoptions.py:457 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:454 +#: src/config/SSSDConfig/sssdoptions.py:459 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:455 +#: src/config/SSSDConfig/sssdoptions.py:460 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:456 +#: src/config/SSSDConfig/sssdoptions.py:461 msgid "Group name" msgstr "Номи гурӯҳ" -#: src/config/SSSDConfig/sssdoptions.py:457 +#: src/config/SSSDConfig/sssdoptions.py:462 msgid "Group password" msgstr "Пароли гурӯҳ" -#: src/config/SSSDConfig/sssdoptions.py:458 +#: src/config/SSSDConfig/sssdoptions.py:463 msgid "GID attribute" msgstr "Аттрибути GID" -#: src/config/SSSDConfig/sssdoptions.py:459 +#: src/config/SSSDConfig/sssdoptions.py:464 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:460 +#: src/config/SSSDConfig/sssdoptions.py:465 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:462 +#: src/config/SSSDConfig/sssdoptions.py:467 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:463 +#: src/config/SSSDConfig/sssdoptions.py:468 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:464 +#: src/config/SSSDConfig/sssdoptions.py:469 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:465 +#: src/config/SSSDConfig/sssdoptions.py:470 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:466 +#: src/config/SSSDConfig/sssdoptions.py:471 msgid "Filter for group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:467 +#: src/config/SSSDConfig/sssdoptions.py:472 msgid "Scope of group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:469 +#: src/config/SSSDConfig/sssdoptions.py:474 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:470 +#: src/config/SSSDConfig/sssdoptions.py:475 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:471 +#: src/config/SSSDConfig/sssdoptions.py:476 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:472 +#: src/config/SSSDConfig/sssdoptions.py:477 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:473 +#: src/config/SSSDConfig/sssdoptions.py:478 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:474 +#: src/config/SSSDConfig/sssdoptions.py:479 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:476 +#: src/config/SSSDConfig/sssdoptions.py:481 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:477 +#: src/config/SSSDConfig/sssdoptions.py:482 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:478 +#: src/config/SSSDConfig/sssdoptions.py:483 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:479 +#: src/config/SSSDConfig/sssdoptions.py:484 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:480 +#: src/config/SSSDConfig/sssdoptions.py:485 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:482 +#: src/config/SSSDConfig/sssdoptions.py:487 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:483 +#: src/config/SSSDConfig/sssdoptions.py:488 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:484 +#: src/config/SSSDConfig/sssdoptions.py:489 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:485 +#: src/config/SSSDConfig/sssdoptions.py:490 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:486 +#: src/config/SSSDConfig/sssdoptions.py:491 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:487 +#: src/config/SSSDConfig/sssdoptions.py:492 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:488 +#: src/config/SSSDConfig/sssdoptions.py:493 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:490 +#: src/config/SSSDConfig/sssdoptions.py:495 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:491 +#: src/config/SSSDConfig/sssdoptions.py:496 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:492 +#: src/config/SSSDConfig/sssdoptions.py:497 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:493 +#: src/config/SSSDConfig/sssdoptions.py:498 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:494 +#: src/config/SSSDConfig/sssdoptions.py:499 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:495 +#: src/config/SSSDConfig/sssdoptions.py:500 msgid "Set libldap debug level" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:498 +#: src/config/SSSDConfig/sssdoptions.py:503 msgid "Policy to evaluate the password expiration" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:502 +#: src/config/SSSDConfig/sssdoptions.py:507 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:506 +#: src/config/SSSDConfig/sssdoptions.py:511 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:507 +#: src/config/SSSDConfig/sssdoptions.py:512 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:508 +#: src/config/SSSDConfig/sssdoptions.py:513 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:509 +#: src/config/SSSDConfig/sssdoptions.py:514 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:513 +#: src/config/SSSDConfig/sssdoptions.py:518 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:514 +#: src/config/SSSDConfig/sssdoptions.py:519 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:515 +#: src/config/SSSDConfig/sssdoptions.py:520 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:516 +#: src/config/SSSDConfig/sssdoptions.py:521 msgid "Smart and full refresh random offset" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:517 +#: src/config/SSSDConfig/sssdoptions.py:522 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:518 +#: src/config/SSSDConfig/sssdoptions.py:523 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:519 +#: src/config/SSSDConfig/sssdoptions.py:524 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:520 +#: src/config/SSSDConfig/sssdoptions.py:525 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:521 +#: src/config/SSSDConfig/sssdoptions.py:526 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:522 +#: src/config/SSSDConfig/sssdoptions.py:527 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:523 +#: src/config/SSSDConfig/sssdoptions.py:528 msgid "Name of attribute that is used as object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:524 +#: src/config/SSSDConfig/sssdoptions.py:529 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:525 +#: src/config/SSSDConfig/sssdoptions.py:530 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:526 +#: src/config/SSSDConfig/sssdoptions.py:531 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:527 +#: src/config/SSSDConfig/sssdoptions.py:532 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:528 +#: src/config/SSSDConfig/sssdoptions.py:533 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:529 +#: src/config/SSSDConfig/sssdoptions.py:534 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:530 +#: src/config/SSSDConfig/sssdoptions.py:535 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:531 +#: src/config/SSSDConfig/sssdoptions.py:536 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:532 +#: src/config/SSSDConfig/sssdoptions.py:537 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:533 +#: src/config/SSSDConfig/sssdoptions.py:538 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:534 +#: src/config/SSSDConfig/sssdoptions.py:539 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:537 +#: src/config/SSSDConfig/sssdoptions.py:542 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:538 +#: src/config/SSSDConfig/sssdoptions.py:543 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:539 +#: src/config/SSSDConfig/sssdoptions.py:544 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:540 +#: src/config/SSSDConfig/sssdoptions.py:545 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:541 +#: src/config/SSSDConfig/sssdoptions.py:546 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:542 +#: src/config/SSSDConfig/sssdoptions.py:547 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:543 +#: src/config/SSSDConfig/sssdoptions.py:548 msgid "The name of the automount master map in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:546 +#: src/config/SSSDConfig/sssdoptions.py:551 msgid "Base DN for IP hosts lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:547 +#: src/config/SSSDConfig/sssdoptions.py:552 msgid "Object class for IP hosts" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:548 +#: src/config/SSSDConfig/sssdoptions.py:553 msgid "IP host name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:549 +#: src/config/SSSDConfig/sssdoptions.py:554 msgid "IP host number (address) attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:550 +#: src/config/SSSDConfig/sssdoptions.py:555 msgid "IP host entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:551 +#: src/config/SSSDConfig/sssdoptions.py:556 msgid "Base DN for IP networks lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:552 +#: src/config/SSSDConfig/sssdoptions.py:557 msgid "Object class for IP networks" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:553 +#: src/config/SSSDConfig/sssdoptions.py:558 msgid "IP network name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:554 +#: src/config/SSSDConfig/sssdoptions.py:559 msgid "IP network number (address) attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:555 +#: src/config/SSSDConfig/sssdoptions.py:560 msgid "IP network entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:558 +#: src/config/SSSDConfig/sssdoptions.py:563 msgid "Comma separated list of allowed users" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:559 +#: src/config/SSSDConfig/sssdoptions.py:564 msgid "Comma separated list of prohibited users" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:560 +#: src/config/SSSDConfig/sssdoptions.py:565 msgid "" "Comma separated list of groups that are allowed to log in. This applies only " "to groups within this SSSD domain. Local groups are not evaluated." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:562 +#: src/config/SSSDConfig/sssdoptions.py:567 msgid "" "Comma separated list of groups that are explicitly denied access. This " "applies only to groups within this SSSD domain. Local groups are not " "evaluated." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:566 +#: src/config/SSSDConfig/sssdoptions.py:571 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:569 +#: src/config/SSSDConfig/sssdoptions.py:574 msgid "The name of the NSS library to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:570 +#: src/config/SSSDConfig/sssdoptions.py:575 msgid "The name of the NSS library to use for hosts and networks lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:571 +#: src/config/SSSDConfig/sssdoptions.py:576 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:574 +#: src/config/SSSDConfig/sssdoptions.py:579 msgid "PAM stack to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:577 +#: src/config/SSSDConfig/sssdoptions.py:582 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:578 +#: src/config/SSSDConfig/sssdoptions.py:583 msgid "Path of group file sources." msgstr "" @@ -1896,76 +1914,72 @@ msgstr "" msgid "Can't read config: '%s'\n" msgstr "" -#: src/monitor/monitor.c:1953 +#: src/monitor/monitor.c:1956 #, c-format msgid "Failed to boostrap SSSD 'monitor' process: %s" msgstr "" -#: src/monitor/monitor.c:2050 +#: src/monitor/monitor.c:2053 msgid "Out of memory\n" msgstr "Берун аз хотира\n" -#: src/providers/krb5/krb5_child.c:4145 src/providers/ldap/ldap_child.c:994 -msgid "Allow core dumps" +#: src/providers/krb5/krb5_child.c:4113 src/providers/ldap/ldap_child.c:995 +msgid "Ignored, /proc/sys/fs/suid_dumpable setting is in force" msgstr "" -#: src/providers/krb5/krb5_child.c:4147 src/providers/ldap/ldap_child.c:996 -msgid "An open file descriptor for the debug logs" -msgstr "" - -#: src/providers/krb5/krb5_child.c:4150 -msgid "The user to create FAST ccache as" +#: src/providers/krb5/krb5_child.c:4115 src/providers/ldap/ldap_child.c:997 +msgid "Enable debug backtrace" msgstr "" -#: src/providers/krb5/krb5_child.c:4152 -msgid "The group to create FAST ccache as" +#: src/providers/krb5/krb5_child.c:4117 src/providers/ldap/ldap_child.c:999 +msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:4154 +#: src/providers/krb5/krb5_child.c:4120 msgid "Use anonymous PKINIT to request FAST armor ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:4156 +#: src/providers/krb5/krb5_child.c:4122 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:4158 +#: src/providers/krb5/krb5_child.c:4124 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:4160 +#: src/providers/krb5/krb5_child.c:4126 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:4162 +#: src/providers/krb5/krb5_child.c:4128 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:4165 +#: src/providers/krb5/krb5_child.c:4131 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:4167 +#: src/providers/krb5/krb5_child.c:4133 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/krb5/krb5_child.c:4169 +#: src/providers/krb5/krb5_child.c:4135 msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/krb5/krb5_child.c:4171 +#: src/providers/krb5/krb5_child.c:4137 msgid "Tevent chain ID used for logging purposes" msgstr "" -#: src/providers/krb5/krb5_child.c:4173 +#: src/providers/krb5/krb5_child.c:4139 msgid "Check PAC flags" msgstr "" -#: src/providers/krb5/krb5_child.c:4217 src/providers/ldap/ldap_child.c:1022 +#: src/providers/krb5/krb5_child.c:4187 src/providers/ldap/ldap_child.c:1029 msgid "talloc_asprintf failed.\n" msgstr "" -#: src/providers/krb5/krb5_child.c:4227 src/providers/ldap/ldap_child.c:1031 +#: src/providers/krb5/krb5_child.c:4197 src/providers/ldap/ldap_child.c:1038 msgid "set_debug_file_from_fd failed.\n" msgstr "" @@ -2129,7 +2143,7 @@ msgstr "" msgid "Current Password: " msgstr "" -#: src/sss_client/pam_sss.c:3147 +#: src/sss_client/pam_sss.c:3150 msgid "Password expired. Change your password now." msgstr "" @@ -2791,24 +2805,28 @@ msgstr "" #: src/tools/sssctl/sssctl_config.c:120 #, c-format -msgid "Failed to read '%s': %s\n" +msgid "Configuration validation failed: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_config.c:129 +#: src/tools/sssctl/sssctl_config.c:121 +msgid "Run with high debug level to see details.\n" +msgstr "" + +#: src/tools/sssctl/sssctl_config.c:130 msgid "Failed to run validators" msgstr "" -#: src/tools/sssctl/sssctl_config.c:133 +#: src/tools/sssctl/sssctl_config.c:134 #, c-format msgid "Issues identified by validators: %zu\n" msgstr "" -#: src/tools/sssctl/sssctl_config.c:144 +#: src/tools/sssctl/sssctl_config.c:145 #, c-format msgid "Messages generated during configuration merging: %zu\n" msgstr "" -#: src/tools/sssctl/sssctl_config.c:157 +#: src/tools/sssctl/sssctl_config.c:158 #, c-format msgid "Used configuration snippet files: %zu\n" msgstr "" @@ -3298,11 +3316,11 @@ msgstr "" msgid " - no env -\n" msgstr "" -#: src/util/util.h:98 +#: src/util/util.h:91 msgid "Specify a non-default config file" msgstr "" -#: src/util/util.h:105 +#: src/util/util.h:98 msgid "Informs that the responder has been socket-activated" msgstr "" diff --git a/po/tr.po b/po/tr.po index 13678686112..8bb2d32eb53 100644 --- a/po/tr.po +++ b/po/tr.po @@ -10,7 +10,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2024-10-15 11:45+0200\n" +"POT-Creation-Date: 2024-12-10 14:35+0100\n" "PO-Revision-Date: 2023-06-04 04:20+0000\n" "Last-Translator: Kemal Oktay Aktoğan \n" "Language-Team: Turkish \n" "Language-Team: Ukrainian \n" "Language-Team: Chinese (Simplified) \n" "Language-Team: Chinese (Taiwan) (http://www.transifex.com/projects/p/sssd/" @@ -586,1265 +586,1284 @@ msgid "Whether to automatically update the client's DNS entry" msgstr "" #: src/config/SSSDConfig/sssdoptions.py:200 -#: src/config/SSSDConfig/sssdoptions.py:233 +msgid "" +"Whether DNS update of A and AAAA record should be performed in one update or " +"in two separate updates" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:202 +#: src/config/SSSDConfig/sssdoptions.py:238 msgid "The TTL to apply to the client's DNS entry after updating it" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:201 -#: src/config/SSSDConfig/sssdoptions.py:234 +#: src/config/SSSDConfig/sssdoptions.py:203 +#: src/config/SSSDConfig/sssdoptions.py:239 msgid "The interface whose IP should be used for dynamic DNS updates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:202 +#: src/config/SSSDConfig/sssdoptions.py:204 msgid "How often to periodically update the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:203 +#: src/config/SSSDConfig/sssdoptions.py:205 msgid "Maximum period deviation when updating the client's DNS entry" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:204 +#: src/config/SSSDConfig/sssdoptions.py:206 msgid "Whether the provider should explicitly update the PTR record as well" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:205 +#: src/config/SSSDConfig/sssdoptions.py:207 msgid "Whether the nsupdate utility should default to using TCP" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:206 +#: src/config/SSSDConfig/sssdoptions.py:208 msgid "What kind of authentication should be used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:207 +#: src/config/SSSDConfig/sssdoptions.py:209 msgid "Override the DNS server used to perform the DNS update" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:208 +#: src/config/SSSDConfig/sssdoptions.py:210 +msgid "The file of the certificate authorities certificates for DoT" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:211 +#, fuzzy +msgid "The certificate(s) file for authentication for the DoT transport" +msgstr "需要 TLS 憑證驗證" + +#: src/config/SSSDConfig/sssdoptions.py:212 +msgid "The key file for authenticated encryption for the DoT transport" +msgstr "" + +#: src/config/SSSDConfig/sssdoptions.py:213 msgid "Control enumeration of trusted domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:209 +#: src/config/SSSDConfig/sssdoptions.py:214 msgid "How often should subdomains list be refreshed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:210 +#: src/config/SSSDConfig/sssdoptions.py:215 msgid "Maximum period deviation when refreshing the subdomain list" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:211 +#: src/config/SSSDConfig/sssdoptions.py:216 msgid "List of options that should be inherited into a subdomain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:212 +#: src/config/SSSDConfig/sssdoptions.py:217 msgid "Default subdomain homedir value" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:213 +#: src/config/SSSDConfig/sssdoptions.py:218 msgid "How long can cached credentials be used for cached authentication" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:214 +#: src/config/SSSDConfig/sssdoptions.py:219 msgid "Whether to automatically create private groups for users" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:215 +#: src/config/SSSDConfig/sssdoptions.py:220 msgid "Display a warning N days before the password expires." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:216 +#: src/config/SSSDConfig/sssdoptions.py:221 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:217 +#: src/config/SSSDConfig/sssdoptions.py:222 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:219 +#: src/config/SSSDConfig/sssdoptions.py:224 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:221 +#: src/config/SSSDConfig/sssdoptions.py:226 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " "(long term password) must have to be saved as SHA512 hash into the cache." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:225 +#: src/config/SSSDConfig/sssdoptions.py:230 msgid "Local authentication methods policy " msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:228 +#: src/config/SSSDConfig/sssdoptions.py:233 msgid "IPA domain" msgstr "IPA 網域" -#: src/config/SSSDConfig/sssdoptions.py:229 +#: src/config/SSSDConfig/sssdoptions.py:234 msgid "IPA server address" msgstr "IPA 伺服器位址" -#: src/config/SSSDConfig/sssdoptions.py:230 +#: src/config/SSSDConfig/sssdoptions.py:235 msgid "Address of backup IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:231 +#: src/config/SSSDConfig/sssdoptions.py:236 msgid "IPA client hostname" msgstr "IPA 客戶端主機名稱" -#: src/config/SSSDConfig/sssdoptions.py:232 +#: src/config/SSSDConfig/sssdoptions.py:237 msgid "Whether to automatically update the client's DNS entry in FreeIPA" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:235 +#: src/config/SSSDConfig/sssdoptions.py:240 msgid "Search base for HBAC related objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:236 +#: src/config/SSSDConfig/sssdoptions.py:241 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:237 +#: src/config/SSSDConfig/sssdoptions.py:242 msgid "" "The amount of time in seconds between lookups of the SELinux maps against " "the IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:239 +#: src/config/SSSDConfig/sssdoptions.py:244 msgid "If set to false, host argument given by PAM will be ignored" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:240 +#: src/config/SSSDConfig/sssdoptions.py:245 msgid "The automounter location this IPA client is using" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:241 +#: src/config/SSSDConfig/sssdoptions.py:246 msgid "Search base for object containing info about IPA domain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:242 +#: src/config/SSSDConfig/sssdoptions.py:247 msgid "Search base for objects containing info about ID ranges" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:243 -#: src/config/SSSDConfig/sssdoptions.py:299 +#: src/config/SSSDConfig/sssdoptions.py:248 +#: src/config/SSSDConfig/sssdoptions.py:304 msgid "Enable DNS sites - location based service discovery" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:244 +#: src/config/SSSDConfig/sssdoptions.py:249 msgid "Search base for view containers" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:245 +#: src/config/SSSDConfig/sssdoptions.py:250 msgid "Objectclass for view containers" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:246 +#: src/config/SSSDConfig/sssdoptions.py:251 msgid "Attribute with the name of the view" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:247 +#: src/config/SSSDConfig/sssdoptions.py:252 msgid "Objectclass for override objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:248 +#: src/config/SSSDConfig/sssdoptions.py:253 msgid "Attribute with the reference to the original object" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:249 +#: src/config/SSSDConfig/sssdoptions.py:254 msgid "Objectclass for user override objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:250 +#: src/config/SSSDConfig/sssdoptions.py:255 msgid "Objectclass for group override objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:251 +#: src/config/SSSDConfig/sssdoptions.py:256 msgid "Search base for Desktop Profile related objects" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:252 +#: src/config/SSSDConfig/sssdoptions.py:257 msgid "" "The amount of time in seconds between lookups of the Desktop Profile rules " "against the IPA server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:254 +#: src/config/SSSDConfig/sssdoptions.py:259 msgid "" "The amount of time in minutes between lookups of Desktop Profiles rules " "against the IPA server when the last request did not find any rule" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:257 +#: src/config/SSSDConfig/sssdoptions.py:262 msgid "Search base for SUBID ranges" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:258 -#: src/config/SSSDConfig/sssdoptions.py:503 +#: src/config/SSSDConfig/sssdoptions.py:263 +#: src/config/SSSDConfig/sssdoptions.py:508 msgid "Which rules should be used to evaluate access control" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:259 +#: src/config/SSSDConfig/sssdoptions.py:264 msgid "The LDAP attribute that contains FQDN of the host." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:260 -#: src/config/SSSDConfig/sssdoptions.py:283 +#: src/config/SSSDConfig/sssdoptions.py:265 +#: src/config/SSSDConfig/sssdoptions.py:288 msgid "The object class of a host entry in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:261 +#: src/config/SSSDConfig/sssdoptions.py:266 msgid "Use the given string as search base for host objects." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:262 +#: src/config/SSSDConfig/sssdoptions.py:267 msgid "The LDAP attribute that contains the host's SSH public keys." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:263 +#: src/config/SSSDConfig/sssdoptions.py:268 msgid "The LDAP attribute that contains NIS domain name of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:264 +#: src/config/SSSDConfig/sssdoptions.py:269 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:265 +#: src/config/SSSDConfig/sssdoptions.py:270 msgid "" "The LDAP attribute that lists FQDNs of hosts and host groups that are " "members of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:267 +#: src/config/SSSDConfig/sssdoptions.py:272 msgid "" "The LDAP attribute that lists hosts and host groups that are direct members " "of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:269 +#: src/config/SSSDConfig/sssdoptions.py:274 msgid "The LDAP attribute that lists netgroup's memberships." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:270 +#: src/config/SSSDConfig/sssdoptions.py:275 msgid "" "The LDAP attribute that lists system users and groups that are direct " "members of the netgroup." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:272 +#: src/config/SSSDConfig/sssdoptions.py:277 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:273 +#: src/config/SSSDConfig/sssdoptions.py:278 msgid "The object class of a netgroup entry in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:274 +#: src/config/SSSDConfig/sssdoptions.py:279 msgid "" "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:275 +#: src/config/SSSDConfig/sssdoptions.py:280 msgid "" "The LDAP attribute that contains whether or not is user map enabled for " "usage." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:277 +#: src/config/SSSDConfig/sssdoptions.py:282 msgid "The LDAP attribute that contains host category such as 'all'." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:278 +#: src/config/SSSDConfig/sssdoptions.py:283 msgid "" "The LDAP attribute that contains all hosts / hostgroups this rule match " "against." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:280 +#: src/config/SSSDConfig/sssdoptions.py:285 msgid "" "The LDAP attribute that contains all users / groups this rule match against." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:282 +#: src/config/SSSDConfig/sssdoptions.py:287 msgid "The LDAP attribute that contains the name of SELinux usermap." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:284 +#: src/config/SSSDConfig/sssdoptions.py:289 msgid "" "The LDAP attribute that contains DN of HBAC rule which can be used for " "matching instead of memberUser and memberHost." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:286 +#: src/config/SSSDConfig/sssdoptions.py:291 msgid "The LDAP attribute that contains SELinux user string itself." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:287 +#: src/config/SSSDConfig/sssdoptions.py:292 msgid "The LDAP attribute that contains user category such as 'all'." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:288 +#: src/config/SSSDConfig/sssdoptions.py:293 msgid "The LDAP attribute that contains unique ID of the user map." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:289 +#: src/config/SSSDConfig/sssdoptions.py:294 msgid "" "The option denotes that the SSSD is running on IPA server and should perform " "lookups of users and groups from trusted domains differently." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:291 +#: src/config/SSSDConfig/sssdoptions.py:296 msgid "Use the given string as search base for trusted domains." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:294 +#: src/config/SSSDConfig/sssdoptions.py:299 msgid "Active Directory domain" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:295 +#: src/config/SSSDConfig/sssdoptions.py:300 msgid "Enabled Active Directory domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:296 +#: src/config/SSSDConfig/sssdoptions.py:301 msgid "Active Directory server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:297 +#: src/config/SSSDConfig/sssdoptions.py:302 msgid "Active Directory backup server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:298 +#: src/config/SSSDConfig/sssdoptions.py:303 msgid "Active Directory client hostname" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:300 -#: src/config/SSSDConfig/sssdoptions.py:501 +#: src/config/SSSDConfig/sssdoptions.py:305 +#: src/config/SSSDConfig/sssdoptions.py:506 msgid "LDAP filter to determine access privileges" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:301 +#: src/config/SSSDConfig/sssdoptions.py:306 msgid "Whether to use the Global Catalog for lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:302 +#: src/config/SSSDConfig/sssdoptions.py:307 msgid "Operation mode for GPO-based access control" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:303 +#: src/config/SSSDConfig/sssdoptions.py:308 msgid "" "The amount of time between lookups of the GPO policy files against the AD " "server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:304 +#: src/config/SSSDConfig/sssdoptions.py:309 msgid "" "PAM service names that map to the GPO (Deny)InteractiveLogonRight policy " "settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:306 +#: src/config/SSSDConfig/sssdoptions.py:311 msgid "" "PAM service names that map to the GPO (Deny)RemoteInteractiveLogonRight " "policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:308 +#: src/config/SSSDConfig/sssdoptions.py:313 msgid "" "PAM service names that map to the GPO (Deny)NetworkLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:309 +#: src/config/SSSDConfig/sssdoptions.py:314 msgid "" "PAM service names that map to the GPO (Deny)BatchLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:310 +#: src/config/SSSDConfig/sssdoptions.py:315 msgid "" "PAM service names that map to the GPO (Deny)ServiceLogonRight policy settings" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:311 +#: src/config/SSSDConfig/sssdoptions.py:316 msgid "PAM service names for which GPO-based access is always granted" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:312 +#: src/config/SSSDConfig/sssdoptions.py:317 msgid "PAM service names for which GPO-based access is always denied" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:313 +#: src/config/SSSDConfig/sssdoptions.py:318 msgid "" "Default logon right (or permit/deny) to use for unmapped PAM service names" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:314 +#: src/config/SSSDConfig/sssdoptions.py:319 msgid "a particular site to be used by the client" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:315 +#: src/config/SSSDConfig/sssdoptions.py:320 msgid "" "Maximum age in days before the machine account password should be renewed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:317 +#: src/config/SSSDConfig/sssdoptions.py:322 msgid "Option for tuning the machine account renewal task" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:318 +#: src/config/SSSDConfig/sssdoptions.py:323 msgid "Whether to update the machine account password in the Samba database" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:320 +#: src/config/SSSDConfig/sssdoptions.py:325 msgid "Use LDAPS port for LDAP and Global Catalog requests" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:321 +#: src/config/SSSDConfig/sssdoptions.py:326 msgid "Do not filter domain local groups from other domains" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:324 -#: src/config/SSSDConfig/sssdoptions.py:325 +#: src/config/SSSDConfig/sssdoptions.py:329 +#: src/config/SSSDConfig/sssdoptions.py:330 msgid "Kerberos server address" msgstr "Kerberos 伺服器位址" -#: src/config/SSSDConfig/sssdoptions.py:326 +#: src/config/SSSDConfig/sssdoptions.py:331 msgid "Kerberos backup server address" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:327 +#: src/config/SSSDConfig/sssdoptions.py:332 msgid "Kerberos realm" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:328 +#: src/config/SSSDConfig/sssdoptions.py:333 msgid "Authentication timeout" msgstr "認證逾時" -#: src/config/SSSDConfig/sssdoptions.py:329 +#: src/config/SSSDConfig/sssdoptions.py:334 msgid "Whether to create kdcinfo files" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:330 +#: src/config/SSSDConfig/sssdoptions.py:335 msgid "Where to drop krb5 config snippets" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:333 +#: src/config/SSSDConfig/sssdoptions.py:338 msgid "Directory to store credential caches" msgstr "儲存憑證快取的目錄" -#: src/config/SSSDConfig/sssdoptions.py:334 +#: src/config/SSSDConfig/sssdoptions.py:339 msgid "Location of the user's credential cache" msgstr "使用者憑證快取的位置" -#: src/config/SSSDConfig/sssdoptions.py:335 +#: src/config/SSSDConfig/sssdoptions.py:340 msgid "Location of the keytab to validate credentials" msgstr "驗證憑證用的金鑰表格位置" -#: src/config/SSSDConfig/sssdoptions.py:336 +#: src/config/SSSDConfig/sssdoptions.py:341 msgid "Enable credential validation" msgstr "啟用憑證驗證" -#: src/config/SSSDConfig/sssdoptions.py:337 +#: src/config/SSSDConfig/sssdoptions.py:342 msgid "Store password if offline for later online authentication" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:338 +#: src/config/SSSDConfig/sssdoptions.py:343 msgid "Renewable lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:339 +#: src/config/SSSDConfig/sssdoptions.py:344 msgid "Lifetime of the TGT" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:340 +#: src/config/SSSDConfig/sssdoptions.py:345 msgid "Time between two checks for renewal" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:341 +#: src/config/SSSDConfig/sssdoptions.py:346 msgid "Enables FAST" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:342 +#: src/config/SSSDConfig/sssdoptions.py:347 msgid "Selects the principal to use for FAST" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:343 +#: src/config/SSSDConfig/sssdoptions.py:348 msgid "Use anonymous PKINIT to request FAST credentials" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:344 +#: src/config/SSSDConfig/sssdoptions.py:349 msgid "Enables principal canonicalization" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:345 +#: src/config/SSSDConfig/sssdoptions.py:350 msgid "Enables enterprise principals" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:346 +#: src/config/SSSDConfig/sssdoptions.py:351 msgid "Enables using of subdomains realms for authentication" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:347 +#: src/config/SSSDConfig/sssdoptions.py:352 msgid "A mapping from user names to Kerberos principal names" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:350 -#: src/config/SSSDConfig/sssdoptions.py:351 +#: src/config/SSSDConfig/sssdoptions.py:355 +#: src/config/SSSDConfig/sssdoptions.py:356 msgid "Server where the change password service is running if not on the KDC" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:354 +#: src/config/SSSDConfig/sssdoptions.py:359 msgid "ldap_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:355 +#: src/config/SSSDConfig/sssdoptions.py:360 msgid "ldap_backup_uri, The URI of the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:356 +#: src/config/SSSDConfig/sssdoptions.py:361 msgid "The default base DN" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:357 +#: src/config/SSSDConfig/sssdoptions.py:362 msgid "The Schema Type in use on the LDAP server, rfc2307" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:358 +#: src/config/SSSDConfig/sssdoptions.py:363 msgid "Mode used to change user password" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:359 +#: src/config/SSSDConfig/sssdoptions.py:364 msgid "The default bind DN" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:360 +#: src/config/SSSDConfig/sssdoptions.py:365 msgid "The type of the authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:361 +#: src/config/SSSDConfig/sssdoptions.py:366 msgid "The authentication token of the default bind DN" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:362 +#: src/config/SSSDConfig/sssdoptions.py:367 msgid "Length of time to attempt connection" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:363 +#: src/config/SSSDConfig/sssdoptions.py:368 msgid "Length of time to attempt synchronous LDAP operations" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:364 +#: src/config/SSSDConfig/sssdoptions.py:369 msgid "Length of time between attempts to reconnect while offline" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:365 +#: src/config/SSSDConfig/sssdoptions.py:370 msgid "Use only the upper case for realm names" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:366 +#: src/config/SSSDConfig/sssdoptions.py:371 msgid "File that contains CA certificates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:367 +#: src/config/SSSDConfig/sssdoptions.py:372 msgid "Path to CA certificate directory" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:368 +#: src/config/SSSDConfig/sssdoptions.py:373 msgid "File that contains the client certificate" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:369 +#: src/config/SSSDConfig/sssdoptions.py:374 msgid "File that contains the client key" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:370 +#: src/config/SSSDConfig/sssdoptions.py:375 msgid "List of possible ciphers suites" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:371 +#: src/config/SSSDConfig/sssdoptions.py:376 msgid "Require TLS certificate verification" msgstr "需要 TLS 憑證驗證" -#: src/config/SSSDConfig/sssdoptions.py:372 +#: src/config/SSSDConfig/sssdoptions.py:377 msgid "Specify the sasl mechanism to use" msgstr "指定要使用的 sasl 機制" -#: src/config/SSSDConfig/sssdoptions.py:373 +#: src/config/SSSDConfig/sssdoptions.py:378 msgid "Specify the sasl authorization id to use" msgstr "指定要使用的 sasl 認證 id" -#: src/config/SSSDConfig/sssdoptions.py:374 +#: src/config/SSSDConfig/sssdoptions.py:379 msgid "Specify the sasl authorization realm to use" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:375 +#: src/config/SSSDConfig/sssdoptions.py:380 msgid "Specify the minimal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:376 +#: src/config/SSSDConfig/sssdoptions.py:381 msgid "Specify the maximal SSF for LDAP sasl authorization" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:377 +#: src/config/SSSDConfig/sssdoptions.py:382 msgid "Kerberos service keytab" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:378 +#: src/config/SSSDConfig/sssdoptions.py:383 msgid "Use Kerberos auth for LDAP connection" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:379 +#: src/config/SSSDConfig/sssdoptions.py:384 msgid "Follow LDAP referrals" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:380 +#: src/config/SSSDConfig/sssdoptions.py:385 msgid "Lifetime of TGT for LDAP connection" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:381 +#: src/config/SSSDConfig/sssdoptions.py:386 msgid "How to dereference aliases" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:382 +#: src/config/SSSDConfig/sssdoptions.py:387 msgid "Service name for DNS service lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:383 +#: src/config/SSSDConfig/sssdoptions.py:388 msgid "The number of records to retrieve in a single LDAP query" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:384 +#: src/config/SSSDConfig/sssdoptions.py:389 msgid "The number of members that must be missing to trigger a full deref" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:385 +#: src/config/SSSDConfig/sssdoptions.py:390 msgid "Ignore unreadable LDAP references" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:386 +#: src/config/SSSDConfig/sssdoptions.py:391 msgid "" "Whether the LDAP library should perform a reverse lookup to canonicalize the " "host name during a SASL bind" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:388 +#: src/config/SSSDConfig/sssdoptions.py:393 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:391 +#: src/config/SSSDConfig/sssdoptions.py:396 msgid "entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:392 +#: src/config/SSSDConfig/sssdoptions.py:397 msgid "lastUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:394 +#: src/config/SSSDConfig/sssdoptions.py:399 msgid "How long to retain a connection to the LDAP server before disconnecting" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:397 +#: src/config/SSSDConfig/sssdoptions.py:402 msgid "Disable the LDAP paging control" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:398 +#: src/config/SSSDConfig/sssdoptions.py:403 msgid "Disable Active Directory range retrieval" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:399 +#: src/config/SSSDConfig/sssdoptions.py:404 msgid "Use the ppolicy extension" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:400 +#: src/config/SSSDConfig/sssdoptions.py:405 msgid "" "Force a password change when remaining grace logins reach or go below this " "threshold" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:403 +#: src/config/SSSDConfig/sssdoptions.py:408 msgid "Length of time to wait for a search request" msgstr "搜尋請求的等候時間長度" -#: src/config/SSSDConfig/sssdoptions.py:404 +#: src/config/SSSDConfig/sssdoptions.py:409 msgid "Length of time to wait for a enumeration request" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:405 +#: src/config/SSSDConfig/sssdoptions.py:410 msgid "Length of time between enumeration updates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:406 +#: src/config/SSSDConfig/sssdoptions.py:411 msgid "Maximum period deviation between enumeration updates" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:407 +#: src/config/SSSDConfig/sssdoptions.py:412 msgid "Length of time between cache cleanups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:408 +#: src/config/SSSDConfig/sssdoptions.py:413 msgid "Maximum time deviation between cache cleanups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:409 +#: src/config/SSSDConfig/sssdoptions.py:414 msgid "Require TLS for ID lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:410 +#: src/config/SSSDConfig/sssdoptions.py:415 msgid "Use ID-mapping of objectSID instead of pre-set IDs" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:411 +#: src/config/SSSDConfig/sssdoptions.py:416 msgid "Base DN for user lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:412 +#: src/config/SSSDConfig/sssdoptions.py:417 msgid "Scope of user lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:413 +#: src/config/SSSDConfig/sssdoptions.py:418 msgid "Filter for user lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:414 +#: src/config/SSSDConfig/sssdoptions.py:419 msgid "Objectclass for users" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:415 +#: src/config/SSSDConfig/sssdoptions.py:420 msgid "Username attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:416 +#: src/config/SSSDConfig/sssdoptions.py:421 msgid "UID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:417 +#: src/config/SSSDConfig/sssdoptions.py:422 msgid "Primary GID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:418 +#: src/config/SSSDConfig/sssdoptions.py:423 msgid "GECOS attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:419 +#: src/config/SSSDConfig/sssdoptions.py:424 msgid "Home directory attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:420 +#: src/config/SSSDConfig/sssdoptions.py:425 msgid "Shell attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:421 +#: src/config/SSSDConfig/sssdoptions.py:426 msgid "UUID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:422 -#: src/config/SSSDConfig/sssdoptions.py:461 +#: src/config/SSSDConfig/sssdoptions.py:427 +#: src/config/SSSDConfig/sssdoptions.py:466 msgid "objectSID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:423 +#: src/config/SSSDConfig/sssdoptions.py:428 msgid "Active Directory primary group attribute for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:424 +#: src/config/SSSDConfig/sssdoptions.py:429 msgid "User principal attribute (for Kerberos)" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:425 +#: src/config/SSSDConfig/sssdoptions.py:430 msgid "Full Name" msgstr "全名" -#: src/config/SSSDConfig/sssdoptions.py:426 +#: src/config/SSSDConfig/sssdoptions.py:431 msgid "memberOf attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:427 +#: src/config/SSSDConfig/sssdoptions.py:432 msgid "Modification time attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:428 +#: src/config/SSSDConfig/sssdoptions.py:433 msgid "shadowLastChange attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:429 +#: src/config/SSSDConfig/sssdoptions.py:434 msgid "shadowMin attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:430 +#: src/config/SSSDConfig/sssdoptions.py:435 msgid "shadowMax attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:431 +#: src/config/SSSDConfig/sssdoptions.py:436 msgid "shadowWarning attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:432 +#: src/config/SSSDConfig/sssdoptions.py:437 msgid "shadowInactive attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:433 +#: src/config/SSSDConfig/sssdoptions.py:438 msgid "shadowExpire attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:434 +#: src/config/SSSDConfig/sssdoptions.py:439 msgid "shadowFlag attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:435 +#: src/config/SSSDConfig/sssdoptions.py:440 msgid "Attribute listing authorized PAM services" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:436 +#: src/config/SSSDConfig/sssdoptions.py:441 msgid "Attribute listing authorized server hosts" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:437 +#: src/config/SSSDConfig/sssdoptions.py:442 msgid "Attribute listing authorized server rhosts" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:438 +#: src/config/SSSDConfig/sssdoptions.py:443 msgid "krbLastPwdChange attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:439 +#: src/config/SSSDConfig/sssdoptions.py:444 msgid "krbPasswordExpiration attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:440 +#: src/config/SSSDConfig/sssdoptions.py:445 msgid "Attribute indicating that server side password policies are active" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:441 +#: src/config/SSSDConfig/sssdoptions.py:446 msgid "accountExpires attribute of AD" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:442 +#: src/config/SSSDConfig/sssdoptions.py:447 msgid "userAccountControl attribute of AD" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:443 +#: src/config/SSSDConfig/sssdoptions.py:448 msgid "nsAccountLock attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:444 +#: src/config/SSSDConfig/sssdoptions.py:449 msgid "loginDisabled attribute of NDS" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:445 +#: src/config/SSSDConfig/sssdoptions.py:450 msgid "loginExpirationTime attribute of NDS" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:446 +#: src/config/SSSDConfig/sssdoptions.py:451 msgid "loginAllowedTimeMap attribute of NDS" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:447 +#: src/config/SSSDConfig/sssdoptions.py:452 msgid "SSH public key attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:448 +#: src/config/SSSDConfig/sssdoptions.py:453 msgid "attribute listing allowed authentication types for a user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:449 +#: src/config/SSSDConfig/sssdoptions.py:454 msgid "attribute containing the X509 certificate of the user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:450 +#: src/config/SSSDConfig/sssdoptions.py:455 msgid "attribute containing the email address of the user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:451 +#: src/config/SSSDConfig/sssdoptions.py:456 msgid "attribute containing the passkey mapping data of the user" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:452 +#: src/config/SSSDConfig/sssdoptions.py:457 msgid "A list of extra attributes to download along with the user entry" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:454 +#: src/config/SSSDConfig/sssdoptions.py:459 msgid "Base DN for group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:455 +#: src/config/SSSDConfig/sssdoptions.py:460 msgid "Objectclass for groups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:456 +#: src/config/SSSDConfig/sssdoptions.py:461 msgid "Group name" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:457 +#: src/config/SSSDConfig/sssdoptions.py:462 msgid "Group password" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:458 +#: src/config/SSSDConfig/sssdoptions.py:463 msgid "GID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:459 +#: src/config/SSSDConfig/sssdoptions.py:464 msgid "Group member attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:460 +#: src/config/SSSDConfig/sssdoptions.py:465 msgid "Group UUID attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:462 +#: src/config/SSSDConfig/sssdoptions.py:467 msgid "Modification time attribute for groups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:463 +#: src/config/SSSDConfig/sssdoptions.py:468 msgid "Type of the group and other flags" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:464 +#: src/config/SSSDConfig/sssdoptions.py:469 msgid "The LDAP group external member attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:465 +#: src/config/SSSDConfig/sssdoptions.py:470 msgid "Maximum nesting level SSSD will follow" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:466 +#: src/config/SSSDConfig/sssdoptions.py:471 msgid "Filter for group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:467 +#: src/config/SSSDConfig/sssdoptions.py:472 msgid "Scope of group lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:469 +#: src/config/SSSDConfig/sssdoptions.py:474 msgid "Base DN for netgroup lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:470 +#: src/config/SSSDConfig/sssdoptions.py:475 msgid "Objectclass for netgroups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:471 +#: src/config/SSSDConfig/sssdoptions.py:476 msgid "Netgroup name" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:472 +#: src/config/SSSDConfig/sssdoptions.py:477 msgid "Netgroups members attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:473 +#: src/config/SSSDConfig/sssdoptions.py:478 msgid "Netgroup triple attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:474 +#: src/config/SSSDConfig/sssdoptions.py:479 msgid "Modification time attribute for netgroups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:476 +#: src/config/SSSDConfig/sssdoptions.py:481 msgid "Base DN for service lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:477 +#: src/config/SSSDConfig/sssdoptions.py:482 msgid "Objectclass for services" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:478 +#: src/config/SSSDConfig/sssdoptions.py:483 msgid "Service name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:479 +#: src/config/SSSDConfig/sssdoptions.py:484 msgid "Service port attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:480 +#: src/config/SSSDConfig/sssdoptions.py:485 msgid "Service protocol attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:482 +#: src/config/SSSDConfig/sssdoptions.py:487 msgid "Lower bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:483 +#: src/config/SSSDConfig/sssdoptions.py:488 msgid "Upper bound for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:484 +#: src/config/SSSDConfig/sssdoptions.py:489 msgid "Number of IDs for each slice when ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:485 +#: src/config/SSSDConfig/sssdoptions.py:490 msgid "Use autorid-compatible algorithm for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:486 +#: src/config/SSSDConfig/sssdoptions.py:491 msgid "Name of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:487 +#: src/config/SSSDConfig/sssdoptions.py:492 msgid "SID of the default domain for ID-mapping" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:488 +#: src/config/SSSDConfig/sssdoptions.py:493 msgid "Number of secondary slices" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:490 +#: src/config/SSSDConfig/sssdoptions.py:495 msgid "Whether to use Token-Groups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:491 +#: src/config/SSSDConfig/sssdoptions.py:496 msgid "Set lower boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:492 +#: src/config/SSSDConfig/sssdoptions.py:497 msgid "Set upper boundary for allowed IDs from the LDAP server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:493 +#: src/config/SSSDConfig/sssdoptions.py:498 msgid "DN for ppolicy queries" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:494 +#: src/config/SSSDConfig/sssdoptions.py:499 msgid "How many maximum entries to fetch during a wildcard request" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:495 +#: src/config/SSSDConfig/sssdoptions.py:500 msgid "Set libldap debug level" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:498 +#: src/config/SSSDConfig/sssdoptions.py:503 msgid "Policy to evaluate the password expiration" msgstr "評估密碼過期時效的策略" -#: src/config/SSSDConfig/sssdoptions.py:502 +#: src/config/SSSDConfig/sssdoptions.py:507 msgid "Which attributes shall be used to evaluate if an account is expired" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:506 +#: src/config/SSSDConfig/sssdoptions.py:511 msgid "URI of an LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:507 +#: src/config/SSSDConfig/sssdoptions.py:512 msgid "URI of a backup LDAP server where password changes are allowed" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:508 +#: src/config/SSSDConfig/sssdoptions.py:513 msgid "DNS service name for LDAP password change server" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:509 +#: src/config/SSSDConfig/sssdoptions.py:514 msgid "" "Whether to update the ldap_user_shadow_last_change attribute after a " "password change" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:513 +#: src/config/SSSDConfig/sssdoptions.py:518 msgid "Base DN for sudo rules lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:514 +#: src/config/SSSDConfig/sssdoptions.py:519 msgid "Automatic full refresh period" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:515 +#: src/config/SSSDConfig/sssdoptions.py:520 msgid "Automatic smart refresh period" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:516 +#: src/config/SSSDConfig/sssdoptions.py:521 msgid "Smart and full refresh random offset" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:517 +#: src/config/SSSDConfig/sssdoptions.py:522 msgid "Whether to filter rules by hostname, IP addresses and network" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:518 +#: src/config/SSSDConfig/sssdoptions.py:523 msgid "" "Hostnames and/or fully qualified domain names of this machine to filter sudo " "rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:519 +#: src/config/SSSDConfig/sssdoptions.py:524 msgid "IPv4 or IPv6 addresses or network of this machine to filter sudo rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:520 +#: src/config/SSSDConfig/sssdoptions.py:525 msgid "Whether to include rules that contains netgroup in host attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:521 +#: src/config/SSSDConfig/sssdoptions.py:526 msgid "" "Whether to include rules that contains regular expression in host attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:522 +#: src/config/SSSDConfig/sssdoptions.py:527 msgid "Object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:523 +#: src/config/SSSDConfig/sssdoptions.py:528 msgid "Name of attribute that is used as object class for sudo rules" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:524 +#: src/config/SSSDConfig/sssdoptions.py:529 msgid "Sudo rule name" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:525 +#: src/config/SSSDConfig/sssdoptions.py:530 msgid "Sudo rule command attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:526 +#: src/config/SSSDConfig/sssdoptions.py:531 msgid "Sudo rule host attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:527 +#: src/config/SSSDConfig/sssdoptions.py:532 msgid "Sudo rule user attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:528 +#: src/config/SSSDConfig/sssdoptions.py:533 msgid "Sudo rule option attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:529 +#: src/config/SSSDConfig/sssdoptions.py:534 msgid "Sudo rule runas attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:530 +#: src/config/SSSDConfig/sssdoptions.py:535 msgid "Sudo rule runasuser attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:531 +#: src/config/SSSDConfig/sssdoptions.py:536 msgid "Sudo rule runasgroup attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:532 +#: src/config/SSSDConfig/sssdoptions.py:537 msgid "Sudo rule notbefore attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:533 +#: src/config/SSSDConfig/sssdoptions.py:538 msgid "Sudo rule notafter attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:534 +#: src/config/SSSDConfig/sssdoptions.py:539 msgid "Sudo rule order attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:537 +#: src/config/SSSDConfig/sssdoptions.py:542 msgid "Object class for automounter maps" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:538 +#: src/config/SSSDConfig/sssdoptions.py:543 msgid "Automounter map name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:539 +#: src/config/SSSDConfig/sssdoptions.py:544 msgid "Object class for automounter map entries" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:540 +#: src/config/SSSDConfig/sssdoptions.py:545 msgid "Automounter map entry key attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:541 +#: src/config/SSSDConfig/sssdoptions.py:546 msgid "Automounter map entry value attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:542 +#: src/config/SSSDConfig/sssdoptions.py:547 msgid "Base DN for automounter map lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:543 +#: src/config/SSSDConfig/sssdoptions.py:548 msgid "The name of the automount master map in LDAP." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:546 +#: src/config/SSSDConfig/sssdoptions.py:551 msgid "Base DN for IP hosts lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:547 +#: src/config/SSSDConfig/sssdoptions.py:552 msgid "Object class for IP hosts" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:548 +#: src/config/SSSDConfig/sssdoptions.py:553 msgid "IP host name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:549 +#: src/config/SSSDConfig/sssdoptions.py:554 msgid "IP host number (address) attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:550 +#: src/config/SSSDConfig/sssdoptions.py:555 msgid "IP host entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:551 +#: src/config/SSSDConfig/sssdoptions.py:556 msgid "Base DN for IP networks lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:552 +#: src/config/SSSDConfig/sssdoptions.py:557 msgid "Object class for IP networks" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:553 +#: src/config/SSSDConfig/sssdoptions.py:558 msgid "IP network name attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:554 +#: src/config/SSSDConfig/sssdoptions.py:559 msgid "IP network number (address) attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:555 +#: src/config/SSSDConfig/sssdoptions.py:560 msgid "IP network entryUSN attribute" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:558 +#: src/config/SSSDConfig/sssdoptions.py:563 msgid "Comma separated list of allowed users" msgstr "許可的使用者清單,請使用半形逗號作為分隔" -#: src/config/SSSDConfig/sssdoptions.py:559 +#: src/config/SSSDConfig/sssdoptions.py:564 msgid "Comma separated list of prohibited users" msgstr "被禁止的使用者清單,請使用半形逗號作為分隔" -#: src/config/SSSDConfig/sssdoptions.py:560 +#: src/config/SSSDConfig/sssdoptions.py:565 msgid "" "Comma separated list of groups that are allowed to log in. This applies only " "to groups within this SSSD domain. Local groups are not evaluated." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:562 +#: src/config/SSSDConfig/sssdoptions.py:567 msgid "" "Comma separated list of groups that are explicitly denied access. This " "applies only to groups within this SSSD domain. Local groups are not " "evaluated." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:566 +#: src/config/SSSDConfig/sssdoptions.py:571 msgid "The number of preforked proxy children." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:569 +#: src/config/SSSDConfig/sssdoptions.py:574 msgid "The name of the NSS library to use" msgstr "要使用的 NSS 函式庫名稱" -#: src/config/SSSDConfig/sssdoptions.py:570 +#: src/config/SSSDConfig/sssdoptions.py:575 msgid "The name of the NSS library to use for hosts and networks lookups" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:571 +#: src/config/SSSDConfig/sssdoptions.py:576 msgid "Whether to look up canonical group name from cache if possible" msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:574 +#: src/config/SSSDConfig/sssdoptions.py:579 msgid "PAM stack to use" msgstr "要使用的 PAM 堆疊" -#: src/config/SSSDConfig/sssdoptions.py:577 +#: src/config/SSSDConfig/sssdoptions.py:582 msgid "Path of passwd file sources." msgstr "" -#: src/config/SSSDConfig/sssdoptions.py:578 +#: src/config/SSSDConfig/sssdoptions.py:583 msgid "Path of group file sources." msgstr "" @@ -1898,76 +1917,72 @@ msgstr "" msgid "Can't read config: '%s'\n" msgstr "" -#: src/monitor/monitor.c:1953 +#: src/monitor/monitor.c:1956 #, c-format msgid "Failed to boostrap SSSD 'monitor' process: %s" msgstr "" -#: src/monitor/monitor.c:2050 +#: src/monitor/monitor.c:2053 msgid "Out of memory\n" msgstr "記憶體耗盡\n" -#: src/providers/krb5/krb5_child.c:4145 src/providers/ldap/ldap_child.c:994 -msgid "Allow core dumps" +#: src/providers/krb5/krb5_child.c:4113 src/providers/ldap/ldap_child.c:995 +msgid "Ignored, /proc/sys/fs/suid_dumpable setting is in force" msgstr "" -#: src/providers/krb5/krb5_child.c:4147 src/providers/ldap/ldap_child.c:996 -msgid "An open file descriptor for the debug logs" -msgstr "" - -#: src/providers/krb5/krb5_child.c:4150 -msgid "The user to create FAST ccache as" +#: src/providers/krb5/krb5_child.c:4115 src/providers/ldap/ldap_child.c:997 +msgid "Enable debug backtrace" msgstr "" -#: src/providers/krb5/krb5_child.c:4152 -msgid "The group to create FAST ccache as" +#: src/providers/krb5/krb5_child.c:4117 src/providers/ldap/ldap_child.c:999 +msgid "An open file descriptor for the debug logs" msgstr "" -#: src/providers/krb5/krb5_child.c:4154 +#: src/providers/krb5/krb5_child.c:4120 msgid "Use anonymous PKINIT to request FAST armor ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:4156 +#: src/providers/krb5/krb5_child.c:4122 msgid "Kerberos realm to use" msgstr "" -#: src/providers/krb5/krb5_child.c:4158 +#: src/providers/krb5/krb5_child.c:4124 msgid "Requested lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:4160 +#: src/providers/krb5/krb5_child.c:4126 msgid "Requested renewable lifetime of the ticket" msgstr "" -#: src/providers/krb5/krb5_child.c:4162 +#: src/providers/krb5/krb5_child.c:4128 msgid "FAST options ('never', 'try', 'demand')" msgstr "" -#: src/providers/krb5/krb5_child.c:4165 +#: src/providers/krb5/krb5_child.c:4131 msgid "Specifies the server principal to use for FAST" msgstr "" -#: src/providers/krb5/krb5_child.c:4167 +#: src/providers/krb5/krb5_child.c:4133 msgid "Requests canonicalization of the principal name" msgstr "" -#: src/providers/krb5/krb5_child.c:4169 +#: src/providers/krb5/krb5_child.c:4135 msgid "Use custom version of krb5_get_init_creds_password" msgstr "" -#: src/providers/krb5/krb5_child.c:4171 +#: src/providers/krb5/krb5_child.c:4137 msgid "Tevent chain ID used for logging purposes" msgstr "" -#: src/providers/krb5/krb5_child.c:4173 +#: src/providers/krb5/krb5_child.c:4139 msgid "Check PAC flags" msgstr "" -#: src/providers/krb5/krb5_child.c:4217 src/providers/ldap/ldap_child.c:1022 +#: src/providers/krb5/krb5_child.c:4187 src/providers/ldap/ldap_child.c:1029 msgid "talloc_asprintf failed.\n" msgstr "" -#: src/providers/krb5/krb5_child.c:4227 src/providers/ldap/ldap_child.c:1031 +#: src/providers/krb5/krb5_child.c:4197 src/providers/ldap/ldap_child.c:1038 msgid "set_debug_file_from_fd failed.\n" msgstr "" @@ -2131,7 +2146,7 @@ msgstr "" msgid "Current Password: " msgstr "目前的密碼:" -#: src/sss_client/pam_sss.c:3147 +#: src/sss_client/pam_sss.c:3150 msgid "Password expired. Change your password now." msgstr "密碼已過期。請立刻變更您的密碼。" @@ -2796,24 +2811,28 @@ msgstr "" #: src/tools/sssctl/sssctl_config.c:120 #, c-format -msgid "Failed to read '%s': %s\n" +msgid "Configuration validation failed: %s\n" msgstr "" -#: src/tools/sssctl/sssctl_config.c:129 +#: src/tools/sssctl/sssctl_config.c:121 +msgid "Run with high debug level to see details.\n" +msgstr "" + +#: src/tools/sssctl/sssctl_config.c:130 msgid "Failed to run validators" msgstr "" -#: src/tools/sssctl/sssctl_config.c:133 +#: src/tools/sssctl/sssctl_config.c:134 #, c-format msgid "Issues identified by validators: %zu\n" msgstr "" -#: src/tools/sssctl/sssctl_config.c:144 +#: src/tools/sssctl/sssctl_config.c:145 #, c-format msgid "Messages generated during configuration merging: %zu\n" msgstr "" -#: src/tools/sssctl/sssctl_config.c:157 +#: src/tools/sssctl/sssctl_config.c:158 #, c-format msgid "Used configuration snippet files: %zu\n" msgstr "" @@ -3304,11 +3323,11 @@ msgstr "" msgid " - no env -\n" msgstr "" -#: src/util/util.h:98 +#: src/util/util.h:91 msgid "Specify a non-default config file" msgstr "指定非預設的配置檔" -#: src/util/util.h:105 +#: src/util/util.h:98 msgid "Informs that the responder has been socket-activated" msgstr "" diff --git a/src/man/po/br.po b/src/man/po/br.po index 31d1187a14e..96aa991d970 100644 --- a/src/man/po/br.po +++ b/src/man/po/br.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 2.3.0\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2024-10-15 11:44+0200\n" +"POT-Creation-Date: 2024-12-10 14:33+0100\n" "PO-Revision-Date: 2014-12-14 11:51-0500\n" "Last-Translator: Copied by Zanata \n" "Language-Team: Breton (http://www.transifex.com/projects/p/sssd/language/" @@ -117,17 +117,17 @@ msgstr "" #. type: Content of: #: sssd.conf.5.xml:60 msgid "" -"sssd.conf must be a regular file that is owned, " -"readable, and writeable by the same user as configured to run SSSD service." +"sssd.conf must be a regular file that is accessible " +"only by the user used to run SSSD service or root." msgstr "" #. type: Content of: -#: sssd.conf.5.xml:67 +#: sssd.conf.5.xml:66 msgid "CONFIGURATION SNIPPETS FROM INCLUDE DIRECTORY" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:70 +#: sssd.conf.5.xml:69 msgid "" "The configuration file <filename>sssd.conf</filename> will include " "configuration snippets using the include directory <filename>conf.d</" @@ -135,7 +135,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:76 +#: sssd.conf.5.xml:75 msgid "" "Any file placed in <filename>conf.d</filename> that ends in " "<quote><filename>.conf</filename></quote> and does not begin with a dot " @@ -144,7 +144,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:84 +#: sssd.conf.5.xml:83 msgid "" "The configuration snippets from <filename>conf.d</filename> have higher " "priority than <filename>sssd.conf</filename> and will override " @@ -157,39 +157,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:98 +#: sssd.conf.5.xml:97 msgid "" "The snippet files require the same owner and permissions as <filename>sssd." "conf</filename>." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:104 +#: sssd.conf.5.xml:103 msgid "GENERAL OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:106 +#: sssd.conf.5.xml:105 msgid "Following options are usable in more than one configuration sections." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:110 +#: sssd.conf.5.xml:109 msgid "Options usable in all sections" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:114 +#: sssd.conf.5.xml:113 msgid "debug_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:118 +#: sssd.conf.5.xml:117 msgid "debug (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:121 +#: sssd.conf.5.xml:120 msgid "" "SSSD 1.14 and later also includes the <replaceable>debug</replaceable> alias " "for <replaceable>debug_level</replaceable> as a convenience feature. If both " @@ -198,62 +198,62 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:131 +#: sssd.conf.5.xml:130 msgid "debug_timestamps (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:134 +#: sssd.conf.5.xml:133 msgid "" "Add a timestamp to the debug messages. If journald is enabled for SSSD " "debug logging this option is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 sssd.conf.5.xml:176 sssd.conf.5.xml:338 -#: sssd.conf.5.xml:698 sssd.conf.5.xml:713 sssd.conf.5.xml:923 -#: sssd.conf.5.xml:1041 sssd.conf.5.xml:2169 sssd-ldap.5.xml:920 -#: sssd-ldap.5.xml:1074 sssd-ldap.5.xml:1177 sssd-ldap.5.xml:1246 -#: sssd-ldap.5.xml:1654 sssd-ldap.5.xml:1788 sssd-ldap.5.xml:1853 -#: sssd-ipa.5.xml:347 sssd-ad.5.xml:252 sssd-ad.5.xml:367 sssd-ad.5.xml:1201 -#: sssd-ad.5.xml:1354 sssd-krb5.5.xml:358 +#: sssd.conf.5.xml:138 sssd.conf.5.xml:175 sssd.conf.5.xml:337 +#: sssd.conf.5.xml:701 sssd.conf.5.xml:716 sssd.conf.5.xml:926 +#: sssd.conf.5.xml:1044 sssd.conf.5.xml:2172 sssd-ldap.5.xml:931 +#: sssd-ldap.5.xml:1085 sssd-ldap.5.xml:1188 sssd-ldap.5.xml:1257 +#: sssd-ldap.5.xml:1665 sssd-ldap.5.xml:1799 sssd-ldap.5.xml:1864 +#: sssd-ipa.5.xml:361 sssd-ad.5.xml:252 sssd-ad.5.xml:367 sssd-ad.5.xml:1204 +#: sssd-ad.5.xml:1371 sssd-krb5.5.xml:358 msgid "Default: true" msgstr "Dre ziouer : true" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:144 +#: sssd.conf.5.xml:143 msgid "debug_microseconds (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:147 +#: sssd.conf.5.xml:146 msgid "" "Add microseconds to the timestamp in debug messages. If journald is enabled " "for SSSD debug logging this option is ignored." msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:152 sssd.conf.5.xml:636 sssd.conf.5.xml:920 -#: sssd.conf.5.xml:2072 sssd.conf.5.xml:2139 sssd.conf.5.xml:4231 -#: sssd-ldap.5.xml:313 sssd-ldap.5.xml:939 sssd-ldap.5.xml:1149 -#: sssd-ldap.5.xml:1603 sssd-ldap.5.xml:1877 sssd-ipa.5.xml:152 -#: sssd-ipa.5.xml:254 sssd-ipa.5.xml:662 sssd-ad.5.xml:1107 sssd-krb5.5.xml:268 +#: sssd.conf.5.xml:151 sssd.conf.5.xml:639 sssd.conf.5.xml:923 +#: sssd.conf.5.xml:2075 sssd.conf.5.xml:2142 sssd.conf.5.xml:4234 +#: sssd-ldap.5.xml:324 sssd-ldap.5.xml:950 sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1888 sssd-ipa.5.xml:152 +#: sssd-ipa.5.xml:254 sssd-ipa.5.xml:726 sssd-ad.5.xml:1107 sssd-krb5.5.xml:268 #: sssd-krb5.5.xml:330 sssd-krb5.5.xml:432 include/krb5_options.xml:163 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:157 +#: sssd.conf.5.xml:156 msgid "debug_backtrace_enabled (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:160 +#: sssd.conf.5.xml:159 msgid "Enable debug backtrace." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:163 +#: sssd.conf.5.xml:162 msgid "" "In case SSSD is run with debug_level less than 9, everything is logged to a " "ring buffer in memory and flushed to a log file on any error up to and " @@ -263,15 +263,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:172 +#: sssd.conf.5.xml:171 msgid "" "Feature is only supported for `logger == files` (i.e. setting doesn't have " "effect for other logger types)." msgstr "" #. type: Content of: outside any tag (error?) -#: sssd.conf.5.xml:112 sssd.conf.5.xml:187 sssd-ldap.5.xml:1694 -#: sssd-ldap.5.xml:1900 sss-certmap.5.xml:645 sssd-systemtap.5.xml:82 +#: sssd.conf.5.xml:111 sssd.conf.5.xml:186 sssd-ldap.5.xml:1705 +#: sssd-ldap.5.xml:1911 sss-certmap.5.xml:645 sssd-systemtap.5.xml:82 #: sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 #: sssd-systemtap.5.xml:330 sssd-ldap-attributes.5.xml:40 #: sssd-ldap-attributes.5.xml:661 sssd-ldap-attributes.5.xml:803 @@ -283,17 +283,17 @@ msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:185 +#: sssd.conf.5.xml:184 msgid "Options usable in SERVICE and DOMAIN sections" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:189 +#: sssd.conf.5.xml:188 msgid "timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:192 +#: sssd.conf.5.xml:191 msgid "" "Timeout in seconds between heartbeats for this service. This is used to " "ensure that the process is alive and capable of answering requests. Note " @@ -301,33 +301,33 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:199 sssd.conf.5.xml:1261 sssd.conf.5.xml:1738 -#: sssd.conf.5.xml:4247 sssd-ldap.5.xml:766 include/ldap_id_mapping.xml:270 +#: sssd.conf.5.xml:198 sssd.conf.5.xml:1264 sssd.conf.5.xml:1741 +#: sssd.conf.5.xml:4250 sssd-ldap.5.xml:777 include/ldap_id_mapping.xml:270 msgid "Default: 10" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:209 +#: sssd.conf.5.xml:208 msgid "SPECIAL SECTIONS" msgstr "RANNOÙ DIBAR" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:212 +#: sssd.conf.5.xml:211 msgid "The [sssd] section" msgstr "Ar rann [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><title> -#: sssd.conf.5.xml:221 +#: sssd.conf.5.xml:220 msgid "Section parameters" msgstr "Arventennoù ar rann" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:223 +#: sssd.conf.5.xml:222 msgid "services" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:226 +#: sssd.conf.5.xml:225 msgid "" "Comma separated list of services that are started when sssd itself starts. " "<phrase condition=\"have_systemd\"> The services' list is optional on " @@ -336,7 +336,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:235 +#: sssd.conf.5.xml:234 msgid "" "Supported services: nss, pam, ifp <phrase condition=\"with_sudo\">, sudo</" "phrase> <phrase condition=\"with_autofs\">, autofs</phrase> <phrase " @@ -345,7 +345,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:242 +#: sssd.conf.5.xml:241 msgid "" "<phrase condition=\"have_systemd\"> By default, all services are disabled " "and the administrator must enable the ones allowed to be used by executing: " @@ -353,12 +353,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:251 +#: sssd.conf.5.xml:250 msgid "domains" msgstr "domanioù" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:254 +#: sssd.conf.5.xml:253 msgid "" "A domain is a database containing user information. SSSD can use more " "domains at the same time, but at least one must be configured or SSSD won't " @@ -369,19 +369,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:267 sssd.conf.5.xml:3535 +#: sssd.conf.5.xml:266 sssd.conf.5.xml:3538 msgid "re_expression (string)" msgstr "re_expression (neudennad)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:270 +#: sssd.conf.5.xml:269 msgid "" "Default regular expression that describes how to parse the string containing " "user name and domain into these components." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:275 +#: sssd.conf.5.xml:274 msgid "" "Each domain can have an individual regular expression configured. For some " "ID providers there are also default regular expressions. See DOMAIN SECTIONS " @@ -389,12 +389,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:284 sssd.conf.5.xml:3592 +#: sssd.conf.5.xml:283 sssd.conf.5.xml:3595 msgid "full_name_format (string)" msgstr "full_name_format (neudennad)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:3595 +#: sssd.conf.5.xml:286 sssd.conf.5.xml:3598 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -402,70 +402,70 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:298 sssd.conf.5.xml:3606 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:3609 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 sssd.conf.5.xml:3607 +#: sssd.conf.5.xml:298 sssd.conf.5.xml:3610 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:302 sssd.conf.5.xml:3610 +#: sssd.conf.5.xml:301 sssd.conf.5.xml:3613 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:305 sssd.conf.5.xml:3613 +#: sssd.conf.5.xml:304 sssd.conf.5.xml:3616 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:311 sssd.conf.5.xml:3619 +#: sssd.conf.5.xml:310 sssd.conf.5.xml:3622 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:314 sssd.conf.5.xml:3622 +#: sssd.conf.5.xml:313 sssd.conf.5.xml:3625 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:295 sssd.conf.5.xml:3603 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:3606 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:324 +#: sssd.conf.5.xml:323 msgid "" "Each domain can have an individual format string configured. See DOMAIN " "SECTIONS for more info on this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:330 +#: sssd.conf.5.xml:329 msgid "monitor_resolv_conf (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:333 +#: sssd.conf.5.xml:332 msgid "" "Controls if SSSD should monitor the state of resolv.conf to identify when it " "needs to update its internal DNS resolver." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:343 +#: sssd.conf.5.xml:342 msgid "try_inotify (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:346 +#: sssd.conf.5.xml:345 msgid "" "By default, SSSD will attempt to use inotify to monitor configuration files " "changes and will fall back to polling every five seconds if inotify cannot " @@ -473,7 +473,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:352 +#: sssd.conf.5.xml:351 msgid "" "There are some limited situations where it is preferred that we should skip " "even trying to use inotify. In these rare cases, this option should be set " @@ -481,52 +481,52 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:358 +#: sssd.conf.5.xml:357 msgid "" "Default: true on platforms where inotify is supported. False on other " "platforms." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:362 +#: sssd.conf.5.xml:361 msgid "" "Note: this option will have no effect on platforms where inotify is " "unavailable. On these platforms, polling will always be used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 +#: sssd.conf.5.xml:368 msgid "krb5_rcache_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 +#: sssd.conf.5.xml:371 msgid "" "Directory on the filesystem where SSSD should store Kerberos replay cache " "files." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:376 +#: sssd.conf.5.xml:375 msgid "" "This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " "SSSD to let libkrb5 decide the appropriate location for the replay cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:382 +#: sssd.conf.5.xml:381 msgid "" "Default: Distribution-specific and specified at build-time. " "(__LIBKRB5_DEFAULTS__ if not configured)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:389 +#: sssd.conf.5.xml:388 msgid "user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:392 +#: sssd.conf.5.xml:391 msgid "" "A legacy (deprecated) method to configure the user to drop the privileges to " "where appropriate to avoid running as the root user. The only supported " @@ -534,14 +534,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 +#: sssd.conf.5.xml:398 msgid "" "This option is ignored if main SSSD process is started under non-root user " "initially (preferred method)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:404 +#: sssd.conf.5.xml:403 msgid "" "This option doesn't apply to socket activated services, as in this case the " "user to run the processes is configured in systemd service files. Keep in " @@ -551,17 +551,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:415 +#: sssd.conf.5.xml:414 msgid "Default: not set, process will run as root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:420 +#: sssd.conf.5.xml:419 msgid "default_domain_suffix (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:423 +#: sssd.conf.5.xml:422 +msgid "" +"Please note that this option is deprecated and domain_resolution_order " +"should be used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:426 msgid "" "This string will be used as a default domain name for all names without a " "domain name component. The main use case is environments where the primary " @@ -571,7 +578,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 +#: sssd.conf.5.xml:436 msgid "" "Please note that if this option is set all users from the primary domain " "have to use their fully qualified name, e.g. user@domain.name, to log in. " @@ -584,8 +591,8 @@ msgid "" msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:450 sssd-ldap.5.xml:878 sssd-ldap.5.xml:890 -#: sssd-ldap.5.xml:983 sssd-ad.5.xml:921 sssd-ad.5.xml:996 sssd-krb5.5.xml:468 +#: sssd.conf.5.xml:453 sssd-ldap.5.xml:889 sssd-ldap.5.xml:901 +#: sssd-ldap.5.xml:994 sssd-ad.5.xml:921 sssd-ad.5.xml:996 sssd-krb5.5.xml:468 #: sssd-ldap-attributes.5.xml:470 sssd-ldap-attributes.5.xml:978 #: include/ldap_id_mapping.xml:211 include/ldap_id_mapping.xml:222 #: include/krb5_options.xml:148 @@ -593,12 +600,12 @@ msgid "Default: not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:455 +#: sssd.conf.5.xml:458 msgid "override_space (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:458 +#: sssd.conf.5.xml:461 msgid "" "This parameter will replace spaces (space bar) with the given character for " "user and group names. e.g. (_). User name "john doe" will be " @@ -608,7 +615,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:467 +#: sssd.conf.5.xml:470 msgid "" "Please note it is a configuration error to use a replacement character that " "might be used in user or group names. If a name contains the replacement " @@ -617,22 +624,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:475 +#: sssd.conf.5.xml:478 msgid "Default: not set (spaces will not be replaced)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:480 +#: sssd.conf.5.xml:483 msgid "certificate_verification (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:488 +#: sssd.conf.5.xml:491 msgid "no_ocsp" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:490 +#: sssd.conf.5.xml:493 msgid "" "Disables Online Certificate Status Protocol (OCSP) checks. This might be " "needed if the OCSP servers defined in the certificate are not reachable from " @@ -640,12 +647,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:498 +#: sssd.conf.5.xml:501 msgid "soft_ocsp" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:500 +#: sssd.conf.5.xml:503 msgid "" "If a connection cannot be established to an OCSP responder the OCSP check is " "skipped. This option should be used to allow authentication when the system " @@ -653,61 +660,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:510 +#: sssd.conf.5.xml:513 msgid "ocsp_dgst" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:512 +#: sssd.conf.5.xml:515 msgid "" "Digest (hash) function used to create the certificate ID for the OCSP " "request. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:516 +#: sssd.conf.5.xml:519 msgid "sha1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:517 +#: sssd.conf.5.xml:520 msgid "sha256" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:518 +#: sssd.conf.5.xml:521 msgid "sha384" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:519 +#: sssd.conf.5.xml:522 msgid "sha512" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:522 +#: sssd.conf.5.xml:525 msgid "Default: sha1 (to allow compatibility with RFC5019-compliant responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:528 +#: sssd.conf.5.xml:531 msgid "no_verification" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:530 +#: sssd.conf.5.xml:533 msgid "" "Disables verification completely. This option should only be used for " "testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:536 +#: sssd.conf.5.xml:539 msgid "partial_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:538 +#: sssd.conf.5.xml:541 msgid "" "Allow verification to succeed even if a <replaceable>complete</replaceable> " "chain cannot be built to a self-signed trust-anchor, provided it is possible " @@ -715,12 +722,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:547 +#: sssd.conf.5.xml:550 msgid "ocsp_default_responder=URL" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:549 +#: sssd.conf.5.xml:552 msgid "" "Sets the OCSP default responder which should be used instead of the one " "mentioned in the certificate. URL must be replaced with the URL of the OCSP " @@ -728,24 +735,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:559 +#: sssd.conf.5.xml:562 msgid "ocsp_default_responder_signing_cert=NAME" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:561 +#: sssd.conf.5.xml:564 msgid "" "This option is currently ignored. All needed certificates must be available " "in the PEM file given by pam_cert_db_path." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:569 +#: sssd.conf.5.xml:572 msgid "crl_file=/PATH/TO/CRL/FILE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:571 +#: sssd.conf.5.xml:574 msgid "" "Use the Certificate Revocation List (CRL) from the given file during the " "verification of the certificate. The CRL must be given in PEM format, see " @@ -754,12 +761,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:584 +#: sssd.conf.5.xml:587 msgid "soft_crl" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:587 +#: sssd.conf.5.xml:590 msgid "" "If a Certificate Revocation List (CRL) is expired ignore the expiration " "time of the CRL and check the related certificates with the expired CRL. " @@ -768,7 +775,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:483 +#: sssd.conf.5.xml:486 msgid "" "With this parameter the certificate verification can be tuned with a comma " "separated list of options. Supported options are: <placeholder " @@ -776,58 +783,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 +#: sssd.conf.5.xml:603 msgid "Unknown options are reported but ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:603 +#: sssd.conf.5.xml:606 msgid "Default: not set, i.e. do not restrict certificate verification" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:609 +#: sssd.conf.5.xml:612 msgid "disable_netlink (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:612 +#: sssd.conf.5.xml:615 msgid "" "SSSD hooks into the netlink interface to monitor changes to routes, " "addresses, links and trigger certain actions." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 +#: sssd.conf.5.xml:620 msgid "" "The SSSD state changes caused by netlink events may be undesirable and can " "be disabled by setting this option to 'true'" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:622 +#: sssd.conf.5.xml:625 msgid "Default: false (netlink changes are detected)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:627 +#: sssd.conf.5.xml:630 msgid "enable_files_domain (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:630 +#: sssd.conf.5.xml:633 msgid "" "When this option is enabled, SSSD prepends an implicit domain with " "<quote>id_provider=files</quote> before any explicitly configured domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:641 +#: sssd.conf.5.xml:644 msgid "domain_resolution_order" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:644 +#: sssd.conf.5.xml:647 msgid "" "Comma separated list of domains and subdomains representing the lookup order " "that will be followed. The list doesn't have to include all possible " @@ -838,7 +845,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:656 +#: sssd.conf.5.xml:659 msgid "" "Please, note that when this option is set the output format of all commands " "is always fully-qualified even when using short names for input <phrase " @@ -856,18 +863,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:684 sssd.conf.5.xml:1762 sssd.conf.5.xml:4297 +#: sssd.conf.5.xml:687 sssd.conf.5.xml:1765 sssd.conf.5.xml:4300 #: sssd-ad.5.xml:187 sssd-ad.5.xml:328 sssd-ad.5.xml:342 msgid "Default: Not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:692 msgid "implicit_pac_responder (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 +#: sssd.conf.5.xml:695 msgid "" "The PAC responder is enabled automatically for the IPA and AD provider to " "evaluate and check the PAC. If it has to be disabled set this option to " @@ -875,12 +882,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:703 +#: sssd.conf.5.xml:706 msgid "core_dumpable (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:706 +#: sssd.conf.5.xml:709 msgid "" "This option can be used for general system hardening: setting it to 'false' " "forbids core dumps for all SSSD processes to avoid leaking plain text " @@ -888,28 +895,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:718 +#: sssd.conf.5.xml:721 #, fuzzy #| msgid "re_expression (string)" msgid "passkey_verification (string)" msgstr "re_expression (neudennad)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:726 +#: sssd.conf.5.xml:729 #, fuzzy #| msgid "re_expression (string)" msgid "user_verification (boolean)" msgstr "re_expression (neudennad)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 +#: sssd.conf.5.xml:731 msgid "" "Enable or disable the user verification (i.e. PIN, fingerprint) during " "authentication. If enabled, the PIN will always be requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 +#: sssd.conf.5.xml:737 msgid "" "The default is that the key settings decide what to do. In the IPA or " "kerberos pre-authentication case, this value will be overwritten by the " @@ -917,7 +924,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:721 +#: sssd.conf.5.xml:724 msgid "" "With this parameter the passkey verification can be tuned with a comma " "separated list of options. Supported options are: <placeholder " @@ -925,7 +932,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:214 +#: sssd.conf.5.xml:213 msgid "" "Individual pieces of SSSD functionality are provided by special SSSD " "services that are started and stopped together with SSSD. The services are " @@ -936,12 +943,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:753 +#: sssd.conf.5.xml:756 msgid "SERVICES SECTIONS" msgstr "RANNOÙ SERVIJOÙ" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:755 +#: sssd.conf.5.xml:758 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -950,22 +957,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:762 +#: sssd.conf.5.xml:765 msgid "General service configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:764 +#: sssd.conf.5.xml:767 msgid "These options can be used to configure any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:768 +#: sssd.conf.5.xml:771 msgid "fd_limit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:771 +#: sssd.conf.5.xml:774 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -975,17 +982,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:780 +#: sssd.conf.5.xml:783 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:785 +#: sssd.conf.5.xml:788 msgid "client_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:788 +#: sssd.conf.5.xml:791 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " @@ -995,19 +1002,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:797 +#: sssd.conf.5.xml:800 #, fuzzy #| msgid "Default: 3" msgid "Default: 60, KCM: 300" msgstr "Dre ziouer : 3" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 +#: sssd.conf.5.xml:805 msgid "offline_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 +#: sssd.conf.5.xml:808 msgid "" "When SSSD switches to offline mode the amount of time before it tries to go " "back online will increase based upon the time spent disconnected. By " @@ -1018,14 +1025,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:816 sssd.conf.5.xml:872 +#: sssd.conf.5.xml:819 sssd.conf.5.xml:875 msgid "" "new_delay = Minimum(old_delay * 2, offline_timeout_max) + random[0..." "offline_timeout_random_offset]" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:822 msgid "" "The offline_timeout default value is 60. The offline_timeout_max default " "value is 3600. The offline_timeout_random_offset default value is 30. The " @@ -1033,44 +1040,44 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:825 +#: sssd.conf.5.xml:828 msgid "" "Note that the maximum length of each interval is defined by " "offline_timeout_max (apart of random part)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:829 sssd.conf.5.xml:1172 sssd.conf.5.xml:1555 -#: sssd.conf.5.xml:1851 sssd-ldap.5.xml:495 +#: sssd.conf.5.xml:832 sssd.conf.5.xml:1175 sssd.conf.5.xml:1558 +#: sssd.conf.5.xml:1854 sssd-ldap.5.xml:506 msgid "Default: 60" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:834 +#: sssd.conf.5.xml:837 msgid "offline_timeout_max (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:837 +#: sssd.conf.5.xml:840 msgid "" "Controls by how much the time between attempts to go online can be " "incremented following unsuccessful attempts to go online." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:842 +#: sssd.conf.5.xml:845 msgid "A value of 0 disables the incrementing behaviour." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:845 +#: sssd.conf.5.xml:848 msgid "" "The value of this parameter should be set in correlation to offline_timeout " "parameter value." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:849 +#: sssd.conf.5.xml:852 msgid "" "With offline_timeout set to 60 (default value) there is no point in setting " "offlinet_timeout_max to less than 120 as it will saturate instantly. General " @@ -1079,62 +1086,62 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:858 msgid "" "Although a value between 0 and offline_timeout may be specified, it has the " "effect of overriding the offline_timeout value so is of little use." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:863 #, fuzzy #| msgid "Default: 3" msgid "Default: 3600" msgstr "Dre ziouer : 3" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:865 +#: sssd.conf.5.xml:868 msgid "offline_timeout_random_offset (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:868 +#: sssd.conf.5.xml:871 msgid "" "When SSSD is in offline mode it keeps probing backend servers in specified " "time intervals:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:875 +#: sssd.conf.5.xml:878 msgid "" "This parameter controls the value of the random offset used for the above " "equation. Final random_offset value will be random number in range:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:880 +#: sssd.conf.5.xml:883 msgid "[0 - offline_timeout_random_offset]" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:883 +#: sssd.conf.5.xml:886 msgid "A value of 0 disables the random offset addition." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:886 +#: sssd.conf.5.xml:889 #, fuzzy #| msgid "Default: 3" msgid "Default: 30" msgstr "Dre ziouer : 3" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:894 msgid "responder_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:894 +#: sssd.conf.5.xml:897 msgid "" "This option specifies the number of seconds that an SSSD responder process " "can be up without being used. This value is limited in order to avoid " @@ -1146,58 +1153,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:908 sssd.conf.5.xml:1185 sssd.conf.5.xml:2304 -#: sssd-ldap.5.xml:332 +#: sssd.conf.5.xml:911 sssd.conf.5.xml:1188 sssd.conf.5.xml:2307 +#: sssd-ldap.5.xml:343 msgid "Default: 300" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:913 +#: sssd.conf.5.xml:916 msgid "cache_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:916 +#: sssd.conf.5.xml:919 msgid "" "This option specifies whether the responder should query all caches before " "querying the Data Providers." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:934 msgid "NSS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:933 +#: sssd.conf.5.xml:936 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:938 +#: sssd.conf.5.xml:941 msgid "enum_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:941 +#: sssd.conf.5.xml:944 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:945 +#: sssd.conf.5.xml:948 msgid "Default: 120" msgstr "Dre ziouer : 120" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:950 +#: sssd.conf.5.xml:953 msgid "entry_cache_nowait_percentage (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:956 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -1205,7 +1212,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:959 +#: sssd.conf.5.xml:962 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -1215,7 +1222,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:969 +#: sssd.conf.5.xml:972 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -1224,17 +1231,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:977 sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:980 sssd.conf.5.xml:2096 msgid "Default: 50" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:985 msgid "entry_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:985 +#: sssd.conf.5.xml:988 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -1242,17 +1249,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:991 sssd.conf.5.xml:1750 sssd.conf.5.xml:2117 +#: sssd.conf.5.xml:994 sssd.conf.5.xml:1753 sssd.conf.5.xml:2120 msgid "Default: 15" msgstr "Dre ziouer : 15" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:996 +#: sssd.conf.5.xml:999 msgid "local_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:999 +#: sssd.conf.5.xml:1002 msgid "" "Specifies for how many seconds nss_sss should keep local users and groups in " "negative cache before trying to look it up in the back end again. Setting " @@ -1260,17 +1267,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1005 +#: sssd.conf.5.xml:1008 msgid "Default: 14400 (4 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1013 msgid "filter_users, filter_groups (string)" msgstr "filter_users, filter_groups (neudennad)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1013 +#: sssd.conf.5.xml:1016 msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " @@ -1279,7 +1286,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1024 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1288,41 +1295,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1029 +#: sssd.conf.5.xml:1032 msgid "Default: root" msgstr "Dre zoiuer : root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1037 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1037 +#: sssd.conf.5.xml:1040 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1048 +#: sssd.conf.5.xml:1051 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 +#: sssd.conf.5.xml:1054 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1056 +#: sssd.conf.5.xml:1059 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1062 +#: sssd.conf.5.xml:1065 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1330,23 +1337,23 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 sssd.conf.5.xml:1622 sssd.conf.5.xml:1641 -#: sssd.conf.5.xml:1718 sssd-krb5.5.xml:451 include/override_homedir.xml:66 +#: sssd.conf.5.xml:1063 sssd.conf.5.xml:1625 sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1721 sssd-krb5.5.xml:451 include/override_homedir.xml:66 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1069 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1072 +#: sssd.conf.5.xml:1075 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 +#: sssd.conf.5.xml:1078 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1354,47 +1361,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1084 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1090 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1093 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:1096 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1097 +#: sssd.conf.5.xml:1100 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1105 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 +#: sssd.conf.5.xml:1110 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1110 +#: sssd.conf.5.xml:1113 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1402,113 +1409,113 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1117 +#: sssd.conf.5.xml:1120 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1123 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1127 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1132 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1132 +#: sssd.conf.5.xml:1135 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1140 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1143 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1147 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1152 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1155 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1161 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 sssd.conf.5.xml:1548 +#: sssd.conf.5.xml:1168 sssd.conf.5.xml:1551 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 sssd.conf.5.xml:1551 +#: sssd.conf.5.xml:1171 sssd.conf.5.xml:1554 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1180 msgid "memcache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1180 +#: sssd.conf.5.xml:1183 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1191 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 sssd.conf.5.xml:1219 sssd.conf.5.xml:1244 -#: sssd.conf.5.xml:1269 sssd.conf.5.xml:1296 +#: sssd.conf.5.xml:1197 sssd.conf.5.xml:1222 sssd.conf.5.xml:1247 +#: sssd.conf.5.xml:1272 sssd.conf.5.xml:1299 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1202 +#: sssd.conf.5.xml:1205 msgid "memcache_size_passwd (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1205 +#: sssd.conf.5.xml:1208 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for passwd requests. Setting the size to 0 will disable the passwd in-" @@ -1516,25 +1523,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:2963 sssd-ldap.5.xml:549 +#: sssd.conf.5.xml:1214 sssd.conf.5.xml:2966 sssd-ldap.5.xml:560 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1214 sssd.conf.5.xml:1239 sssd.conf.5.xml:1264 -#: sssd.conf.5.xml:1291 +#: sssd.conf.5.xml:1217 sssd.conf.5.xml:1242 sssd.conf.5.xml:1267 +#: sssd.conf.5.xml:1294 msgid "" "WARNING: Disabled or too small in-memory cache can have significant negative " "impact on SSSD's performance." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1230 msgid "memcache_size_group (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1233 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for group requests. Setting the size to 0 will disable the group in-memory " @@ -1542,19 +1549,19 @@ msgid "" msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1236 sssd.conf.5.xml:1288 sssd.conf.5.xml:3724 -#: sssd-ldap.5.xml:474 sssd-ldap.5.xml:526 include/failover.xml:116 +#: sssd.conf.5.xml:1239 sssd.conf.5.xml:1291 sssd.conf.5.xml:3727 +#: sssd-ldap.5.xml:485 sssd-ldap.5.xml:537 include/failover.xml:116 #: include/krb5_options.xml:11 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1252 +#: sssd.conf.5.xml:1255 msgid "memcache_size_initgroups (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1255 +#: sssd.conf.5.xml:1258 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for initgroups requests. Setting the size to 0 will disable the initgroups " @@ -1562,12 +1569,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 +#: sssd.conf.5.xml:1280 msgid "memcache_size_sid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 +#: sssd.conf.5.xml:1283 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for SID related requests. Only SID-by-ID and ID-by-SID requests are " @@ -1576,12 +1583,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1304 sssd-ifp.5.xml:90 +#: sssd.conf.5.xml:1307 sssd-ifp.5.xml:90 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1307 +#: sssd.conf.5.xml:1310 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1592,45 +1599,45 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1320 +#: sssd.conf.5.xml:1323 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1325 +#: sssd.conf.5.xml:1328 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1330 +#: sssd.conf.5.xml:1333 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1336 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1341 #, fuzzy #| msgid "Default: true" msgid "Default: <quote>*</quote>" msgstr "Dre ziouer : true" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1341 +#: sssd.conf.5.xml:1344 msgid "" "Note: This option can also be set per-domain which overwrites the value in " "[nss] section." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1348 msgid "" "Default: <quote>not set</quote> (remote domains), <phrase " "condition=\"with_files_provider\"> <quote>x</quote> (the files domain), </" @@ -1639,60 +1646,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1360 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1359 +#: sssd.conf.5.xml:1362 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1364 +#: sssd.conf.5.xml:1367 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1367 +#: sssd.conf.5.xml:1370 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1372 sssd.conf.5.xml:1385 +#: sssd.conf.5.xml:1375 sssd.conf.5.xml:1388 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1381 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1384 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1391 +#: sssd.conf.5.xml:1394 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1394 +#: sssd.conf.5.xml:1397 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1399 +#: sssd.conf.5.xml:1402 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1700,61 +1707,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1405 sssd.conf.5.xml:1515 +#: sssd.conf.5.xml:1408 sssd.conf.5.xml:1518 msgid "Default: 5" msgstr "Dre zoiuer : 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1411 +#: sssd.conf.5.xml:1414 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1414 +#: sssd.conf.5.xml:1417 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1422 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1422 +#: sssd.conf.5.xml:1425 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1425 +#: sssd.conf.5.xml:1428 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1432 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1435 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1436 sssd.8.xml:63 +#: sssd.conf.5.xml:1439 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1442 +#: sssd.conf.5.xml:1445 #, fuzzy #| msgid "re_expression (string)" msgid "pam_response_filter (string)" msgstr "re_expression (neudennad)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:1448 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1763,51 +1770,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1453 +#: sssd.conf.5.xml:1456 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1463 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1461 +#: sssd.conf.5.xml:1464 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1464 +#: sssd.conf.5.xml:1467 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1465 +#: sssd.conf.5.xml:1468 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:1472 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1470 +#: sssd.conf.5.xml:1473 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1458 +#: sssd.conf.5.xml:1461 msgid "" "Currently the following filters are supported: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1477 +#: sssd.conf.5.xml:1480 msgid "" "The list of strings can either be the list of filters which would set this " "list of filters and overwrite the defaults. Or each element of the list can " @@ -1818,23 +1825,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1488 +#: sssd.conf.5.xml:1491 msgid "Default: ENV:KRB5CCNAME:sudo, ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1491 +#: sssd.conf.5.xml:1494 msgid "" "Example: -ENV:KRB5CCNAME:sudo-i will remove the filter from the default list" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1498 +#: sssd.conf.5.xml:1501 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1501 +#: sssd.conf.5.xml:1504 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1842,7 +1849,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1507 +#: sssd.conf.5.xml:1510 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1851,17 +1858,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1521 +#: sssd.conf.5.xml:1524 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1524 sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:1527 sssd.conf.5.xml:2990 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1527 +#: sssd.conf.5.xml:1530 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1869,32 +1876,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1533 sssd.conf.5.xml:2990 +#: sssd.conf.5.xml:1536 sssd.conf.5.xml:2993 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1541 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1543 sssd.conf.5.xml:3990 sssd-ldap.5.xml:607 -#: sssd-ldap.5.xml:1673 sssd.8.xml:79 +#: sssd.conf.5.xml:1546 sssd.conf.5.xml:3993 sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:1684 sssd.8.xml:79 msgid "Default: 0" msgstr "Dre ziouer : 0" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1560 +#: sssd.conf.5.xml:1563 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1563 +#: sssd.conf.5.xml:1566 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1904,75 +1911,75 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1573 +#: sssd.conf.5.xml:1576 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1577 +#: sssd.conf.5.xml:1580 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1584 +#: sssd.conf.5.xml:1587 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1587 +#: sssd.conf.5.xml:1590 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1591 +#: sssd.conf.5.xml:1594 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1595 +#: sssd.conf.5.xml:1598 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1602 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1603 sssd.conf.5.xml:1628 sssd.conf.5.xml:1647 -#: sssd.conf.5.xml:1884 sssd.conf.5.xml:2725 sssd.conf.5.xml:3919 -#: sssd-ldap.5.xml:1210 +#: sssd.conf.5.xml:1606 sssd.conf.5.xml:1631 sssd.conf.5.xml:1650 +#: sssd.conf.5.xml:1887 sssd.conf.5.xml:2728 sssd.conf.5.xml:3922 +#: sssd-ldap.5.xml:1221 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1611 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1611 +#: sssd.conf.5.xml:1614 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1616 +#: sssd.conf.5.xml:1619 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1627 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1980,19 +1987,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1633 +#: sssd.conf.5.xml:1636 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1639 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1643 +#: sssd.conf.5.xml:1646 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -2000,46 +2007,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1652 +#: sssd.conf.5.xml:1655 msgid "pam_passkey_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1655 +#: sssd.conf.5.xml:1658 msgid "Enable passkey device based authentication." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1658 sssd.conf.5.xml:1970 sssd-ad.5.xml:1272 +#: sssd.conf.5.xml:1661 sssd.conf.5.xml:1973 sssd-ad.5.xml:1275 #: sss_rpcidmapd.5.xml:76 sssd-files.5.xml:145 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1663 +#: sssd.conf.5.xml:1666 msgid "passkey_debug_libfido2 (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1666 +#: sssd.conf.5.xml:1669 msgid "Enable libfido2 library debug messages." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1669 sssd.conf.5.xml:1683 sssd-ldap.5.xml:672 -#: sssd-ldap.5.xml:693 sssd-ldap.5.xml:789 sssd-ldap.5.xml:1296 -#: sssd-ad.5.xml:506 sssd-ad.5.xml:582 sssd-ad.5.xml:1127 sssd-ad.5.xml:1176 +#: sssd.conf.5.xml:1672 sssd.conf.5.xml:1686 sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:704 sssd-ldap.5.xml:800 sssd-ldap.5.xml:1307 +#: sssd-ad.5.xml:506 sssd-ad.5.xml:582 sssd-ad.5.xml:1127 sssd-ad.5.xml:1179 #: include/ldap_id_mapping.xml:250 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1674 +#: sssd.conf.5.xml:1677 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1677 +#: sssd.conf.5.xml:1680 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -2047,36 +2054,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1688 +#: sssd.conf.5.xml:1691 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1691 +#: sssd.conf.5.xml:1694 msgid "The path to the certificate database." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1694 sssd.conf.5.xml:2219 sssd.conf.5.xml:4411 +#: sssd.conf.5.xml:1697 sssd.conf.5.xml:2222 sssd.conf.5.xml:4414 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1696 sssd.conf.5.xml:2221 +#: sssd.conf.5.xml:1699 sssd.conf.5.xml:2224 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (path to a file with trusted CA " "certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:1709 #, fuzzy #| msgid "re_expression (string)" msgid "pam_cert_verification (string)" msgstr "re_expression (neudennad)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:1712 msgid "" "With this parameter the PAM certificate verification can be tuned with a " "comma separated list of options that override the " @@ -2086,7 +2093,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:1723 #, no-wrap msgid "" "pam_cert_verification = partial_chain\n" @@ -2094,61 +2101,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:1727 msgid "" "Default: not set, i.e. use default <quote>certificate_verification</quote> " "option defined in <quote>[sssd]</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1731 +#: sssd.conf.5.xml:1734 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1734 +#: sssd.conf.5.xml:1737 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1743 +#: sssd.conf.5.xml:1746 msgid "passkey_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 +#: sssd.conf.5.xml:1749 msgid "" "How many seconds will the PAM responder wait for passkey_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1758 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1761 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1767 +#: sssd.conf.5.xml:1770 #, fuzzy #| msgid "re_expression (string)" msgid "pam_p11_allowed_services (string)" msgstr "re_expression (neudennad)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1770 +#: sssd.conf.5.xml:1773 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1785 +#: sssd.conf.5.xml:1788 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -2156,7 +2163,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1774 +#: sssd.conf.5.xml:1777 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -2168,63 +2175,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1789 sssd-ad.5.xml:645 sssd-ad.5.xml:754 sssd-ad.5.xml:812 +#: sssd.conf.5.xml:1792 sssd-ad.5.xml:645 sssd-ad.5.xml:754 sssd-ad.5.xml:812 #: sssd-ad.5.xml:870 sssd-ad.5.xml:948 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1794 sssd-ad.5.xml:649 +#: sssd.conf.5.xml:1797 sssd-ad.5.xml:649 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1799 sssd-ad.5.xml:654 +#: sssd.conf.5.xml:1802 sssd-ad.5.xml:654 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1804 sssd-ad.5.xml:659 +#: sssd.conf.5.xml:1807 sssd-ad.5.xml:659 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1809 sssd-ad.5.xml:674 +#: sssd.conf.5.xml:1812 sssd-ad.5.xml:674 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1814 sssd-ad.5.xml:669 +#: sssd.conf.5.xml:1817 sssd-ad.5.xml:669 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1819 sssd-ad.5.xml:679 +#: sssd.conf.5.xml:1822 sssd-ad.5.xml:679 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1824 sssd-ad.5.xml:957 +#: sssd.conf.5.xml:1827 sssd-ad.5.xml:957 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1829 sssd-ad.5.xml:962 +#: sssd.conf.5.xml:1832 sssd-ad.5.xml:962 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1837 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1845 msgid "p11_wait_for_card_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1845 +#: sssd.conf.5.xml:1848 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2232,12 +2239,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1856 +#: sssd.conf.5.xml:1859 msgid "p11_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1859 +#: sssd.conf.5.xml:1862 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " @@ -2248,7 +2255,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1872 +#: sssd.conf.5.xml:1875 #, no-wrap msgid "" "p11_uri = pkcs11:slot-description=My%20Smartcard%20Reader\n" @@ -2256,7 +2263,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1876 +#: sssd.conf.5.xml:1879 #, no-wrap msgid "" "p11_uri = pkcs11:library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2264,7 +2271,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1870 +#: sssd.conf.5.xml:1873 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2273,47 +2280,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1892 msgid "pam_initgroups_scheme" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1897 +#: sssd.conf.5.xml:1900 msgid "always" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1898 +#: sssd.conf.5.xml:1901 msgid "" "Always do an online lookup, please note that pam_id_timeout still applies" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1902 +#: sssd.conf.5.xml:1905 msgid "no_session" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1903 +#: sssd.conf.5.xml:1906 msgid "" "Only do an online lookup if there is no active session of the user, i.e. if " "the user is currently not logged in" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1908 +#: sssd.conf.5.xml:1911 msgid "never" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1909 +#: sssd.conf.5.xml:1912 msgid "" "Never force an online lookup, use the data from the cache as long as they " "are not expired" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1892 +#: sssd.conf.5.xml:1895 msgid "" "The PAM responder can force an online lookup to get the current group " "memberships of the user trying to log in. This option controls when this " @@ -2322,30 +2329,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1916 +#: sssd.conf.5.xml:1919 msgid "Default: no_session" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1921 sssd.conf.5.xml:4350 +#: sssd.conf.5.xml:1924 sssd.conf.5.xml:4353 msgid "pam_gssapi_services" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1924 +#: sssd.conf.5.xml:1927 msgid "" "Comma separated list of PAM services that are allowed to try GSSAPI " "authentication using pam_sss_gss.so module." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:1932 msgid "" "To disable GSSAPI authentication, set this option to <quote>-</quote> (dash)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1933 sssd.conf.5.xml:1964 sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:1936 sssd.conf.5.xml:1967 sssd.conf.5.xml:2005 msgid "" "Note: This option can also be set per-domain which overwrites the value in " "[pam] section. It can also be set for trusted domain which overwrites the " @@ -2353,7 +2360,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1941 +#: sssd.conf.5.xml:1944 #, no-wrap msgid "" "pam_gssapi_services = sudo, sudo-i\n" @@ -2361,22 +2368,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1939 sssd.conf.5.xml:3913 +#: sssd.conf.5.xml:1942 sssd.conf.5.xml:3916 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1945 +#: sssd.conf.5.xml:1948 msgid "Default: - (GSSAPI authentication is disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1950 sssd.conf.5.xml:4351 +#: sssd.conf.5.xml:1953 sssd.conf.5.xml:4354 msgid "pam_gssapi_check_upn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1953 +#: sssd.conf.5.xml:1956 msgid "" "If True, SSSD will require that the Kerberos user principal that " "successfully authenticated through GSSAPI can be associated with the user " @@ -2384,19 +2391,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1960 +#: sssd.conf.5.xml:1963 msgid "" "If False, every user that is able to obtained required service ticket will " "be authenticated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:1978 msgid "pam_gssapi_indicators_map" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1978 +#: sssd.conf.5.xml:1981 msgid "" "Comma separated list of authentication indicators required to be present in " "a Kerberos ticket to access a PAM service that is allowed to try GSSAPI " @@ -2404,7 +2411,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1984 +#: sssd.conf.5.xml:1987 msgid "" "Each element of the list can be either an authentication indicator name or a " "pair <quote>service:indicator</quote>. Indicators not prefixed with the PAM " @@ -2419,7 +2426,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1997 +#: sssd.conf.5.xml:2000 msgid "" "To disable GSSAPI authentication indicator check, set this option to <quote>-" "</quote> (dash). To disable the check for a specific PAM service, add " @@ -2427,45 +2434,45 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2008 +#: sssd.conf.5.xml:2011 msgid "" "Following authentication indicators are supported by IPA Kerberos " "deployments:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2011 +#: sssd.conf.5.xml:2014 msgid "" "pkinit -- pre-authentication using X.509 certificates -- whether stored in " "files or on smart cards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2014 +#: sssd.conf.5.xml:2017 msgid "" "hardened -- SPAKE pre-authentication or any pre-authentication wrapped in a " "FAST channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2017 +#: sssd.conf.5.xml:2020 msgid "radius -- pre-authentication with the help of a RADIUS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2020 +#: sssd.conf.5.xml:2023 msgid "" "otp -- pre-authentication using integrated two-factor authentication (2FA or " "one-time password, OTP) in IPA." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2023 +#: sssd.conf.5.xml:2026 msgid "idp -- pre-authentication using external identity provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2033 +#: sssd.conf.5.xml:2036 #, no-wrap msgid "" "pam_gssapi_indicators_map = sudo:pkinit, sudo-i:pkinit\n" @@ -2473,7 +2480,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2028 +#: sssd.conf.5.xml:2031 msgid "" "Example: to require access to SUDO services only for users which obtained " "their Kerberos tickets with a X.509 certificate pre-authentication (PKINIT), " @@ -2481,17 +2488,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2037 +#: sssd.conf.5.xml:2040 msgid "Default: not set (use of authentication indicators is not required)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2048 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2047 +#: sssd.conf.5.xml:2050 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2502,24 +2509,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2064 +#: sssd.conf.5.xml:2067 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2067 +#: sssd.conf.5.xml:2070 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2079 +#: sssd.conf.5.xml:2082 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2082 +#: sssd.conf.5.xml:2085 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2529,22 +2536,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2101 +#: sssd.conf.5.xml:2104 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2103 +#: sssd.conf.5.xml:2106 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2107 +#: sssd.conf.5.xml:2110 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2110 +#: sssd.conf.5.xml:2113 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2552,51 +2559,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2126 +#: sssd.conf.5.xml:2129 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2128 +#: sssd.conf.5.xml:2131 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:2135 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2135 +#: sssd.conf.5.xml:2138 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2144 +#: sssd.conf.5.xml:2147 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2147 +#: sssd.conf.5.xml:2150 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2154 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2156 +#: sssd.conf.5.xml:2159 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2159 +#: sssd.conf.5.xml:2162 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2605,12 +2612,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2174 +#: sssd.conf.5.xml:2177 msgid "ssh_use_certificate_matching_rules (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2177 +#: sssd.conf.5.xml:2180 msgid "" "By default the ssh responder will use all available certificate matching " "rules to filter the certificates so that ssh keys are only derived from the " @@ -2620,7 +2627,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2186 +#: sssd.conf.5.xml:2189 msgid "" "There are two special key words 'all_rules' and 'no_rules' which will enable " "all or no rules, respectively. The latter means that no certificates will be " @@ -2628,7 +2635,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2193 +#: sssd.conf.5.xml:2196 msgid "" "If no rules are configured using 'all_rules' will enable a default rule " "which enables all certificates suitable for client authentication. This is " @@ -2637,38 +2644,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2200 +#: sssd.conf.5.xml:2203 msgid "" "A non-existing rule name is considered an error. If as a result no rule is " "selected all certificates will be ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2205 +#: sssd.conf.5.xml:2208 msgid "" "Default: not set, equivalent to 'all_rules', all found rules or the default " "rule are used" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2211 +#: sssd.conf.5.xml:2214 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2214 +#: sssd.conf.5.xml:2217 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2234 +#: sssd.conf.5.xml:2237 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2239 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2679,7 +2686,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2245 +#: sssd.conf.5.xml:2248 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2690,24 +2697,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2253 +#: sssd.conf.5.xml:2256 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2259 +#: sssd.conf.5.xml:2262 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2263 sssd-ifp.5.xml:66 +#: sssd.conf.5.xml:2266 sssd-ifp.5.xml:66 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2266 +#: sssd.conf.5.xml:2269 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2715,19 +2722,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2272 +#: sssd.conf.5.xml:2275 msgid "" "Default: 0, &sssd_user_name; (only root and SSSD service users are allowed " "to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2279 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2280 +#: sssd.conf.5.xml:2283 msgid "" "Please note that defaults will be overwritten with this option. If you still " "want to allow the root and/or '&sssd_user_name;' user to access the PAC " @@ -2736,7 +2743,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2287 +#: sssd.conf.5.xml:2290 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2745,26 +2752,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2296 +#: sssd.conf.5.xml:2299 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2299 +#: sssd.conf.5.xml:2302 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2309 +#: sssd.conf.5.xml:2312 #, fuzzy #| msgid "re_expression (string)" msgid "pac_check (string)" msgstr "re_expression (neudennad)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2312 +#: sssd.conf.5.xml:2315 msgid "" "Apply additional checks on the PAC of the Kerberos ticket which is available " "in Active Directory and FreeIPA domains, if configured. Please note that " @@ -2775,24 +2782,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2326 +#: sssd.conf.5.xml:2329 msgid "no_check" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2328 +#: sssd.conf.5.xml:2331 msgid "" "The PAC must not be present and even if it is present no additional checks " "will be done." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2334 +#: sssd.conf.5.xml:2337 msgid "pac_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:2339 msgid "" "The PAC must be present in the service ticket which SSSD will request with " "the help of the user's TGT. If the PAC is not available the authentication " @@ -2800,24 +2807,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2344 +#: sssd.conf.5.xml:2347 msgid "check_upn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2346 +#: sssd.conf.5.xml:2349 msgid "" "If the PAC is present check if the user principal name (UPN) information is " "consistent." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2352 +#: sssd.conf.5.xml:2355 msgid "check_upn_allow_missing" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2357 msgid "" "This option should be used together with 'check_upn' and handles the case " "where a UPN is set on the server-side but is not read by SSSD. The typical " @@ -2829,7 +2836,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2366 +#: sssd.conf.5.xml:2369 msgid "" "Currently this option is set by default to avoid regressions in such " "environments. A log message will be added to the system log and SSSD's debug " @@ -2840,60 +2847,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2380 +#: sssd.conf.5.xml:2383 msgid "upn_dns_info_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2382 +#: sssd.conf.5.xml:2385 msgid "The PAC must contain the UPN-DNS-INFO buffer, implies 'check_upn'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2387 +#: sssd.conf.5.xml:2390 msgid "check_upn_dns_info_ex" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2389 +#: sssd.conf.5.xml:2392 msgid "" "If the PAC is present and the extension to the UPN-DNS-INFO buffer is " "available check if the information in the extension is consistent." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2396 +#: sssd.conf.5.xml:2399 msgid "upn_dns_info_ex_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2401 msgid "" "The PAC must contain the extension of the UPN-DNS-INFO buffer, implies " "'check_upn_dns_info_ex', 'upn_dns_info_present' and 'check_upn'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2325 msgid "" "The following options can be used alone or in a comma-separated list: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2408 +#: sssd.conf.5.xml:2411 msgid "" "Default: no_check (AD and IPA provider 'check_upn, check_upn_allow_missing, " "check_upn_dns_info_ex')" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2417 +#: sssd.conf.5.xml:2420 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2419 +#: sssd.conf.5.xml:2422 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2903,66 +2910,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2432 +#: sssd.conf.5.xml:2435 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2436 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:2439 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2443 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:2446 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2446 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:2449 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2451 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:2454 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2454 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:2457 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2463 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:2466 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2466 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:2469 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2439 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:2442 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:2476 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2478 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:2481 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2481 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:2484 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2970,17 +2977,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2487 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:2490 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2492 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:2495 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2495 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:2498 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2988,7 +2995,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2501 sssd.conf.5.xml:2533 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:2504 sssd.conf.5.xml:2536 sssd-session-recording.5.xml:129 #: sssd-session-recording.5.xml:161 msgid "" "NOTE: using this option (having it set to anything) has a considerable " @@ -2997,61 +3004,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2508 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:2511 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2513 sssd-session-recording.5.xml:141 +#: sssd.conf.5.xml:2516 sssd-session-recording.5.xml:141 #, fuzzy #| msgid "re_expression (string)" msgid "exclude_users (string)" msgstr "re_expression (neudennad)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2516 sssd-session-recording.5.xml:144 +#: sssd.conf.5.xml:2519 sssd-session-recording.5.xml:144 msgid "" "A comma-separated list of users to be excluded from recording, only " "applicable with 'scope=all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2520 sssd-session-recording.5.xml:148 +#: sssd.conf.5.xml:2523 sssd-session-recording.5.xml:148 msgid "Default: Empty. No users excluded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2525 sssd-session-recording.5.xml:153 +#: sssd.conf.5.xml:2528 sssd-session-recording.5.xml:153 #, fuzzy #| msgid "filter_users, filter_groups (string)" msgid "exclude_groups (string)" msgstr "filter_users, filter_groups (neudennad)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2528 sssd-session-recording.5.xml:156 +#: sssd.conf.5.xml:2531 sssd-session-recording.5.xml:156 msgid "" "A comma-separated list of groups, members of which should be excluded from " "recording. Only applicable with 'scope=all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2540 sssd-session-recording.5.xml:168 +#: sssd.conf.5.xml:2543 sssd-session-recording.5.xml:168 msgid "Default: Empty. No groups excluded." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:2550 +#: sssd.conf.5.xml:2553 msgid "DOMAIN SECTIONS" msgstr "RANNOÙ DOMANI" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para> -#: sssd.conf.5.xml:2557 sssd.conf.5.xml:4041 sssd.conf.5.xml:4042 -#: sssd.conf.5.xml:4045 +#: sssd.conf.5.xml:2560 sssd.conf.5.xml:4044 sssd.conf.5.xml:4045 +#: sssd.conf.5.xml:4048 msgid "enabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2560 +#: sssd.conf.5.xml:2563 msgid "" "Explicitly enable or disable the domain. If <quote>true</quote>, the domain " "is always <quote>enabled</quote>. If <quote>false</quote>, the domain is " @@ -3061,12 +3068,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2572 +#: sssd.conf.5.xml:2575 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2578 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -3075,14 +3082,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2583 +#: sssd.conf.5.xml:2586 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2587 +#: sssd.conf.5.xml:2590 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -3091,38 +3098,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2595 +#: sssd.conf.5.xml:2598 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2602 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2603 +#: sssd.conf.5.xml:2606 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2609 +#: sssd.conf.5.xml:2612 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2615 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2617 +#: sssd.conf.5.xml:2620 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -3131,24 +3138,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2627 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2631 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2637 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2637 +#: sssd.conf.5.xml:2640 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -3157,36 +3164,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:2648 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:2651 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2651 sssd.conf.5.xml:2942 sssd.conf.5.xml:3119 +#: sssd.conf.5.xml:2654 sssd.conf.5.xml:2945 sssd.conf.5.xml:3122 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2654 +#: sssd.conf.5.xml:2657 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2659 +#: sssd.conf.5.xml:2662 msgid "" "Feature is only supported for domains with id_provider = ldap or id_provider " "= proxy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2663 +#: sssd.conf.5.xml:2666 msgid "" "Note: Enabling enumeration has a severe performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -3200,14 +3207,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2678 +#: sssd.conf.5.xml:2681 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2683 +#: sssd.conf.5.xml:2686 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -3216,14 +3223,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2694 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2696 +#: sssd.conf.5.xml:2699 msgid "" "Note: the proxy provider is tested with open source modules like " "'libnss_files' and 'libnss_ldap'. 3rd party modules must follow the " @@ -3231,32 +3238,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2705 +#: sssd.conf.5.xml:2708 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2712 +#: sssd.conf.5.xml:2715 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2716 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2716 +#: sssd.conf.5.xml:2719 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2717 +#: sssd.conf.5.xml:2720 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2708 +#: sssd.conf.5.xml:2711 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -3265,19 +3272,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2731 +#: sssd.conf.5.xml:2734 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2734 +#: sssd.conf.5.xml:2737 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2738 +#: sssd.conf.5.xml:2741 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -3288,139 +3295,139 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2751 +#: sssd.conf.5.xml:2754 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2757 +#: sssd.conf.5.xml:2760 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2760 +#: sssd.conf.5.xml:2763 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2764 sssd.conf.5.xml:2777 sssd.conf.5.xml:2790 -#: sssd.conf.5.xml:2803 sssd.conf.5.xml:2817 sssd.conf.5.xml:2830 -#: sssd.conf.5.xml:2844 sssd.conf.5.xml:2858 sssd.conf.5.xml:2871 +#: sssd.conf.5.xml:2767 sssd.conf.5.xml:2780 sssd.conf.5.xml:2793 +#: sssd.conf.5.xml:2806 sssd.conf.5.xml:2820 sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2847 sssd.conf.5.xml:2861 sssd.conf.5.xml:2874 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2773 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2776 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2783 +#: sssd.conf.5.xml:2786 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2786 +#: sssd.conf.5.xml:2789 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2796 +#: sssd.conf.5.xml:2799 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2799 +#: sssd.conf.5.xml:2802 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2812 msgid "entry_cache_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2812 +#: sssd.conf.5.xml:2815 msgid "" "How many seconds should nss_sss consider hosts and networks entries valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:2826 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2826 +#: sssd.conf.5.xml:2829 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2836 +#: sssd.conf.5.xml:2839 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2839 +#: sssd.conf.5.xml:2842 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2850 +#: sssd.conf.5.xml:2853 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2853 +#: sssd.conf.5.xml:2856 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2867 msgid "entry_cache_computer_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2867 +#: sssd.conf.5.xml:2870 msgid "" "How many seconds to keep the local computer entry before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2877 +#: sssd.conf.5.xml:2880 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2880 +#: sssd.conf.5.xml:2883 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2885 +#: sssd.conf.5.xml:2888 msgid "" "The background refresh will process users, groups and netgroups in the " "cache. For users who have performed the initgroups (get group membership for " @@ -3429,17 +3436,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2893 +#: sssd.conf.5.xml:2896 msgid "This option is automatically inherited for all trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2897 +#: sssd.conf.5.xml:2900 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2901 +#: sssd.conf.5.xml:2904 msgid "" "Cache entry will be refreshed by background task when 2/3 of cache timeout " "has already passed. If there are existing cached entries, the background " @@ -3451,18 +3458,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2914 sssd-ldap.5.xml:361 sssd-ldap.5.xml:1774 +#: sssd.conf.5.xml:2917 sssd-ldap.5.xml:372 sssd-ldap.5.xml:1785 #: sssd-ipa.5.xml:270 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2920 +#: sssd.conf.5.xml:2923 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:2926 msgid "" "Determines if user credentials are also cached in the local LDB cache. The " "cached credentials refer to passwords, which includes the first (long term) " @@ -3473,7 +3480,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2934 +#: sssd.conf.5.xml:2937 msgid "" "Take a note that while credentials are stored as a salted SHA512 hash, this " "still potentially poses some security risk in case an attacker manages to " @@ -3482,12 +3489,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:2951 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2951 +#: sssd.conf.5.xml:2954 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -3495,19 +3502,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2958 +#: sssd.conf.5.xml:2961 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:2972 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:2975 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -3516,17 +3523,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2979 +#: sssd.conf.5.xml:2982 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:2987 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2995 +#: sssd.conf.5.xml:2998 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -3535,28 +3542,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3002 +#: sssd.conf.5.xml:3005 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3008 +#: sssd.conf.5.xml:3011 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3011 +#: sssd.conf.5.xml:3014 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3015 +#: sssd.conf.5.xml:3018 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3018 +#: sssd.conf.5.xml:3021 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3564,7 +3571,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3026 +#: sssd.conf.5.xml:3029 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3572,8 +3579,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3034 sssd.conf.5.xml:3145 sssd.conf.5.xml:3196 -#: sssd.conf.5.xml:3259 +#: sssd.conf.5.xml:3037 sssd.conf.5.xml:3148 sssd.conf.5.xml:3199 +#: sssd.conf.5.xml:3262 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Identity Management provider. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3581,8 +3588,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3043 sssd.conf.5.xml:3154 sssd.conf.5.xml:3205 -#: sssd.conf.5.xml:3268 +#: sssd.conf.5.xml:3046 sssd.conf.5.xml:3157 sssd.conf.5.xml:3208 +#: sssd.conf.5.xml:3271 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3590,19 +3597,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3054 +#: sssd.conf.5.xml:3057 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3057 +#: sssd.conf.5.xml:3060 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3062 +#: sssd.conf.5.xml:3065 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -3611,7 +3618,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3070 +#: sssd.conf.5.xml:3073 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -3619,24 +3626,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3077 +#: sssd.conf.5.xml:3080 msgid "" "Default: FALSE (TRUE for trusted domain/sub-domains or if " "default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3084 +#: sssd.conf.5.xml:3087 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3087 +#: sssd.conf.5.xml:3090 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3090 +#: sssd.conf.5.xml:3093 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -3648,7 +3655,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3111 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -3656,30 +3663,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3114 sssd.conf.5.xml:3835 sssd-ldap.5.xml:327 -#: sssd-ldap.5.xml:356 sssd-ldap.5.xml:409 sssd-ldap.5.xml:469 -#: sssd-ldap.5.xml:490 sssd-ldap.5.xml:521 sssd-ldap.5.xml:544 -#: sssd-ldap.5.xml:583 sssd-ldap.5.xml:602 sssd-ldap.5.xml:626 -#: sssd-ldap.5.xml:1054 sssd-ldap.5.xml:1087 +#: sssd.conf.5.xml:3117 sssd.conf.5.xml:3838 sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:367 sssd-ldap.5.xml:420 sssd-ldap.5.xml:480 +#: sssd-ldap.5.xml:501 sssd-ldap.5.xml:532 sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:594 sssd-ldap.5.xml:613 sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:1065 sssd-ldap.5.xml:1098 msgid "" "This option can be also set per subdomain or inherited via " "<emphasis>subdomain_inherit</emphasis>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3124 +#: sssd.conf.5.xml:3127 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3127 +#: sssd.conf.5.xml:3130 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3131 sssd.conf.5.xml:3189 +#: sssd.conf.5.xml:3134 sssd.conf.5.xml:3192 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3687,7 +3694,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3138 +#: sssd.conf.5.xml:3141 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3695,30 +3702,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3162 +#: sssd.conf.5.xml:3165 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3168 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3168 +#: sssd.conf.5.xml:3171 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3174 +#: sssd.conf.5.xml:3177 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3177 +#: sssd.conf.5.xml:3180 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3726,19 +3733,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3183 +#: sssd.conf.5.xml:3186 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3186 +#: sssd.conf.5.xml:3189 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3213 +#: sssd.conf.5.xml:3216 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3747,7 +3754,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3223 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3755,29 +3762,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3227 +#: sssd.conf.5.xml:3230 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3230 +#: sssd.conf.5.xml:3233 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3235 +#: sssd.conf.5.xml:3238 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3238 +#: sssd.conf.5.xml:3241 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3243 +#: sssd.conf.5.xml:3246 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3785,7 +3792,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3251 +#: sssd.conf.5.xml:3254 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3793,35 +3800,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3276 +#: sssd.conf.5.xml:3279 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3280 +#: sssd.conf.5.xml:3283 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3283 +#: sssd.conf.5.xml:3286 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3290 +#: sssd.conf.5.xml:3293 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3293 +#: sssd.conf.5.xml:3296 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3297 +#: sssd.conf.5.xml:3300 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3829,32 +3836,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3305 +#: sssd.conf.5.xml:3308 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3309 +#: sssd.conf.5.xml:3312 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3313 +#: sssd.conf.5.xml:3316 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3316 sssd.conf.5.xml:3402 sssd.conf.5.xml:3467 -#: sssd.conf.5.xml:3492 sssd.conf.5.xml:3528 +#: sssd.conf.5.xml:3319 sssd.conf.5.xml:3405 sssd.conf.5.xml:3470 +#: sssd.conf.5.xml:3495 sssd.conf.5.xml:3531 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3320 +#: sssd.conf.5.xml:3323 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3865,7 +3872,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3335 +#: sssd.conf.5.xml:3338 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3874,12 +3881,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3345 +#: sssd.conf.5.xml:3348 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3348 +#: sssd.conf.5.xml:3351 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3887,7 +3894,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3354 +#: sssd.conf.5.xml:3357 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3895,31 +3902,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3362 +#: sssd.conf.5.xml:3365 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3365 +#: sssd.conf.5.xml:3368 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3371 +#: sssd.conf.5.xml:3374 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3374 +#: sssd.conf.5.xml:3377 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3380 +#: sssd.conf.5.xml:3383 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3927,7 +3934,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3389 +#: sssd.conf.5.xml:3392 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3936,17 +3943,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3398 +#: sssd.conf.5.xml:3401 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3408 +#: sssd.conf.5.xml:3411 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3411 +#: sssd.conf.5.xml:3414 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3954,36 +3961,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3418 +#: sssd.conf.5.xml:3421 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3422 +#: sssd.conf.5.xml:3425 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3426 +#: sssd.conf.5.xml:3429 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3433 +#: sssd.conf.5.xml:3436 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3436 +#: sssd.conf.5.xml:3439 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3440 +#: sssd.conf.5.xml:3443 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3991,7 +3998,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3447 +#: sssd.conf.5.xml:3450 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3999,7 +4006,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3455 +#: sssd.conf.5.xml:3458 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4007,24 +4014,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3464 +#: sssd.conf.5.xml:3467 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3474 +#: sssd.conf.5.xml:3477 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3477 +#: sssd.conf.5.xml:3480 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3481 +#: sssd.conf.5.xml:3484 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -4032,31 +4039,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3492 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3499 +#: sssd.conf.5.xml:3502 msgid "resolver_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3502 +#: sssd.conf.5.xml:3505 msgid "" "The provider which should handle hosts and networks lookups. Supported " "resolver providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3506 +#: sssd.conf.5.xml:3509 msgid "" "<quote>proxy</quote> to forward lookups to another NSS library. See " "<quote>proxy_resolver_lib_name</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3510 +#: sssd.conf.5.xml:3513 msgid "" "<quote>ldap</quote> to fetch hosts and networks stored in LDAP. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -4064,7 +4071,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3517 +#: sssd.conf.5.xml:3520 msgid "" "<quote>ad</quote> to fetch hosts and networks stored in AD. See " "<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" @@ -4073,12 +4080,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3525 +#: sssd.conf.5.xml:3528 msgid "<quote>none</quote> disallows fetching hosts and networks explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3538 +#: sssd.conf.5.xml:3541 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -4088,24 +4095,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3547 +#: sssd.conf.5.xml:3550 msgid "" "Default: <quote>^((?P<name>.+)@(?P<domain>[^@]*)|(?P<name>" "[^@]+))$</quote> which allows two different styles for user names:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3552 sssd.conf.5.xml:3566 +#: sssd.conf.5.xml:3555 sssd.conf.5.xml:3569 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3555 sssd.conf.5.xml:3569 +#: sssd.conf.5.xml:3558 sssd.conf.5.xml:3572 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3560 +#: sssd.conf.5.xml:3563 msgid "" "Default for the AD and IPA provider: <quote>^(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+))|((?P<name>.+)@(?P<domain>[^@]+))|((?P<" @@ -4114,19 +4121,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3572 +#: sssd.conf.5.xml:3575 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3575 +#: sssd.conf.5.xml:3578 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3580 +#: sssd.conf.5.xml:3583 msgid "" "The default re_expression uses the <quote>@</quote> character as a separator " "between the name and the domain. As a result of this setting the default " @@ -4136,89 +4143,89 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3632 +#: sssd.conf.5.xml:3635 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3638 +#: sssd.conf.5.xml:3641 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3641 +#: sssd.conf.5.xml:3644 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3645 +#: sssd.conf.5.xml:3648 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3648 +#: sssd.conf.5.xml:3651 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3651 +#: sssd.conf.5.xml:3654 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3654 +#: sssd.conf.5.xml:3657 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3657 +#: sssd.conf.5.xml:3660 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3660 +#: sssd.conf.5.xml:3663 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3666 +#: sssd.conf.5.xml:3669 msgid "dns_resolver_server_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3669 +#: sssd.conf.5.xml:3672 msgid "" "Defines the amount of time (in milliseconds) SSSD would try to talk to DNS " "server before trying next DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3674 +#: sssd.conf.5.xml:3677 msgid "" "The AD provider will use this option for the CLDAP ping timeouts as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3678 sssd.conf.5.xml:3698 sssd.conf.5.xml:3719 +#: sssd.conf.5.xml:3681 sssd.conf.5.xml:3701 sssd.conf.5.xml:3722 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3683 sssd-ldap.5.xml:645 include/failover.xml:84 +#: sssd.conf.5.xml:3686 sssd-ldap.5.xml:656 include/failover.xml:84 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3689 +#: sssd.conf.5.xml:3692 msgid "dns_resolver_op_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3692 +#: sssd.conf.5.xml:3695 msgid "" "Defines the amount of time (in seconds) to wait to resolve single DNS query " "(e.g. resolution of a hostname or an SRV record) before trying the next " @@ -4226,17 +4233,17 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3703 include/failover.xml:100 +#: sssd.conf.5.xml:3706 include/failover.xml:100 msgid "Default: 3" msgstr "Dre ziouer : 3" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3709 +#: sssd.conf.5.xml:3712 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3712 +#: sssd.conf.5.xml:3715 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -4245,12 +4252,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3730 +#: sssd.conf.5.xml:3733 msgid "dns_resolver_use_search_list (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3733 +#: sssd.conf.5.xml:3736 msgid "" "Normally, the DNS resolver searches the domain list defined in the " "\"search\" directive from the resolv.conf file. This can lead to delays in " @@ -4258,7 +4265,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3739 +#: sssd.conf.5.xml:3742 msgid "" "If fully qualified domain names (or _srv_) are used in the SSSD " "configuration, setting this option to FALSE can prevent unnecessary DNS " @@ -4266,36 +4273,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3745 +#: sssd.conf.5.xml:3748 #, fuzzy #| msgid "Default: 3" msgid "Default: TRUE" msgstr "Dre ziouer : 3" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3751 +#: sssd.conf.5.xml:3754 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3754 +#: sssd.conf.5.xml:3757 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3758 +#: sssd.conf.5.xml:3761 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3764 +#: sssd.conf.5.xml:3767 msgid "failover_primary_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3767 +#: sssd.conf.5.xml:3770 msgid "" "When no primary server is available, SSSD fails over to a backup server. " "This option defines the number of seconds SSSD waits before attempting to " @@ -4303,59 +4310,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3774 +#: sssd.conf.5.xml:3777 msgid "Note: The minimum value is 31." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3777 +#: sssd.conf.5.xml:3780 #, fuzzy #| msgid "Default: 3" msgid "Default: 31" msgstr "Dre ziouer : 3" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3783 +#: sssd.conf.5.xml:3786 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3786 +#: sssd.conf.5.xml:3789 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3792 +#: sssd.conf.5.xml:3795 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3799 +#: sssd.conf.5.xml:3802 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3802 +#: sssd.conf.5.xml:3805 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3808 +#: sssd.conf.5.xml:3811 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3810 +#: sssd.conf.5.xml:3813 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3814 +#: sssd.conf.5.xml:3817 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3817 +#: sssd.conf.5.xml:3820 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -4363,31 +4370,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3825 +#: sssd.conf.5.xml:3828 msgid "" "If you want to set this value for trusted domain with IPA provider, you need " "to set it on both the client and SSSD on the server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3795 +#: sssd.conf.5.xml:3798 msgid "" "Treat user and group names as case sensitive. Possible option values are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3840 +#: sssd.conf.5.xml:3843 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3846 +#: sssd.conf.5.xml:3849 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3849 +#: sssd.conf.5.xml:3852 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -4395,104 +4402,104 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3855 +#: sssd.conf.5.xml:3858 msgid "ldap_search_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3858 +#: sssd.conf.5.xml:3861 msgid "ldap_network_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3861 +#: sssd.conf.5.xml:3864 msgid "ldap_opt_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3864 +#: sssd.conf.5.xml:3867 msgid "ldap_offline_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3867 +#: sssd.conf.5.xml:3870 msgid "ldap_enumeration_refresh_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3870 +#: sssd.conf.5.xml:3873 msgid "ldap_enumeration_refresh_offset" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3873 +#: sssd.conf.5.xml:3876 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3876 +#: sssd.conf.5.xml:3879 msgid "ldap_purge_cache_offset" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3879 +#: sssd.conf.5.xml:3882 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3883 +#: sssd.conf.5.xml:3886 msgid "ldap_krb5_ticket_lifetime" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3886 +#: sssd.conf.5.xml:3889 msgid "ldap_enumeration_search_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3889 +#: sssd.conf.5.xml:3892 msgid "ldap_connection_expire_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3892 +#: sssd.conf.5.xml:3895 msgid "ldap_connection_expire_offset" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3895 +#: sssd.conf.5.xml:3898 msgid "ldap_connection_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3898 sssd-ldap.5.xml:401 +#: sssd.conf.5.xml:3901 sssd-ldap.5.xml:412 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3901 +#: sssd.conf.5.xml:3904 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3904 +#: sssd.conf.5.xml:3907 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3907 +#: sssd.conf.5.xml:3910 msgid "auto_private_groups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3910 +#: sssd.conf.5.xml:3913 msgid "case_sensitive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3915 +#: sssd.conf.5.xml:3918 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -4500,27 +4507,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3922 +#: sssd.conf.5.xml:3925 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3929 +#: sssd.conf.5.xml:3932 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3940 +#: sssd.conf.5.xml:3943 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3941 +#: sssd.conf.5.xml:3944 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3932 +#: sssd.conf.5.xml:3935 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -4530,34 +4537,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3946 +#: sssd.conf.5.xml:3949 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3950 +#: sssd.conf.5.xml:3953 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3955 +#: sssd.conf.5.xml:3958 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3958 +#: sssd.conf.5.xml:3961 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3964 +#: sssd.conf.5.xml:3967 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3967 +#: sssd.conf.5.xml:3970 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -4566,19 +4573,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3975 +#: sssd.conf.5.xml:3978 msgid "" "This option's value is inherited by all trusted domains. At the moment it is " "not possible to set a different value per trusted domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3980 +#: sssd.conf.5.xml:3983 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3984 +#: sssd.conf.5.xml:3987 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -4586,14 +4593,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3995 +#: sssd.conf.5.xml:3998 #, fuzzy #| msgid "re_expression (string)" msgid "local_auth_policy (string)" msgstr "re_expression (neudennad)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3998 +#: sssd.conf.5.xml:4001 msgid "" "Local authentication methods policy. Some backends (i.e. LDAP, proxy " "provider) only support a password based authentication, while others can " @@ -4605,7 +4612,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4010 +#: sssd.conf.5.xml:4013 msgid "" "There are three possible values for this option: match, only, enable. " "<quote>match</quote> is used to match offline and online states for Kerberos " @@ -4617,7 +4624,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4023 +#: sssd.conf.5.xml:4026 msgid "" "The following table shows which authentication methods, if configured " "properly, are currently enabled or disabled for each backend, with the " @@ -4625,44 +4632,44 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4036 +#: sssd.conf.5.xml:4039 #, fuzzy #| msgid "re_expression (string)" msgid "local_auth_policy = match (default)" msgstr "re_expression (neudennad)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4037 +#: sssd.conf.5.xml:4040 msgid "Passkey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4038 +#: sssd.conf.5.xml:4041 msgid "Smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4041 sssd-ldap.5.xml:189 +#: sssd.conf.5.xml:4044 sssd-ldap.5.xml:189 msgid "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4044 sssd-ldap.5.xml:194 +#: sssd.conf.5.xml:4047 sssd-ldap.5.xml:194 msgid "AD" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para> -#: sssd.conf.5.xml:4044 sssd.conf.5.xml:4047 sssd.conf.5.xml:4048 +#: sssd.conf.5.xml:4047 sssd.conf.5.xml:4050 sssd.conf.5.xml:4051 msgid "disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry> -#: sssd.conf.5.xml:4047 +#: sssd.conf.5.xml:4050 msgid "LDAP" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4052 +#: sssd.conf.5.xml:4055 msgid "" "Please note that if local Smartcard authentication is enabled and a " "Smartcard is present, Smartcard authentication will be preferred over the " @@ -4671,7 +4678,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4064 +#: sssd.conf.5.xml:4067 #, no-wrap msgid "" "[domain/shadowutils]\n" @@ -4682,7 +4689,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4060 +#: sssd.conf.5.xml:4063 msgid "" "The following configuration example allows local users to authenticate " "locally using any enabled method (i.e. smartcard, passkey). <placeholder " @@ -4690,38 +4697,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4072 +#: sssd.conf.5.xml:4075 msgid "" "It is expected that the <quote>files</quote> provider ignores the " "local_auth_policy option and supports Smartcard authentication by default." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4077 +#: sssd.conf.5.xml:4080 #, fuzzy #| msgid "Default: 3" msgid "Default: match" msgstr "Dre ziouer : 3" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4082 +#: sssd.conf.5.xml:4085 msgid "auto_private_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4088 +#: sssd.conf.5.xml:4091 msgid "true" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4091 +#: sssd.conf.5.xml:4094 msgid "" "Create user's private group unconditionally from user's UID number. The GID " "number is ignored in this case." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4095 +#: sssd.conf.5.xml:4098 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -4730,24 +4737,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4104 +#: sssd.conf.5.xml:4107 msgid "false" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4107 +#: sssd.conf.5.xml:4110 msgid "" "Always use the user's primary GID number. The GID number must refer to a " "group object in the LDAP database." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4113 +#: sssd.conf.5.xml:4116 msgid "hybrid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4116 +#: sssd.conf.5.xml:4119 msgid "" "A primary group is autogenerated for user entries whose UID and GID numbers " "have the same value and at the same time the GID number does not correspond " @@ -4757,14 +4764,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4129 +#: sssd.conf.5.xml:4132 msgid "" "If the UID and GID of a user are different, then the GID must correspond to " "a group entry, otherwise the GID is simply not resolvable." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4136 +#: sssd.conf.5.xml:4139 msgid "" "This feature is useful for environments that wish to stop maintaining a " "separate group objects for the user private groups, but also wish to retain " @@ -4772,21 +4779,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4085 +#: sssd.conf.5.xml:4088 msgid "" "This option takes any of three available values: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4148 +#: sssd.conf.5.xml:4151 msgid "" "For subdomains, the default value is False for subdomains that use assigned " "POSIX IDs and True for subdomains that use automatic ID-mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4156 +#: sssd.conf.5.xml:4159 #, no-wrap msgid "" "[domain/forest.domain/sub.domain]\n" @@ -4794,7 +4801,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4162 +#: sssd.conf.5.xml:4165 #, no-wrap msgid "" "[domain/forest.domain]\n" @@ -4803,7 +4810,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4153 +#: sssd.conf.5.xml:4156 msgid "" "The value of auto_private_groups can either be set per subdomains in a " "subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " @@ -4812,7 +4819,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2552 +#: sssd.conf.5.xml:2555 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -4820,17 +4827,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4177 +#: sssd.conf.5.xml:4180 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4180 +#: sssd.conf.5.xml:4183 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4183 +#: sssd.conf.5.xml:4186 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here. As an alternative you can " @@ -4838,12 +4845,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4193 +#: sssd.conf.5.xml:4196 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4196 +#: sssd.conf.5.xml:4199 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -4851,12 +4858,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4206 +#: sssd.conf.5.xml:4209 msgid "proxy_resolver_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4209 +#: sssd.conf.5.xml:4212 msgid "" "The name of the NSS library to use for hosts and networks lookups in proxy " "domains. The NSS functions searched for in the library are in the form of " @@ -4864,12 +4871,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4220 +#: sssd.conf.5.xml:4223 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4223 +#: sssd.conf.5.xml:4226 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -4878,12 +4885,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4237 +#: sssd.conf.5.xml:4240 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4240 +#: sssd.conf.5.xml:4243 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -4891,19 +4898,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4173 +#: sssd.conf.5.xml:4176 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" " "id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:4256 +#: sssd.conf.5.xml:4259 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4258 +#: sssd.conf.5.xml:4261 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -4920,7 +4927,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4278 +#: sssd.conf.5.xml:4281 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -4928,17 +4935,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:4284 +#: sssd.conf.5.xml:4287 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4286 +#: sssd.conf.5.xml:4289 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4289 +#: sssd.conf.5.xml:4292 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -4947,7 +4954,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4303 +#: sssd.conf.5.xml:4306 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -4957,7 +4964,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:4311 +#: sssd.conf.5.xml:4314 #, no-wrap msgid "" "[sssd]\n" @@ -4977,12 +4984,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4331 +#: sssd.conf.5.xml:4334 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4333 +#: sssd.conf.5.xml:4336 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -4993,69 +5000,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4340 +#: sssd.conf.5.xml:4343 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4341 +#: sssd.conf.5.xml:4344 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4342 +#: sssd.conf.5.xml:4345 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4343 +#: sssd.conf.5.xml:4346 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4344 +#: sssd.conf.5.xml:4347 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4345 +#: sssd.conf.5.xml:4348 msgid "ldap_sasl_mech," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4346 +#: sssd.conf.5.xml:4349 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4347 +#: sssd.conf.5.xml:4350 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4348 +#: sssd.conf.5.xml:4351 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4349 sssd-ipa.5.xml:884 +#: sssd.conf.5.xml:4352 sssd-ipa.5.xml:948 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4353 +#: sssd.conf.5.xml:4356 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4359 +#: sssd.conf.5.xml:4362 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4361 +#: sssd.conf.5.xml:4364 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -5068,7 +5075,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4375 +#: sssd.conf.5.xml:4378 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -5076,7 +5083,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4384 +#: sssd.conf.5.xml:4387 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -5085,55 +5092,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4391 +#: sssd.conf.5.xml:4394 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4394 +#: sssd.conf.5.xml:4397 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4398 +#: sssd.conf.5.xml:4401 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4405 +#: sssd.conf.5.xml:4408 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4408 +#: sssd.conf.5.xml:4411 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4414 +#: sssd.conf.5.xml:4417 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4420 +#: sssd.conf.5.xml:4423 msgid "" -"The RULE_NAME for the <quote>files</quote> provider which tries to find a " -"user with the same name." +"If maprule is not set and provider is <quote>proxy</quote><phrase " +"condition=\"with_files_provider\">  or <quote>files</quote></phrase>, " +"the RULE_NAME name is assumed to be the name of the matching user." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4429 +#: sssd.conf.5.xml:4434 msgid "domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4432 +#: sssd.conf.5.xml:4437 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -5142,17 +5150,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4439 +#: sssd.conf.5.xml:4444 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4444 +#: sssd.conf.5.xml:4449 msgid "priority (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4447 +#: sssd.conf.5.xml:4452 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -5160,26 +5168,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4453 +#: sssd.conf.5.xml:4458 msgid "Default: the lowest priority" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4459 +#: sssd.conf.5.xml:4464 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4465 +#: sssd.conf.5.xml:4470 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4471 +#: sssd.conf.5.xml:4476 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -5188,17 +5196,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4480 +#: sssd.conf.5.xml:4485 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4488 +#: sssd.conf.5.xml:4493 msgid "PROMPTING CONFIGURATION SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4490 +#: sssd.conf.5.xml:4495 msgid "" "If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" "filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " @@ -5208,7 +5216,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4498 +#: sssd.conf.5.xml:4503 msgid "" "With the growing number of authentication methods and the possibility that " "there are multiple ones for a single user the heuristic used by pam_sss to " @@ -5217,59 +5225,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4510 +#: sssd.conf.5.xml:4515 msgid "[prompting/password]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4513 +#: sssd.conf.5.xml:4518 msgid "password_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4514 +#: sssd.conf.5.xml:4519 msgid "to change the string of the password prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4512 +#: sssd.conf.5.xml:4517 msgid "" "to configure password prompting, allowed options are: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4522 +#: sssd.conf.5.xml:4527 msgid "[prompting/2fa]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4526 +#: sssd.conf.5.xml:4531 msgid "first_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4527 +#: sssd.conf.5.xml:4532 msgid "to change the string of the prompt for the first factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4530 +#: sssd.conf.5.xml:4535 msgid "second_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4531 +#: sssd.conf.5.xml:4536 msgid "to change the string of the prompt for the second factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4534 +#: sssd.conf.5.xml:4539 msgid "single_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4535 +#: sssd.conf.5.xml:4540 msgid "" "boolean value, if True there will be only a single prompt using the value of " "first_prompt where it is expected that both factors are entered as a single " @@ -5278,7 +5286,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4524 +#: sssd.conf.5.xml:4529 msgid "" "to configure two-factor authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/> If the second factor is " @@ -5287,7 +5295,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4548 +#: sssd.conf.5.xml:4553 msgid "" "Some clients, such as SSH with 'PasswordAuthentication yes', generate their " "own prompts and do not use prompts provided by SSSD or other PAM modules. " @@ -5298,17 +5306,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4563 +#: sssd.conf.5.xml:4568 msgid "[prompting/passkey]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4569 sssd-ad.5.xml:1022 +#: sssd.conf.5.xml:4574 sssd-ad.5.xml:1022 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4571 +#: sssd.conf.5.xml:4576 msgid "" "boolean value, if True prompt a message and wait before testing the presence " "of a passkey device. Recommended if your device doesn’t have a tactile " @@ -5316,46 +5324,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4579 +#: sssd.conf.5.xml:4584 msgid "interactive_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4581 +#: sssd.conf.5.xml:4586 msgid "to change the message of the interactive prompt." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4586 +#: sssd.conf.5.xml:4591 msgid "touch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4588 +#: sssd.conf.5.xml:4593 msgid "" "boolean value, if True prompt a message to remind the user to touch the " "device." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4594 +#: sssd.conf.5.xml:4599 msgid "touch_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4596 +#: sssd.conf.5.xml:4601 msgid "to change the message of the touch prompt." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4565 +#: sssd.conf.5.xml:4570 msgid "" "to configure passkey authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4505 +#: sssd.conf.5.xml:4510 msgid "" "Each supported authentication method has its own configuration subsection " "under <quote>[prompting/...]</quote>. Currently there are: <placeholder " @@ -5364,7 +5372,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4607 +#: sssd.conf.5.xml:4612 msgid "" "It is possible to add a subsection for specific PAM services, e.g. " "<quote>[prompting/password/sshd]</quote> to individual change the prompting " @@ -5372,12 +5380,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4614 pam_sss_gss.8.xml:157 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:4619 pam_sss_gss.8.xml:157 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4620 +#: sssd.conf.5.xml:4625 #, no-wrap msgid "" "[sssd]\n" @@ -5406,7 +5414,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4616 +#: sssd.conf.5.xml:4621 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -5415,7 +5423,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4652 +#: sssd.conf.5.xml:4657 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -5423,7 +5431,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4646 +#: sssd.conf.5.xml:4651 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -5434,7 +5442,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4663 +#: sssd.conf.5.xml:4668 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -5445,7 +5453,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4657 +#: sssd.conf.5.xml:4662 msgid "" "3. The following example shows the configuration of a certificate mapping " "rule. It is valid for the configured domain <quote>my.domain</quote> and " @@ -5715,8 +5723,17 @@ msgstr "" msgid "ldap_modify - Direct modification of userPassword (not recommended)." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:239 +msgid "" +"exop_force - Try Password Modify Extended Operation (RFC 3062) even if there " +"are no grace logins left. Depending on the type and configuration of the " +"LDAP server the password change might fail because an authenticated bind is " +"not possible." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:240 +#: sssd-ldap.5.xml:251 msgid "" "Note: First, a new connection is established to verify current password by " "binding as the user that requested password change. If successful, this " @@ -5725,74 +5742,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:248 +#: sssd-ldap.5.xml:259 msgid "Default: exop" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:265 msgid "ldap_default_bind_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:268 msgid "The default bind DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:264 +#: sssd-ldap.5.xml:275 msgid "ldap_default_authtok_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:267 +#: sssd-ldap.5.xml:278 msgid "The type of the authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:271 +#: sssd-ldap.5.xml:282 msgid "The two mechanisms currently supported are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:274 +#: sssd-ldap.5.xml:285 msgid "password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:288 msgid "obfuscated_password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:291 msgid "Default: password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:283 +#: sssd-ldap.5.xml:294 msgid "" "See the <citerefentry> <refentrytitle>sss_obfuscate</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> manual page for more information." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:294 +#: sssd-ldap.5.xml:305 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 +#: sssd-ldap.5.xml:308 msgid "The authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:314 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:317 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -5801,24 +5818,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:319 +#: sssd-ldap.5.xml:330 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:322 +#: sssd-ldap.5.xml:333 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:349 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:341 +#: sssd-ldap.5.xml:352 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -5826,7 +5843,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:358 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -5835,12 +5852,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:367 +#: sssd-ldap.5.xml:378 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:370 +#: sssd-ldap.5.xml:381 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5848,7 +5865,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:377 +#: sssd-ldap.5.xml:388 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5858,7 +5875,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:397 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5868,67 +5885,67 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:395 +#: sssd-ldap.5.xml:406 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 +#: sssd-ldap.5.xml:415 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:414 +#: sssd-ldap.5.xml:425 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:420 +#: sssd-ldap.5.xml:431 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:423 +#: sssd-ldap.5.xml:434 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:427 sssd-ipa.5.xml:462 sssd-ipa.5.xml:481 sssd-ipa.5.xml:500 -#: sssd-ipa.5.xml:519 +#: sssd-ldap.5.xml:438 sssd-ipa.5.xml:526 sssd-ipa.5.xml:545 sssd-ipa.5.xml:564 +#: sssd-ipa.5.xml:583 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " "multiple search bases." msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:432 sssd-ipa.5.xml:467 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:443 sssd-ipa.5.xml:531 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:450 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:444 +#: sssd-ldap.5.xml:455 msgid "ldap_iphost_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:449 +#: sssd-ldap.5.xml:460 msgid "ldap_ipnetwork_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:465 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:468 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5936,7 +5953,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:463 +#: sssd-ldap.5.xml:474 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5944,12 +5961,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:480 +#: sssd-ldap.5.xml:491 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:483 +#: sssd-ldap.5.xml:494 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5957,12 +5974,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:501 +#: sssd-ldap.5.xml:512 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:504 +#: sssd-ldap.5.xml:515 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5973,12 +5990,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:532 +#: sssd-ldap.5.xml:543 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:546 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5987,12 +6004,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:566 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:569 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -6001,7 +6018,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:577 msgid "" "If the connection is idle (not actively running an operation) within " "<emphasis>ldap_opt_timeout</emphasis> seconds of expiration, then it will be " @@ -6012,36 +6029,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:578 +#: sssd-ldap.5.xml:589 msgid "" "This timeout can be extended of a random value specified by " "<emphasis>ldap_connection_expire_offset</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:588 sssd-ldap.5.xml:631 sssd-ldap.5.xml:1749 +#: sssd-ldap.5.xml:599 sssd-ldap.5.xml:642 sssd-ldap.5.xml:1760 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:594 +#: sssd-ldap.5.xml:605 msgid "ldap_connection_expire_offset (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:597 +#: sssd-ldap.5.xml:608 msgid "" "Random offset between 0 and configured value is added to " "<emphasis>ldap_connection_expire_timeout</emphasis>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:624 msgid "ldap_connection_idle_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 +#: sssd-ldap.5.xml:627 msgid "" "Specifies a timeout (in seconds) that an idle connection to an LDAP server " "will be maintained. If the connection is idle for more than this time then " @@ -6049,29 +6066,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:622 +#: sssd-ldap.5.xml:633 msgid "You can disable this timeout by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:648 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:651 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:662 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:654 +#: sssd-ldap.5.xml:665 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -6079,14 +6096,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:660 +#: sssd-ldap.5.xml:671 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:666 +#: sssd-ldap.5.xml:677 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -6094,17 +6111,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:678 +#: sssd-ldap.5.xml:689 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:681 +#: sssd-ldap.5.xml:692 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:684 +#: sssd-ldap.5.xml:695 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -6114,12 +6131,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:699 +#: sssd-ldap.5.xml:710 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 +#: sssd-ldap.5.xml:713 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -6127,17 +6144,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:708 sssd-ldap.5.xml:724 +#: sssd-ldap.5.xml:719 sssd-ldap.5.xml:735 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:715 +#: sssd-ldap.5.xml:726 msgid "ldap_sasl_maxssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:718 +#: sssd-ldap.5.xml:729 msgid "" "When communicating with an LDAP server using SASL, specify the maximal " "security level necessary to establish the connection. The values of this " @@ -6145,12 +6162,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:742 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:734 +#: sssd-ldap.5.xml:745 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -6158,7 +6175,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:740 +#: sssd-ldap.5.xml:751 msgid "" "You can turn off dereference lookups completely by setting the value to 0. " "Please note that there are some codepaths in SSSD, like the IPA HBAC " @@ -6169,7 +6186,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:751 +#: sssd-ldap.5.xml:762 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -6178,7 +6195,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 +#: sssd-ldap.5.xml:770 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -6186,12 +6203,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:783 msgid "ldap_ignore_unreadable_references (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 +#: sssd-ldap.5.xml:786 msgid "" "Ignore unreadable LDAP entries referenced in group's member attribute. If " "this parameter is set to false an error will be returned and the operation " @@ -6199,7 +6216,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:782 +#: sssd-ldap.5.xml:793 msgid "" "This parameter may be useful when using the AD provider and the computer " "account that sssd uses to connect to AD does not have access to a particular " @@ -6207,26 +6224,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:795 +#: sssd-ldap.5.xml:806 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:798 +#: sssd-ldap.5.xml:809 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 +#: sssd-ldap.5.xml:815 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:808 +#: sssd-ldap.5.xml:819 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6234,7 +6251,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:826 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6242,7 +6259,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:821 +#: sssd-ldap.5.xml:832 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -6250,41 +6267,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:838 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:831 +#: sssd-ldap.5.xml:842 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:837 +#: sssd-ldap.5.xml:848 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:840 +#: sssd-ldap.5.xml:851 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 sssd-ldap.5.xml:864 sssd-ldap.5.xml:905 +#: sssd-ldap.5.xml:856 sssd-ldap.5.xml:875 sssd-ldap.5.xml:916 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:852 +#: sssd-ldap.5.xml:863 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:866 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -6294,32 +6311,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:871 +#: sssd-ldap.5.xml:882 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:885 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 +#: sssd-ldap.5.xml:895 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:898 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:907 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:910 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -6327,12 +6344,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 +#: sssd-ldap.5.xml:923 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:926 msgid "" "Specifies that the id_provider connection must also use <systemitem " "class=\"protocol\">tls</systemitem> to protect the channel. <emphasis>true</" @@ -6340,12 +6357,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:937 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:940 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -6353,17 +6370,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:946 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:945 +#: sssd-ldap.5.xml:956 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:959 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -6374,24 +6391,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:960 +#: sssd-ldap.5.xml:971 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:966 +#: sssd-ldap.5.xml:977 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:969 +#: sssd-ldap.5.xml:980 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " "tested and supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 +#: sssd-ldap.5.xml:984 msgid "" "If the backend supports sub-domains the value of ldap_sasl_mech is " "automatically inherited to the sub-domains. If a different value is needed " @@ -6402,12 +6419,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:989 +#: sssd-ldap.5.xml:1000 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1001 +#: sssd-ldap.5.xml:1012 #, no-wrap msgid "" "hostname@REALM\n" @@ -6420,7 +6437,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:992 +#: sssd-ldap.5.xml:1003 msgid "" "Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " "this represents the Kerberos principal used for authentication to the " @@ -6432,17 +6449,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1012 +#: sssd-ldap.5.xml:1023 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1018 +#: sssd-ldap.5.xml:1029 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1032 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6450,49 +6467,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1038 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 +#: sssd-ldap.5.xml:1044 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 +#: sssd-ldap.5.xml:1047 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1041 +#: sssd-ldap.5.xml:1052 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1047 +#: sssd-ldap.5.xml:1058 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1050 +#: sssd-ldap.5.xml:1061 msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 sssd-krb5.5.xml:247 +#: sssd-ldap.5.xml:1070 sssd-krb5.5.xml:247 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 +#: sssd-ldap.5.xml:1076 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 +#: sssd-ldap.5.xml:1079 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -6500,28 +6517,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1080 +#: sssd-ldap.5.xml:1091 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1094 msgid "" "Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1092 sssd-ad.5.xml:1253 +#: sssd-ldap.5.xml:1103 sssd-ad.5.xml:1256 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1098 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1109 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1101 +#: sssd-ldap.5.xml:1112 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6533,7 +6550,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1113 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1124 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6541,7 +6558,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1118 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1129 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -6549,39 +6566,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1127 sssd-ipa.5.xml:531 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1138 sssd-ipa.5.xml:595 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1130 +#: sssd-ldap.5.xml:1141 msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1134 +#: sssd-ldap.5.xml:1145 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1140 include/krb5_options.xml:154 +#: sssd-ldap.5.xml:1151 include/krb5_options.xml:154 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1143 +#: sssd-ldap.5.xml:1154 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1155 sssd-krb5.5.xml:336 +#: sssd-ldap.5.xml:1166 sssd-krb5.5.xml:336 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1158 sssd-krb5.5.xml:339 +#: sssd-ldap.5.xml:1169 sssd-krb5.5.xml:339 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -6591,7 +6608,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 sssd-krb5.5.xml:350 +#: sssd-ldap.5.xml:1180 sssd-krb5.5.xml:350 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -6599,26 +6616,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1183 +#: sssd-ldap.5.xml:1194 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1186 +#: sssd-ldap.5.xml:1197 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1202 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1196 +#: sssd-ldap.5.xml:1207 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -6627,7 +6644,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1204 +#: sssd-ldap.5.xml:1215 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -6635,31 +6652,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1213 +#: sssd-ldap.5.xml:1224 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1232 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1235 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 +#: sssd-ldap.5.xml:1239 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1233 +#: sssd-ldap.5.xml:1244 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6672,51 +6689,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1263 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1255 +#: sssd-ldap.5.xml:1266 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1259 +#: sssd-ldap.5.xml:1270 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1265 +#: sssd-ldap.5.xml:1276 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1279 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 +#: sssd-ldap.5.xml:1284 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1290 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 +#: sssd-ldap.5.xml:1293 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1288 +#: sssd-ldap.5.xml:1299 msgid "" "It is recommend to set this option explicitly if \"ldap_pwd_policy = " "shadow\" is used to let SSSD know if the LDAP server will update " @@ -6725,12 +6742,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1313 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1305 +#: sssd-ldap.5.xml:1316 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6746,12 +6763,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1336 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1328 +#: sssd-ldap.5.xml:1339 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6760,14 +6777,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1332 +#: sssd-ldap.5.xml:1343 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 +#: sssd-ldap.5.xml:1348 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6776,24 +6793,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1345 sssd-ldap.5.xml:1401 +#: sssd-ldap.5.xml:1356 sssd-ldap.5.xml:1412 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1351 +#: sssd-ldap.5.xml:1362 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1354 +#: sssd-ldap.5.xml:1365 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1358 +#: sssd-ldap.5.xml:1369 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6801,19 +6818,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1365 +#: sssd-ldap.5.xml:1376 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1368 +#: sssd-ldap.5.xml:1379 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1373 +#: sssd-ldap.5.xml:1384 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6822,7 +6839,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1380 +#: sssd-ldap.5.xml:1391 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6830,7 +6847,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1386 +#: sssd-ldap.5.xml:1397 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6839,7 +6856,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1394 +#: sssd-ldap.5.xml:1405 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6847,22 +6864,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1407 +#: sssd-ldap.5.xml:1418 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1410 sssd-ipa.5.xml:356 +#: sssd-ldap.5.xml:1421 sssd-ipa.5.xml:420 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 +#: sssd-ldap.5.xml:1425 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1417 +#: sssd-ldap.5.xml:1428 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6872,14 +6889,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1427 +#: sssd-ldap.5.xml:1438 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1434 +#: sssd-ldap.5.xml:1445 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6892,12 +6909,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1451 +#: sssd-ldap.5.xml:1462 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 sssd-ipa.5.xml:364 +#: sssd-ldap.5.xml:1466 sssd-ipa.5.xml:428 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6907,31 +6924,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1465 sssd-ipa.5.xml:374 +#: sssd-ldap.5.xml:1476 sssd-ipa.5.xml:438 msgid "" "The difference between these options is the action taken if user password is " "expired:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1470 sssd-ipa.5.xml:379 +#: sssd-ldap.5.xml:1481 sssd-ipa.5.xml:443 msgid "pwd_expire_policy_reject - user is denied to log in," msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1476 sssd-ipa.5.xml:385 +#: sssd-ldap.5.xml:1487 sssd-ipa.5.xml:449 msgid "pwd_expire_policy_warn - user is still able to log in," msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1482 sssd-ipa.5.xml:391 +#: sssd-ldap.5.xml:1493 sssd-ipa.5.xml:455 msgid "" "pwd_expire_policy_renew - user is prompted to change their password " "immediately." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1490 +#: sssd-ldap.5.xml:1501 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to shadow or mit_kerberos, these " @@ -6939,50 +6956,50 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1507 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1501 +#: sssd-ldap.5.xml:1512 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1505 +#: sssd-ldap.5.xml:1516 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1520 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1514 +#: sssd-ldap.5.xml:1525 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1528 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1524 +#: sssd-ldap.5.xml:1535 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 +#: sssd-ldap.5.xml:1538 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6991,74 +7008,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:1546 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1538 +#: sssd-ldap.5.xml:1549 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1555 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1558 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1563 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1556 +#: sssd-ldap.5.xml:1567 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1561 +#: sssd-ldap.5.xml:1572 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1566 +#: sssd-ldap.5.xml:1577 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 +#: sssd-ldap.5.xml:1582 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1579 +#: sssd-ldap.5.xml:1590 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1593 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1586 +#: sssd-ldap.5.xml:1597 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -7069,7 +7086,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1597 +#: sssd-ldap.5.xml:1608 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -7077,60 +7094,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1609 sssd-ifp.5.xml:152 +#: sssd-ldap.5.xml:1620 sssd-ifp.5.xml:152 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1612 +#: sssd-ldap.5.xml:1623 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1616 +#: sssd-ldap.5.xml:1627 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1631 msgid "Default: 1000 (often the size of one page)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1626 +#: sssd-ldap.5.xml:1637 msgid "ldap_library_debug_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1629 +#: sssd-ldap.5.xml:1640 msgid "" "Switches on libldap debugging with the given level. The libldap debug " "messages will be written independent of the general debug_level." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1634 +#: sssd-ldap.5.xml:1645 msgid "" "OpenLDAP uses a bitmap to enable debugging for specific components, -1 will " "enable full debug output." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1639 +#: sssd-ldap.5.xml:1650 msgid "Default: 0 (libldap debugging disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1645 +#: sssd-ldap.5.xml:1656 #, fuzzy #| msgid "re_expression (string)" msgid "ldap_use_ppolicy (boolean)" msgstr "re_expression (neudennad)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1659 msgid "" "Turns on requesting and relying on the server-side password policy controls. " "Disabling this allows interacting with services which send back invalid " @@ -7138,12 +7155,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1671 msgid "ldap_ppolicy_pwd_change_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1663 +#: sssd-ldap.5.xml:1674 msgid "" "Forces a password change when server side password policy controls are " "enabled and remaining grace logins returned by the server after the " @@ -7166,12 +7183,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1683 +#: sssd-ldap.5.xml:1694 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1685 +#: sssd-ldap.5.xml:1696 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -7179,43 +7196,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 +#: sssd-ldap.5.xml:1707 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 +#: sssd-ldap.5.xml:1710 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1715 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1709 +#: sssd-ldap.5.xml:1720 msgid "" "You can disable full refresh by setting this option to 0. However, either " "smart or full refresh must be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1725 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1720 +#: sssd-ldap.5.xml:1731 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1734 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest " @@ -7223,14 +7240,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1740 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1733 +#: sssd-ldap.5.xml:1744 msgid "" "<emphasis>Note:</emphasis> the highest USN value can be updated by three " "tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " @@ -7240,19 +7257,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1744 +#: sssd-ldap.5.xml:1755 msgid "" "You can disable smart refresh by setting this option to 0. However, either " "smart or full refresh must be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1755 +#: sssd-ldap.5.xml:1766 msgid "ldap_sudo_random_offset (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1758 +#: sssd-ldap.5.xml:1769 msgid "" "Random offset between 0 and configured value is added to smart and full " "refresh periods each time the periodic task is scheduled. The value is in " @@ -7260,7 +7277,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 +#: sssd-ldap.5.xml:1775 msgid "" "Note that this random offset is also applied on the first SSSD start which " "delays the first sudo rules refresh. This prolongs the time when the sudo " @@ -7268,106 +7285,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1770 +#: sssd-ldap.5.xml:1781 msgid "You can disable this offset by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1780 +#: sssd-ldap.5.xml:1791 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1794 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1794 +#: sssd-ldap.5.xml:1805 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1797 +#: sssd-ldap.5.xml:1808 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1813 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1807 sssd-ldap.5.xml:1830 sssd-ldap.5.xml:1848 -#: sssd-ldap.5.xml:1866 +#: sssd-ldap.5.xml:1818 sssd-ldap.5.xml:1841 sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1877 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1812 sssd-ldap.5.xml:1835 +#: sssd-ldap.5.xml:1823 sssd-ldap.5.xml:1846 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1818 +#: sssd-ldap.5.xml:1829 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1821 +#: sssd-ldap.5.xml:1832 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1826 +#: sssd-ldap.5.xml:1837 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1841 +#: sssd-ldap.5.xml:1852 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1855 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1870 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1862 +#: sssd-ldap.5.xml:1873 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:1872 +#: sssd-ldap.5.xml:1883 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1884 +#: sssd-ldap.5.xml:1895 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7376,59 +7393,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1894 +#: sssd-ldap.5.xml:1905 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1896 +#: sssd-ldap.5.xml:1907 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1913 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1905 +#: sssd-ldap.5.xml:1916 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1919 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1919 +#: sssd-ldap.5.xml:1930 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1926 +#: sssd-ldap.5.xml:1937 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1931 +#: sssd-ldap.5.xml:1942 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1936 +#: sssd-ldap.5.xml:1947 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:1941 +#: sssd-ldap.5.xml:1952 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:1943 +#: sssd-ldap.5.xml:1954 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -7437,22 +7454,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:1950 +#: sssd-ldap.5.xml:1961 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:1963 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1968 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1921 +#: sssd-ldap.5.xml:1932 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -7461,14 +7478,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1972 sssd-simple.5.xml:131 sssd-ipa.5.xml:930 -#: sssd-ad.5.xml:1392 sssd-krb5.5.xml:483 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:1983 sssd-simple.5.xml:131 sssd-ipa.5.xml:994 +#: sssd-ad.5.xml:1459 sssd-krb5.5.xml:483 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:155 sssd-session-recording.5.xml:176 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1974 +#: sssd-ldap.5.xml:1985 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -7476,7 +7493,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1980 +#: sssd-ldap.5.xml:1991 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7489,27 +7506,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:1979 sssd-ldap.5.xml:1997 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:938 sssd-ad.5.xml:1400 sssd-sudo.5.xml:56 sssd-krb5.5.xml:492 -#: sssd-files.5.xml:162 sssd-files.5.xml:173 sssd-session-recording.5.xml:182 -#: include/ldap_id_mapping.xml:105 +#: sssd-ldap.5.xml:1990 sssd-ldap.5.xml:2008 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:1002 sssd-ad.5.xml:1467 sssd-sudo.5.xml:56 +#: sssd-krb5.5.xml:492 sssd-files.5.xml:162 sssd-files.5.xml:173 +#: sssd-session-recording.5.xml:182 include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1991 +#: sssd-ldap.5.xml:2002 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1993 +#: sssd-ldap.5.xml:2004 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1998 +#: sssd-ldap.5.xml:2009 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7525,13 +7542,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2013 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1415 sssd.8.xml:270 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2024 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1482 sssd.8.xml:270 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2015 +#: sssd-ldap.5.xml:2026 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -9778,7 +9795,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 sssd-ad.5.xml:1182 +#: sssd-ipa.5.xml:129 sssd-ad.5.xml:1185 msgid "dyndns_update (boolean)" msgstr "" @@ -9793,7 +9810,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:141 sssd-ad.5.xml:1196 +#: sssd-ipa.5.xml:141 sssd-ad.5.xml:1199 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -9808,12 +9825,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:158 sssd-ad.5.xml:1207 +#: sssd-ipa.5.xml:158 sssd-ad.5.xml:1210 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:161 sssd-ad.5.xml:1210 +#: sssd-ipa.5.xml:161 sssd-ad.5.xml:1213 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -9834,12 +9851,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:178 sssd-ad.5.xml:1221 +#: sssd-ipa.5.xml:178 sssd-ad.5.xml:1224 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:181 sssd-ad.5.xml:1224 +#: sssd-ipa.5.xml:181 sssd-ad.5.xml:1227 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -9863,17 +9880,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:198 sssd-ad.5.xml:1235 +#: sssd-ipa.5.xml:198 sssd-ad.5.xml:1238 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:204 sssd-ad.5.xml:1291 +#: sssd-ipa.5.xml:204 sssd-ad.5.xml:1294 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:207 sssd-ad.5.xml:1294 +#: sssd-ipa.5.xml:207 sssd-ad.5.xml:1297 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -9881,17 +9898,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:213 sssd-ad.5.xml:1300 +#: sssd-ipa.5.xml:213 sssd-ad.5.xml:1303 msgid "Default: GSS-TSIG" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:219 sssd-ad.5.xml:1306 +#: sssd-ipa.5.xml:219 sssd-ad.5.xml:1309 msgid "dyndns_auth_ptr (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:222 sssd-ad.5.xml:1309 +#: sssd-ipa.5.xml:222 sssd-ad.5.xml:1312 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "PTR updates with the DNS server, insecure updates can be sent by setting " @@ -9899,7 +9916,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:228 sssd-ad.5.xml:1315 +#: sssd-ipa.5.xml:228 sssd-ad.5.xml:1318 msgid "Default: Same as dyndns_auth" msgstr "" @@ -9926,7 +9943,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1241 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1244 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -9939,12 +9956,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:276 sssd-ad.5.xml:1259 +#: sssd-ipa.5.xml:276 sssd-ad.5.xml:1262 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 sssd-ad.5.xml:1262 +#: sssd-ipa.5.xml:279 sssd-ad.5.xml:1265 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -9958,7 +9975,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:290 sssd-ad.5.xml:1267 +#: sssd-ipa.5.xml:290 sssd-ad.5.xml:1270 msgid "" "Note that <emphasis>dyndns_update_per_family</emphasis> parameter does not " "apply for PTR record updates. Those updates are always sent separately." @@ -9970,60 +9987,77 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1278 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1281 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:304 sssd-ad.5.xml:1281 +#: sssd-ipa.5.xml:304 sssd-ad.5.xml:1284 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:308 sssd-ad.5.xml:1285 +#: sssd-ipa.5.xml:308 sssd-ad.5.xml:1288 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:314 sssd-ad.5.xml:1321 +#: sssd-ipa.5.xml:314 sssd-ad.5.xml:1324 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1324 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1327 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 sssd-ad.5.xml:1329 +#: sssd-ipa.5.xml:322 sssd-ad.5.xml:1332 msgid "" "Setting this option makes sense for environments where the DNS server is " -"different from the identity server." +"different from the identity server or when we use encrypted DNS." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:327 sssd-ad.5.xml:1337 +msgid "" +"The parameter can be a simple string containing DNS name or IP address. It " +"can also be an URI. The URI can look like <emphasis>dns://servername/</" +"emphasis> or <emphasis>dns+tls://1.2.3.4:853#servername/</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:334 sssd-ad.5.xml:1344 +msgid "" +"The second example enables DNS-over-TLS protocol for DNS updates. The " +"nsupdate utility must support DoT - check the <emphasis>man nsupdate</" +"emphasis> before enabling it in SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:327 sssd-ad.5.xml:1334 +#: sssd-ipa.5.xml:340 sssd-ad.5.xml:1350 msgid "" "Please note that this option will be only used in fallback attempt when " -"previous attempt using autodetected settings failed." +"previous attempt using autodetected settings failed or when DNS-over-TLS is " +"enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:332 sssd-ad.5.xml:1339 +#: sssd-ipa.5.xml:346 sssd-ad.5.xml:1356 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:338 sssd-ad.5.xml:1345 +#: sssd-ipa.5.xml:352 sssd-ad.5.xml:1362 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:341 sssd-ad.5.xml:1348 +#: sssd-ipa.5.xml:355 sssd-ad.5.xml:1365 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -10031,179 +10065,237 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:353 +#: sssd-ipa.5.xml:367 sssd-ad.5.xml:1377 +msgid "dyndns_dot_cacert (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:370 sssd-ad.5.xml:1380 +msgid "" +"This option specifies the file of the certificate authorities certificates " +"(in PEM format) in order to verify the remote server TLS certificate when " +"using DoT." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:376 sssd-ad.5.xml:1386 +msgid "Default: None (use global certificate store)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:382 sssd-ad.5.xml:1392 +msgid "dyndns_dot_cert (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:385 sssd-ad.5.xml:1395 +msgid "" +"This option sets the certificate(s) file for authentication for the DoT " +"transport to the remote server. The certificate chain file is expected to be " +"in PEM format." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:391 sssd-ad.5.xml:1401 +msgid "" +"The <emphasis>dyndns_dot_cert</emphasis> and <emphasis>dyndns_dot_key</" +"emphasis> options must be both set to achieve mutual TLS authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:396 sssd-ipa.5.xml:411 sssd-ad.5.xml:1406 sssd-ad.5.xml:1421 +msgid "Default: None (Do not use TLS authentication)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:402 sssd-ad.5.xml:1412 +#, fuzzy +#| msgid "re_expression (string)" +msgid "dyndns_dot_key (string)" +msgstr "re_expression (neudennad)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:405 sssd-ad.5.xml:1415 +msgid "" +"This option sets the key file for authenticated encryption for the DoT " +"transport to the remote server. The private key file is expected to be in " +"PEM format." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:417 #, fuzzy #| msgid "re_expression (string)" msgid "ipa_access_order (string)" msgstr "re_expression (neudennad)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:360 +#: sssd-ipa.5.xml:424 msgid "<emphasis>expire</emphasis>: use IPA's account expiration policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:399 +#: sssd-ipa.5.xml:463 msgid "" "Please note that 'access_provider = ipa' must be set for this feature to " "work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:406 +#: sssd-ipa.5.xml:470 msgid "ipa_deskprofile_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:409 +#: sssd-ipa.5.xml:473 msgid "" "Optional. Use the given string as search base for Desktop Profile related " "objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:413 sssd-ipa.5.xml:440 +#: sssd-ipa.5.xml:477 sssd-ipa.5.xml:504 msgid "Default: Use base DN" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:419 +#: sssd-ipa.5.xml:483 msgid "ipa_subid_ranges_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:422 +#: sssd-ipa.5.xml:486 msgid "" "Optional. Use the given string as search base for subordinate ranges related " "objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:426 +#: sssd-ipa.5.xml:490 msgid "Default: the value of <emphasis>cn=subids,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:433 +#: sssd-ipa.5.xml:497 msgid "ipa_hbac_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:436 +#: sssd-ipa.5.xml:500 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:446 +#: sssd-ipa.5.xml:510 msgid "ipa_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:449 +#: sssd-ipa.5.xml:513 msgid "Deprecated. Use ldap_host_search_base instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:455 +#: sssd-ipa.5.xml:519 msgid "ipa_selinux_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:458 +#: sssd-ipa.5.xml:522 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:474 +#: sssd-ipa.5.xml:538 msgid "ipa_subdomains_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:477 +#: sssd-ipa.5.xml:541 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 +#: sssd-ipa.5.xml:550 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:493 +#: sssd-ipa.5.xml:557 msgid "ipa_master_domain_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:496 +#: sssd-ipa.5.xml:560 msgid "Optional. Use the given string as search base for master domain object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:505 +#: sssd-ipa.5.xml:569 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 +#: sssd-ipa.5.xml:576 msgid "ipa_views_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 +#: sssd-ipa.5.xml:579 msgid "Optional. Use the given string as search base for views containers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:524 +#: sssd-ipa.5.xml:588 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:534 +#: sssd-ipa.5.xml:598 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:538 +#: sssd-ipa.5.xml:602 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:546 sssd-ad.5.xml:1363 +#: sssd-ipa.5.xml:610 sssd-ad.5.xml:1430 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:549 sssd-ad.5.xml:1366 +#: sssd-ipa.5.xml:613 sssd-ad.5.xml:1433 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:553 sssd-ad.5.xml:1370 +#: sssd-ipa.5.xml:617 sssd-ad.5.xml:1437 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:557 sssd-ad.5.xml:1374 +#: sssd-ipa.5.xml:621 sssd-ad.5.xml:1441 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:564 +#: sssd-ipa.5.xml:628 msgid "ipa_deskprofile_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:567 +#: sssd-ipa.5.xml:631 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server. This will reduce the latency and load on the IPA server if there " @@ -10211,34 +10303,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:574 sssd-ipa.5.xml:604 sssd-ipa.5.xml:620 sssd-ad.5.xml:600 +#: sssd-ipa.5.xml:638 sssd-ipa.5.xml:668 sssd-ipa.5.xml:684 sssd-ad.5.xml:600 msgid "Default: 5 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:580 +#: sssd-ipa.5.xml:644 msgid "ipa_deskprofile_request_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:583 +#: sssd-ipa.5.xml:647 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server in case the last request did not return any rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:588 +#: sssd-ipa.5.xml:652 msgid "Default: 60 (minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:594 +#: sssd-ipa.5.xml:658 msgid "ipa_hbac_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:597 +#: sssd-ipa.5.xml:661 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -10246,12 +10338,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:610 +#: sssd-ipa.5.xml:674 msgid "ipa_hbac_selinux (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:613 +#: sssd-ipa.5.xml:677 msgid "" "The amount of time between lookups of the SELinux maps against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -10259,33 +10351,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:626 +#: sssd-ipa.5.xml:690 msgid "ipa_server_mode (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:629 +#: sssd-ipa.5.xml:693 msgid "" "This option will be set by the IPA installer (ipa-server-install) " "automatically and denotes if SSSD is running on an IPA server or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:634 +#: sssd-ipa.5.xml:698 msgid "" "On an IPA server SSSD will lookup users and groups from trusted domains " "directly while on a client it will ask an IPA server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:639 +#: sssd-ipa.5.xml:703 msgid "" "NOTE: There are currently some assumptions that must be met when SSSD is " "running on an IPA server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:644 +#: sssd-ipa.5.xml:708 msgid "" "The <quote>ipa_server</quote> option must be configured to point to the IPA " "server itself. This is already the default set by the IPA installer, so no " @@ -10293,59 +10385,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:653 +#: sssd-ipa.5.xml:717 msgid "" "The <quote>full_name_format</quote> option must not be tweaked to only print " "short names for users from trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:668 +#: sssd-ipa.5.xml:732 msgid "ipa_automount_location (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:671 +#: sssd-ipa.5.xml:735 msgid "The automounter location this IPA client will be using" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:674 +#: sssd-ipa.5.xml:738 msgid "Default: The location named \"default\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:682 +#: sssd-ipa.5.xml:746 msgid "VIEWS AND OVERRIDES" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:691 +#: sssd-ipa.5.xml:755 msgid "ipa_view_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:694 +#: sssd-ipa.5.xml:758 msgid "Objectclass of the view container." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:697 +#: sssd-ipa.5.xml:761 msgid "Default: nsContainer" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:703 +#: sssd-ipa.5.xml:767 msgid "ipa_view_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:706 +#: sssd-ipa.5.xml:770 msgid "Name of the attribute holding the name of the view." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:710 sssd-ldap-attributes.5.xml:496 +#: sssd-ipa.5.xml:774 sssd-ldap-attributes.5.xml:496 #: sssd-ldap-attributes.5.xml:832 sssd-ldap-attributes.5.xml:913 #: sssd-ldap-attributes.5.xml:1010 sssd-ldap-attributes.5.xml:1068 #: sssd-ldap-attributes.5.xml:1226 sssd-ldap-attributes.5.xml:1271 @@ -10353,128 +10445,128 @@ msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:716 +#: sssd-ipa.5.xml:780 msgid "ipa_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:719 +#: sssd-ipa.5.xml:783 msgid "Objectclass of the override objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:722 +#: sssd-ipa.5.xml:786 msgid "Default: ipaOverrideAnchor" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:728 +#: sssd-ipa.5.xml:792 msgid "ipa_anchor_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:731 +#: sssd-ipa.5.xml:795 msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:735 +#: sssd-ipa.5.xml:799 msgid "Default: ipaAnchorUUID" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:741 +#: sssd-ipa.5.xml:805 msgid "ipa_user_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:744 +#: sssd-ipa.5.xml:808 msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:749 +#: sssd-ipa.5.xml:813 msgid "User overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:752 +#: sssd-ipa.5.xml:816 msgid "ldap_user_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:755 +#: sssd-ipa.5.xml:819 msgid "ldap_user_uid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:758 +#: sssd-ipa.5.xml:822 msgid "ldap_user_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:761 +#: sssd-ipa.5.xml:825 msgid "ldap_user_gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:764 +#: sssd-ipa.5.xml:828 msgid "ldap_user_home_directory" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:767 +#: sssd-ipa.5.xml:831 msgid "ldap_user_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:770 +#: sssd-ipa.5.xml:834 msgid "ldap_user_ssh_public_key" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:775 +#: sssd-ipa.5.xml:839 msgid "Default: ipaUserOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:781 +#: sssd-ipa.5.xml:845 msgid "ipa_group_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:784 +#: sssd-ipa.5.xml:848 msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:789 +#: sssd-ipa.5.xml:853 msgid "Group overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:792 +#: sssd-ipa.5.xml:856 msgid "ldap_group_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:795 +#: sssd-ipa.5.xml:859 msgid "ldap_group_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:800 +#: sssd-ipa.5.xml:864 msgid "Default: ipaGroupOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:684 +#: sssd-ipa.5.xml:748 msgid "" "SSSD can handle views and overrides which are offered by FreeIPA 4.1 and " "later version. Since all paths and objectclasses are fixed on the server " @@ -10484,19 +10576,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:812 +#: sssd-ipa.5.xml:876 msgid "SUBDOMAINS PROVIDER" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:814 +#: sssd-ipa.5.xml:878 msgid "" "The IPA subdomains provider behaves slightly differently if it is configured " "explicitly or implicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:818 +#: sssd-ipa.5.xml:882 msgid "" "If the option 'subdomains_provider = ipa' is found in the domain section of " "sssd.conf, the IPA subdomains provider is configured explicitly, and all " @@ -10504,7 +10596,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:824 +#: sssd-ipa.5.xml:888 msgid "" "If the option 'subdomains_provider' is not set in the domain section of sssd." "conf but there is the option 'id_provider = ipa', the IPA subdomains " @@ -10516,12 +10608,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:835 +#: sssd-ipa.5.xml:899 msgid "TRUSTED DOMAINS CONFIGURATION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:843 +#: sssd-ipa.5.xml:907 #, no-wrap msgid "" "[domain/ipa.domain.com/ad.domain.com]\n" @@ -10529,7 +10621,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:837 +#: sssd-ipa.5.xml:901 msgid "" "Some configuration options can also be set for a trusted domain. A trusted " "domain configuration can be set using the trusted domain subsection as shown " @@ -10539,80 +10631,80 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:848 +#: sssd-ipa.5.xml:912 msgid "" "For more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:855 +#: sssd-ipa.5.xml:919 msgid "" "Different configuration options are tunable for a trusted domain depending " "on whether you are configuring SSSD on an IPA server or an IPA client." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:860 +#: sssd-ipa.5.xml:924 msgid "OPTIONS TUNABLE ON IPA MASTERS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:862 +#: sssd-ipa.5.xml:926 msgid "" "The following options can be set in a subdomain section on an IPA master:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:866 sssd-ipa.5.xml:896 +#: sssd-ipa.5.xml:930 sssd-ipa.5.xml:960 msgid "ad_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:869 +#: sssd-ipa.5.xml:933 msgid "ad_backup_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:872 sssd-ipa.5.xml:899 +#: sssd-ipa.5.xml:936 sssd-ipa.5.xml:963 msgid "ad_site" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:875 +#: sssd-ipa.5.xml:939 msgid "ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:878 +#: sssd-ipa.5.xml:942 msgid "ldap_user_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:881 +#: sssd-ipa.5.xml:945 msgid "ldap_group_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:890 +#: sssd-ipa.5.xml:954 msgid "OPTIONS TUNABLE ON IPA CLIENTS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:892 +#: sssd-ipa.5.xml:956 msgid "" "The following options can be set in a subdomain section on an IPA client:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:904 +#: sssd-ipa.5.xml:968 msgid "" "Note that if both options are set, only <quote>ad_server</quote> is " "evaluated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:908 +#: sssd-ipa.5.xml:972 msgid "" "Since any request for a user or a group identity from a trusted domain " "triggered from an IPA client is resolved by the IPA server, the " @@ -10626,7 +10718,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:932 +#: sssd-ipa.5.xml:996 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10634,7 +10726,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:939 +#: sssd-ipa.5.xml:1003 #, no-wrap msgid "" "[domain/example.com]\n" @@ -11760,6 +11852,11 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:1136 +msgid "This option is deprecated." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1139 msgid "" "If this option is set to <quote>true</quote> SSSD will not filter out Domain " "Local groups from remote domains in the AD forest. By default they are " @@ -11770,7 +11867,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1146 +#: sssd-ad.5.xml:1149 msgid "" "Please note that setting this option to <quote>true</quote> will be against " "the intention of Domain Local group in Active Directory and <emphasis>SHOULD " @@ -11785,7 +11882,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1162 +#: sssd-ad.5.xml:1165 msgid "" "Given the comments above, if this option is set to <quote>true</quote> the " "tokenGroups request must be disabled by setting <quote>ldap_use_tokengroups</" @@ -11797,7 +11894,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1185 +#: sssd-ad.5.xml:1188 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -11808,19 +11905,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1215 +#: sssd-ad.5.xml:1218 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1231 +#: sssd-ad.5.xml:1234 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1244 +#: sssd-ad.5.xml:1247 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -11830,7 +11927,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1394 +#: sssd-ad.5.xml:1461 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -11838,7 +11935,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1401 +#: sssd-ad.5.xml:1468 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -11853,7 +11950,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1421 +#: sssd-ad.5.xml:1488 #, no-wrap msgid "" "access_provider = ldap\n" @@ -11862,7 +11959,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1417 +#: sssd-ad.5.xml:1484 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -11870,7 +11967,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1427 +#: sssd-ad.5.xml:1494 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -11880,7 +11977,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1435 +#: sssd-ad.5.xml:1502 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -17453,7 +17550,7 @@ msgstr "" #: include/ldap_id_mapping.xml:67 msgid "" "The SSSD ID-mapping algorithm takes a range of available UIDs and divides it " -"into equally-sized component sections - called \"slices\"-. Each slice " +"into equally-sized component sections - called \"slices\". Each slice " "represents the space available to an Active Directory domain." msgstr "" @@ -17598,7 +17695,7 @@ msgid "" "For example, if your most recently-added Active Directory user has " "objectSid=S-1-5-21-2153326666-2176343378-3404031434-1107, " "<quote>ldap_idmap_range_size</quote> must be at least 1108 as range size is " -"equal to maximal SID minus minimal SID plus one (e.g. 1108 = 1107 - 0 + 1)." +"equal to maximal RID minus minimal RID plus one (e.g. 1108 = 1107 - 0 + 1)." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> diff --git a/src/man/po/ca.po b/src/man/po/ca.po index bddcd4c7523..fa7d0681c52 100644 --- a/src/man/po/ca.po +++ b/src/man/po/ca.po @@ -14,7 +14,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 2.3.0\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2024-10-15 11:44+0200\n" +"POT-Creation-Date: 2024-12-10 14:33+0100\n" "PO-Revision-Date: 2015-10-18 04:13-0400\n" "Last-Translator: Robert Antoni Buj Gelonch <rbuj@fedoraproject.org>\n" "Language-Team: Catalan (http://www.transifex.com/projects/p/sssd/language/" @@ -147,19 +147,19 @@ msgstr "" #| "<filename>sssd.conf</filename> must be a regular file, owned by root and " #| "only root may read from or write to the file." msgid "" -"<filename>sssd.conf</filename> must be a regular file that is owned, " -"readable, and writeable by the same user as configured to run SSSD service." +"<filename>sssd.conf</filename> must be a regular file that is accessible " +"only by the user used to run SSSD service or root." msgstr "" "<filename>sssd.conf</filename> ha de ser un fitxer normal, amb root com a " "propietari i només l'usuari root hi pot llegir o escriure." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:67 +#: sssd.conf.5.xml:66 msgid "CONFIGURATION SNIPPETS FROM INCLUDE DIRECTORY" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:70 +#: sssd.conf.5.xml:69 msgid "" "The configuration file <filename>sssd.conf</filename> will include " "configuration snippets using the include directory <filename>conf.d</" @@ -167,7 +167,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:76 +#: sssd.conf.5.xml:75 msgid "" "Any file placed in <filename>conf.d</filename> that ends in " "<quote><filename>.conf</filename></quote> and does not begin with a dot " @@ -176,7 +176,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:84 +#: sssd.conf.5.xml:83 msgid "" "The configuration snippets from <filename>conf.d</filename> have higher " "priority than <filename>sssd.conf</filename> and will override " @@ -189,40 +189,40 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:98 +#: sssd.conf.5.xml:97 msgid "" "The snippet files require the same owner and permissions as <filename>sssd." "conf</filename>." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:104 +#: sssd.conf.5.xml:103 msgid "GENERAL OPTIONS" msgstr "OPCIONS GENERALS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:106 +#: sssd.conf.5.xml:105 msgid "Following options are usable in more than one configuration sections." msgstr "" "Les següents opcions es poden utilitzar en més d'una secció de configuració." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:110 +#: sssd.conf.5.xml:109 msgid "Options usable in all sections" msgstr "Opcions que es poden utilitzar en totes les seccions" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:114 +#: sssd.conf.5.xml:113 msgid "debug_level (integer)" msgstr "debug_level (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:118 +#: sssd.conf.5.xml:117 msgid "debug (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:121 +#: sssd.conf.5.xml:120 msgid "" "SSSD 1.14 and later also includes the <replaceable>debug</replaceable> alias " "for <replaceable>debug_level</replaceable> as a convenience feature. If both " @@ -231,12 +231,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:131 +#: sssd.conf.5.xml:130 msgid "debug_timestamps (bool)" msgstr "debug_timestamps (booleà)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:134 +#: sssd.conf.5.xml:133 msgid "" "Add a timestamp to the debug messages. If journald is enabled for SSSD " "debug logging this option is ignored." @@ -246,23 +246,23 @@ msgstr "" "opció." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 sssd.conf.5.xml:176 sssd.conf.5.xml:338 -#: sssd.conf.5.xml:698 sssd.conf.5.xml:713 sssd.conf.5.xml:923 -#: sssd.conf.5.xml:1041 sssd.conf.5.xml:2169 sssd-ldap.5.xml:920 -#: sssd-ldap.5.xml:1074 sssd-ldap.5.xml:1177 sssd-ldap.5.xml:1246 -#: sssd-ldap.5.xml:1654 sssd-ldap.5.xml:1788 sssd-ldap.5.xml:1853 -#: sssd-ipa.5.xml:347 sssd-ad.5.xml:252 sssd-ad.5.xml:367 sssd-ad.5.xml:1201 -#: sssd-ad.5.xml:1354 sssd-krb5.5.xml:358 +#: sssd.conf.5.xml:138 sssd.conf.5.xml:175 sssd.conf.5.xml:337 +#: sssd.conf.5.xml:701 sssd.conf.5.xml:716 sssd.conf.5.xml:926 +#: sssd.conf.5.xml:1044 sssd.conf.5.xml:2172 sssd-ldap.5.xml:931 +#: sssd-ldap.5.xml:1085 sssd-ldap.5.xml:1188 sssd-ldap.5.xml:1257 +#: sssd-ldap.5.xml:1665 sssd-ldap.5.xml:1799 sssd-ldap.5.xml:1864 +#: sssd-ipa.5.xml:361 sssd-ad.5.xml:252 sssd-ad.5.xml:367 sssd-ad.5.xml:1204 +#: sssd-ad.5.xml:1371 sssd-krb5.5.xml:358 msgid "Default: true" msgstr "Per defecte: true" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:144 +#: sssd.conf.5.xml:143 msgid "debug_microseconds (bool)" msgstr "debug_microseconds (booleà)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:147 +#: sssd.conf.5.xml:146 msgid "" "Add microseconds to the timestamp in debug messages. If journald is enabled " "for SSSD debug logging this option is ignored." @@ -272,29 +272,29 @@ msgstr "" "aleshores s'ignora aquesta opció." #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:152 sssd.conf.5.xml:636 sssd.conf.5.xml:920 -#: sssd.conf.5.xml:2072 sssd.conf.5.xml:2139 sssd.conf.5.xml:4231 -#: sssd-ldap.5.xml:313 sssd-ldap.5.xml:939 sssd-ldap.5.xml:1149 -#: sssd-ldap.5.xml:1603 sssd-ldap.5.xml:1877 sssd-ipa.5.xml:152 -#: sssd-ipa.5.xml:254 sssd-ipa.5.xml:662 sssd-ad.5.xml:1107 sssd-krb5.5.xml:268 +#: sssd.conf.5.xml:151 sssd.conf.5.xml:639 sssd.conf.5.xml:923 +#: sssd.conf.5.xml:2075 sssd.conf.5.xml:2142 sssd.conf.5.xml:4234 +#: sssd-ldap.5.xml:324 sssd-ldap.5.xml:950 sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1888 sssd-ipa.5.xml:152 +#: sssd-ipa.5.xml:254 sssd-ipa.5.xml:726 sssd-ad.5.xml:1107 sssd-krb5.5.xml:268 #: sssd-krb5.5.xml:330 sssd-krb5.5.xml:432 include/krb5_options.xml:163 msgid "Default: false" msgstr "Per defecte: false" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:157 +#: sssd.conf.5.xml:156 #, fuzzy #| msgid "debug_microseconds (bool)" msgid "debug_backtrace_enabled (bool)" msgstr "debug_microseconds (booleà)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:160 +#: sssd.conf.5.xml:159 msgid "Enable debug backtrace." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:163 +#: sssd.conf.5.xml:162 msgid "" "In case SSSD is run with debug_level less than 9, everything is logged to a " "ring buffer in memory and flushed to a log file on any error up to and " @@ -304,15 +304,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:172 +#: sssd.conf.5.xml:171 msgid "" "Feature is only supported for `logger == files` (i.e. setting doesn't have " "effect for other logger types)." msgstr "" #. type: Content of: outside any tag (error?) -#: sssd.conf.5.xml:112 sssd.conf.5.xml:187 sssd-ldap.5.xml:1694 -#: sssd-ldap.5.xml:1900 sss-certmap.5.xml:645 sssd-systemtap.5.xml:82 +#: sssd.conf.5.xml:111 sssd.conf.5.xml:186 sssd-ldap.5.xml:1705 +#: sssd-ldap.5.xml:1911 sss-certmap.5.xml:645 sssd-systemtap.5.xml:82 #: sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 #: sssd-systemtap.5.xml:330 sssd-ldap-attributes.5.xml:40 #: sssd-ldap-attributes.5.xml:661 sssd-ldap-attributes.5.xml:803 @@ -324,17 +324,17 @@ msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:185 +#: sssd.conf.5.xml:184 msgid "Options usable in SERVICE and DOMAIN sections" msgstr "Opcions que es poden utilitzar a les seccions SERVEI i DOMINI" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:189 +#: sssd.conf.5.xml:188 msgid "timeout (integer)" msgstr "timeout (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:192 +#: sssd.conf.5.xml:191 msgid "" "Timeout in seconds between heartbeats for this service. This is used to " "ensure that the process is alive and capable of answering requests. Note " @@ -342,33 +342,33 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:199 sssd.conf.5.xml:1261 sssd.conf.5.xml:1738 -#: sssd.conf.5.xml:4247 sssd-ldap.5.xml:766 include/ldap_id_mapping.xml:270 +#: sssd.conf.5.xml:198 sssd.conf.5.xml:1264 sssd.conf.5.xml:1741 +#: sssd.conf.5.xml:4250 sssd-ldap.5.xml:777 include/ldap_id_mapping.xml:270 msgid "Default: 10" msgstr "Per defecte: 10" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:209 +#: sssd.conf.5.xml:208 msgid "SPECIAL SECTIONS" msgstr "SECCIONS ESPECIALS" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:212 +#: sssd.conf.5.xml:211 msgid "The [sssd] section" msgstr "La secció [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><title> -#: sssd.conf.5.xml:221 +#: sssd.conf.5.xml:220 msgid "Section parameters" msgstr "Paràmetres de la secció" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:223 +#: sssd.conf.5.xml:222 msgid "services" msgstr "services" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:226 +#: sssd.conf.5.xml:225 msgid "" "Comma separated list of services that are started when sssd itself starts. " "<phrase condition=\"have_systemd\"> The services' list is optional on " @@ -377,7 +377,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:235 +#: sssd.conf.5.xml:234 #, fuzzy #| msgid "" #| "Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</" @@ -398,7 +398,7 @@ msgstr "" "condition=\"with_ifp\">, ifp</phrase>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:242 +#: sssd.conf.5.xml:241 msgid "" "<phrase condition=\"have_systemd\"> By default, all services are disabled " "and the administrator must enable the ones allowed to be used by executing: " @@ -406,12 +406,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:251 +#: sssd.conf.5.xml:250 msgid "domains" msgstr "domains" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:254 +#: sssd.conf.5.xml:253 msgid "" "A domain is a database containing user information. SSSD can use more " "domains at the same time, but at least one must be configured or SSSD won't " @@ -422,12 +422,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:267 sssd.conf.5.xml:3535 +#: sssd.conf.5.xml:266 sssd.conf.5.xml:3538 msgid "re_expression (string)" msgstr "re_expression (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:270 +#: sssd.conf.5.xml:269 msgid "" "Default regular expression that describes how to parse the string containing " "user name and domain into these components." @@ -436,7 +436,7 @@ msgstr "" "conté el nom d'usuari i el domini en aquests components." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:275 +#: sssd.conf.5.xml:274 msgid "" "Each domain can have an individual regular expression configured. For some " "ID providers there are also default regular expressions. See DOMAIN SECTIONS " @@ -444,12 +444,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:284 sssd.conf.5.xml:3592 +#: sssd.conf.5.xml:283 sssd.conf.5.xml:3595 msgid "full_name_format (string)" msgstr "full_name_format (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:3595 +#: sssd.conf.5.xml:286 sssd.conf.5.xml:3598 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -460,40 +460,40 @@ msgstr "" "compondre un FQN des dels components del nom d'usuari i del nom del domini." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:298 sssd.conf.5.xml:3606 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:3609 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 sssd.conf.5.xml:3607 +#: sssd.conf.5.xml:298 sssd.conf.5.xml:3610 msgid "user name" msgstr "nom d'usuari" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:302 sssd.conf.5.xml:3610 +#: sssd.conf.5.xml:301 sssd.conf.5.xml:3613 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:305 sssd.conf.5.xml:3613 +#: sssd.conf.5.xml:304 sssd.conf.5.xml:3616 msgid "domain name as specified in the SSSD config file." msgstr "" "el nom del domini tal com s'especifica al fitxer de configuració de l'SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:311 sssd.conf.5.xml:3619 +#: sssd.conf.5.xml:310 sssd.conf.5.xml:3622 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:314 sssd.conf.5.xml:3622 +#: sssd.conf.5.xml:313 sssd.conf.5.xml:3625 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:295 sssd.conf.5.xml:3603 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:3606 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -502,31 +502,31 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:324 +#: sssd.conf.5.xml:323 msgid "" "Each domain can have an individual format string configured. See DOMAIN " "SECTIONS for more info on this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:330 +#: sssd.conf.5.xml:329 msgid "monitor_resolv_conf (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:333 +#: sssd.conf.5.xml:332 msgid "" "Controls if SSSD should monitor the state of resolv.conf to identify when it " "needs to update its internal DNS resolver." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:343 +#: sssd.conf.5.xml:342 msgid "try_inotify (boolean)" msgstr "try_inotify (booleà)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:346 +#: sssd.conf.5.xml:345 msgid "" "By default, SSSD will attempt to use inotify to monitor configuration files " "changes and will fall back to polling every five seconds if inotify cannot " @@ -534,7 +534,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:352 +#: sssd.conf.5.xml:351 msgid "" "There are some limited situations where it is preferred that we should skip " "even trying to use inotify. In these rare cases, this option should be set " @@ -545,7 +545,7 @@ msgstr "" "d'establir aquesta opció a «false»" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:358 +#: sssd.conf.5.xml:357 msgid "" "Default: true on platforms where inotify is supported. False on other " "platforms." @@ -554,7 +554,7 @@ msgstr "" "altres plataformes." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:362 +#: sssd.conf.5.xml:361 msgid "" "Note: this option will have no effect on platforms where inotify is " "unavailable. On these platforms, polling will always be used." @@ -563,12 +563,12 @@ msgstr "" "disponible. En aquestes plataformes, sempre s'utilitzarà el sondeig." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 +#: sssd.conf.5.xml:368 msgid "krb5_rcache_dir (string)" msgstr "krb5_rcache_dir (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 +#: sssd.conf.5.xml:371 msgid "" "Directory on the filesystem where SSSD should store Kerberos replay cache " "files." @@ -577,7 +577,7 @@ msgstr "" "cau de repetició del Kerberos." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:376 +#: sssd.conf.5.xml:375 msgid "" "This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " "SSSD to let libkrb5 decide the appropriate location for the replay cache." @@ -587,7 +587,7 @@ msgstr "" "auxiliar de reproducció." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:382 +#: sssd.conf.5.xml:381 msgid "" "Default: Distribution-specific and specified at build-time. " "(__LIBKRB5_DEFAULTS__ if not configured)" @@ -596,12 +596,12 @@ msgstr "" "construcció. (__LIBKRB5_DEFAULTS__ si no està configurat)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:389 +#: sssd.conf.5.xml:388 msgid "user (string)" msgstr "user (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:392 +#: sssd.conf.5.xml:391 msgid "" "A legacy (deprecated) method to configure the user to drop the privileges to " "where appropriate to avoid running as the root user. The only supported " @@ -609,14 +609,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 +#: sssd.conf.5.xml:398 msgid "" "This option is ignored if main SSSD process is started under non-root user " "initially (preferred method)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:404 +#: sssd.conf.5.xml:403 msgid "" "This option doesn't apply to socket activated services, as in this case the " "user to run the processes is configured in systemd service files. Keep in " @@ -626,17 +626,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:415 +#: sssd.conf.5.xml:414 msgid "Default: not set, process will run as root" msgstr "Per defecte: sense establir, els processos s'executaran com a root" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:420 +#: sssd.conf.5.xml:419 msgid "default_domain_suffix (string)" msgstr "default_domain_suffix (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:423 +#: sssd.conf.5.xml:422 +msgid "" +"Please note that this option is deprecated and domain_resolution_order " +"should be used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:426 msgid "" "This string will be used as a default domain name for all names without a " "domain name component. The main use case is environments where the primary " @@ -652,7 +659,7 @@ msgstr "" "nom d'usuari sense donar també un nom de domini." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 +#: sssd.conf.5.xml:436 msgid "" "Please note that if this option is set all users from the primary domain " "have to use their fully qualified name, e.g. user@domain.name, to log in. " @@ -665,8 +672,8 @@ msgid "" msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:450 sssd-ldap.5.xml:878 sssd-ldap.5.xml:890 -#: sssd-ldap.5.xml:983 sssd-ad.5.xml:921 sssd-ad.5.xml:996 sssd-krb5.5.xml:468 +#: sssd.conf.5.xml:453 sssd-ldap.5.xml:889 sssd-ldap.5.xml:901 +#: sssd-ldap.5.xml:994 sssd-ad.5.xml:921 sssd-ad.5.xml:996 sssd-krb5.5.xml:468 #: sssd-ldap-attributes.5.xml:470 sssd-ldap-attributes.5.xml:978 #: include/ldap_id_mapping.xml:211 include/ldap_id_mapping.xml:222 #: include/krb5_options.xml:148 @@ -674,12 +681,12 @@ msgid "Default: not set" msgstr "Per defecte: sense establir" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:455 +#: sssd.conf.5.xml:458 msgid "override_space (string)" msgstr "override_space (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:458 +#: sssd.conf.5.xml:461 msgid "" "This parameter will replace spaces (space bar) with the given character for " "user and group names. e.g. (_). User name "john doe" will be " @@ -689,7 +696,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:467 +#: sssd.conf.5.xml:470 msgid "" "Please note it is a configuration error to use a replacement character that " "might be used in user or group names. If a name contains the replacement " @@ -698,22 +705,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:475 +#: sssd.conf.5.xml:478 msgid "Default: not set (spaces will not be replaced)" msgstr "Per defecte: sense establir (no se substituiran els espais)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:480 +#: sssd.conf.5.xml:483 msgid "certificate_verification (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:488 +#: sssd.conf.5.xml:491 msgid "no_ocsp" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:490 +#: sssd.conf.5.xml:493 msgid "" "Disables Online Certificate Status Protocol (OCSP) checks. This might be " "needed if the OCSP servers defined in the certificate are not reachable from " @@ -721,12 +728,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:498 +#: sssd.conf.5.xml:501 msgid "soft_ocsp" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:500 +#: sssd.conf.5.xml:503 msgid "" "If a connection cannot be established to an OCSP responder the OCSP check is " "skipped. This option should be used to allow authentication when the system " @@ -734,61 +741,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:510 +#: sssd.conf.5.xml:513 msgid "ocsp_dgst" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:512 +#: sssd.conf.5.xml:515 msgid "" "Digest (hash) function used to create the certificate ID for the OCSP " "request. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:516 +#: sssd.conf.5.xml:519 msgid "sha1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:517 +#: sssd.conf.5.xml:520 msgid "sha256" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:518 +#: sssd.conf.5.xml:521 msgid "sha384" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:519 +#: sssd.conf.5.xml:522 msgid "sha512" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:522 +#: sssd.conf.5.xml:525 msgid "Default: sha1 (to allow compatibility with RFC5019-compliant responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:528 +#: sssd.conf.5.xml:531 msgid "no_verification" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:530 +#: sssd.conf.5.xml:533 msgid "" "Disables verification completely. This option should only be used for " "testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:536 +#: sssd.conf.5.xml:539 msgid "partial_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:538 +#: sssd.conf.5.xml:541 msgid "" "Allow verification to succeed even if a <replaceable>complete</replaceable> " "chain cannot be built to a self-signed trust-anchor, provided it is possible " @@ -796,12 +803,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:547 +#: sssd.conf.5.xml:550 msgid "ocsp_default_responder=URL" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:549 +#: sssd.conf.5.xml:552 msgid "" "Sets the OCSP default responder which should be used instead of the one " "mentioned in the certificate. URL must be replaced with the URL of the OCSP " @@ -809,24 +816,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:559 +#: sssd.conf.5.xml:562 msgid "ocsp_default_responder_signing_cert=NAME" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:561 +#: sssd.conf.5.xml:564 msgid "" "This option is currently ignored. All needed certificates must be available " "in the PEM file given by pam_cert_db_path." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:569 +#: sssd.conf.5.xml:572 msgid "crl_file=/PATH/TO/CRL/FILE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:571 +#: sssd.conf.5.xml:574 #, fuzzy #| msgid "" #| "The skeleton directory, which contains files and directories to be copied " @@ -845,12 +852,12 @@ msgstr "" "manvolnum></citerefentry>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:584 +#: sssd.conf.5.xml:587 msgid "soft_crl" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:587 +#: sssd.conf.5.xml:590 msgid "" "If a Certificate Revocation List (CRL) is expired ignore the expiration " "time of the CRL and check the related certificates with the expired CRL. " @@ -859,7 +866,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:483 +#: sssd.conf.5.xml:486 msgid "" "With this parameter the certificate verification can be tuned with a comma " "separated list of options. Supported options are: <placeholder " @@ -867,58 +874,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 +#: sssd.conf.5.xml:603 msgid "Unknown options are reported but ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:603 +#: sssd.conf.5.xml:606 msgid "Default: not set, i.e. do not restrict certificate verification" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:609 +#: sssd.conf.5.xml:612 msgid "disable_netlink (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:612 +#: sssd.conf.5.xml:615 msgid "" "SSSD hooks into the netlink interface to monitor changes to routes, " "addresses, links and trigger certain actions." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 +#: sssd.conf.5.xml:620 msgid "" "The SSSD state changes caused by netlink events may be undesirable and can " "be disabled by setting this option to 'true'" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:622 +#: sssd.conf.5.xml:625 msgid "Default: false (netlink changes are detected)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:627 +#: sssd.conf.5.xml:630 msgid "enable_files_domain (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:630 +#: sssd.conf.5.xml:633 msgid "" "When this option is enabled, SSSD prepends an implicit domain with " "<quote>id_provider=files</quote> before any explicitly configured domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:641 +#: sssd.conf.5.xml:644 msgid "domain_resolution_order" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:644 +#: sssd.conf.5.xml:647 msgid "" "Comma separated list of domains and subdomains representing the lookup order " "that will be followed. The list doesn't have to include all possible " @@ -929,7 +936,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:656 +#: sssd.conf.5.xml:659 msgid "" "Please, note that when this option is set the output format of all commands " "is always fully-qualified even when using short names for input <phrase " @@ -947,20 +954,20 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:684 sssd.conf.5.xml:1762 sssd.conf.5.xml:4297 +#: sssd.conf.5.xml:687 sssd.conf.5.xml:1765 sssd.conf.5.xml:4300 #: sssd-ad.5.xml:187 sssd-ad.5.xml:328 sssd-ad.5.xml:342 msgid "Default: Not set" msgstr "Per defecte: Sense establir" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:692 #, fuzzy #| msgid "ipa_server_mode (boolean)" msgid "implicit_pac_responder (boolean)" msgstr "ipa_server_mode (booleà)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 +#: sssd.conf.5.xml:695 msgid "" "The PAC responder is enabled automatically for the IPA and AD provider to " "evaluate and check the PAC. If it has to be disabled set this option to " @@ -968,14 +975,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:703 +#: sssd.conf.5.xml:706 #, fuzzy #| msgid "ad_enable_gc (boolean)" msgid "core_dumpable (boolean)" msgstr "ad_enable_gc (booleà)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:706 +#: sssd.conf.5.xml:709 msgid "" "This option can be used for general system hardening: setting it to 'false' " "forbids core dumps for all SSSD processes to avoid leaking plain text " @@ -983,28 +990,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:718 +#: sssd.conf.5.xml:721 #, fuzzy #| msgid "ldap_user_certificate (string)" msgid "passkey_verification (string)" msgstr "ldap_user_certificate (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:726 +#: sssd.conf.5.xml:729 #, fuzzy #| msgid "ldap_user_certificate (string)" msgid "user_verification (boolean)" msgstr "ldap_user_certificate (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 +#: sssd.conf.5.xml:731 msgid "" "Enable or disable the user verification (i.e. PIN, fingerprint) during " "authentication. If enabled, the PIN will always be requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 +#: sssd.conf.5.xml:737 msgid "" "The default is that the key settings decide what to do. In the IPA or " "kerberos pre-authentication case, this value will be overwritten by the " @@ -1012,7 +1019,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:721 +#: sssd.conf.5.xml:724 #, fuzzy #| msgid "" #| "The following expansions are supported: <placeholder " @@ -1026,7 +1033,7 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:214 +#: sssd.conf.5.xml:213 msgid "" "Individual pieces of SSSD functionality are provided by special SSSD " "services that are started and stopped together with SSSD. The services are " @@ -1043,12 +1050,12 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:753 +#: sssd.conf.5.xml:756 msgid "SERVICES SECTIONS" msgstr "SECCIONS DELS SERVEIS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:755 +#: sssd.conf.5.xml:758 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -1061,22 +1068,22 @@ msgstr "" "quote>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:762 +#: sssd.conf.5.xml:765 msgid "General service configuration options" msgstr "Opcions de configuració del servei general" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:764 +#: sssd.conf.5.xml:767 msgid "These options can be used to configure any service." msgstr "Es poden utilitzar aquestes opcions per configurar qualsevol servei." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:768 +#: sssd.conf.5.xml:771 msgid "fd_limit" msgstr "fd_limit" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:771 +#: sssd.conf.5.xml:774 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -1086,17 +1093,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:780 +#: sssd.conf.5.xml:783 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:785 +#: sssd.conf.5.xml:788 msgid "client_idle_timeout" msgstr "client_idle_timeout" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:788 +#: sssd.conf.5.xml:791 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " @@ -1106,19 +1113,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:797 +#: sssd.conf.5.xml:800 #, fuzzy #| msgid "Default: 300" msgid "Default: 60, KCM: 300" msgstr "Per defecte: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 +#: sssd.conf.5.xml:805 msgid "offline_timeout (integer)" msgstr "offline_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 +#: sssd.conf.5.xml:808 msgid "" "When SSSD switches to offline mode the amount of time before it tries to go " "back online will increase based upon the time spent disconnected. By " @@ -1129,14 +1136,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:816 sssd.conf.5.xml:872 +#: sssd.conf.5.xml:819 sssd.conf.5.xml:875 msgid "" "new_delay = Minimum(old_delay * 2, offline_timeout_max) + random[0..." "offline_timeout_random_offset]" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:822 msgid "" "The offline_timeout default value is 60. The offline_timeout_max default " "value is 3600. The offline_timeout_random_offset default value is 30. The " @@ -1144,46 +1151,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:825 +#: sssd.conf.5.xml:828 msgid "" "Note that the maximum length of each interval is defined by " "offline_timeout_max (apart of random part)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:829 sssd.conf.5.xml:1172 sssd.conf.5.xml:1555 -#: sssd.conf.5.xml:1851 sssd-ldap.5.xml:495 +#: sssd.conf.5.xml:832 sssd.conf.5.xml:1175 sssd.conf.5.xml:1558 +#: sssd.conf.5.xml:1854 sssd-ldap.5.xml:506 msgid "Default: 60" msgstr "Per defecte: 60" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:834 +#: sssd.conf.5.xml:837 #, fuzzy #| msgid "offline_timeout (integer)" msgid "offline_timeout_max (integer)" msgstr "offline_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:837 +#: sssd.conf.5.xml:840 msgid "" "Controls by how much the time between attempts to go online can be " "incremented following unsuccessful attempts to go online." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:842 +#: sssd.conf.5.xml:845 msgid "A value of 0 disables the incrementing behaviour." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:845 +#: sssd.conf.5.xml:848 msgid "" "The value of this parameter should be set in correlation to offline_timeout " "parameter value." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:849 +#: sssd.conf.5.xml:852 msgid "" "With offline_timeout set to 60 (default value) there is no point in setting " "offlinet_timeout_max to less than 120 as it will saturate instantly. General " @@ -1192,66 +1199,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:858 msgid "" "Although a value between 0 and offline_timeout may be specified, it has the " "effect of overriding the offline_timeout value so is of little use." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:863 #, fuzzy #| msgid "Default: 300" msgid "Default: 3600" msgstr "Per defecte: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:865 +#: sssd.conf.5.xml:868 #, fuzzy #| msgid "offline_timeout + random_offset" msgid "offline_timeout_random_offset (integer)" msgstr "offline_timeout + random_offset" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:868 +#: sssd.conf.5.xml:871 msgid "" "When SSSD is in offline mode it keeps probing backend servers in specified " "time intervals:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:875 +#: sssd.conf.5.xml:878 msgid "" "This parameter controls the value of the random offset used for the above " "equation. Final random_offset value will be random number in range:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:880 +#: sssd.conf.5.xml:883 #, fuzzy #| msgid "offline_timeout + random_offset" msgid "[0 - offline_timeout_random_offset]" msgstr "offline_timeout + random_offset" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:883 +#: sssd.conf.5.xml:886 msgid "A value of 0 disables the random offset addition." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:886 +#: sssd.conf.5.xml:889 #, fuzzy #| msgid "Default: 300" msgid "Default: 30" msgstr "Per defecte: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:894 msgid "responder_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:894 +#: sssd.conf.5.xml:897 msgid "" "This option specifies the number of seconds that an SSSD responder process " "can be up without being used. This value is limited in order to avoid " @@ -1263,30 +1270,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:908 sssd.conf.5.xml:1185 sssd.conf.5.xml:2304 -#: sssd-ldap.5.xml:332 +#: sssd.conf.5.xml:911 sssd.conf.5.xml:1188 sssd.conf.5.xml:2307 +#: sssd-ldap.5.xml:343 msgid "Default: 300" msgstr "Per defecte: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:913 +#: sssd.conf.5.xml:916 msgid "cache_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:916 +#: sssd.conf.5.xml:919 msgid "" "This option specifies whether the responder should query all caches before " "querying the Data Providers." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:934 msgid "NSS configuration options" msgstr "Opcions de configuració de l'NSS" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:933 +#: sssd.conf.5.xml:936 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" @@ -1294,12 +1301,12 @@ msgstr "" "Service Switch)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:938 +#: sssd.conf.5.xml:941 msgid "enum_cache_timeout (integer)" msgstr "enum_cache_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:941 +#: sssd.conf.5.xml:944 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" @@ -1308,17 +1315,17 @@ msgstr "" "(peticions d'informació sobre tots els usuaris)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:945 +#: sssd.conf.5.xml:948 msgid "Default: 120" msgstr "Per defecte: 120" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:950 +#: sssd.conf.5.xml:953 msgid "entry_cache_nowait_percentage (integer)" msgstr "entry_cache_nowait_percentage (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:956 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -1329,7 +1336,7 @@ msgstr "" "valor entry_cache_timeout per al domini." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:959 +#: sssd.conf.5.xml:962 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -1345,7 +1352,7 @@ msgstr "" "peticions que esperen per a una actualització de la memòria cau." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:969 +#: sssd.conf.5.xml:972 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -1358,17 +1365,17 @@ msgstr "" "(0 desactiva aquesta característica)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:977 sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:980 sssd.conf.5.xml:2096 msgid "Default: 50" msgstr "Per defecte: 50" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:985 msgid "entry_negative_timeout (integer)" msgstr "entry_negative_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:985 +#: sssd.conf.5.xml:988 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -1380,17 +1387,17 @@ msgstr "" "altra vegada." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:991 sssd.conf.5.xml:1750 sssd.conf.5.xml:2117 +#: sssd.conf.5.xml:994 sssd.conf.5.xml:1753 sssd.conf.5.xml:2120 msgid "Default: 15" msgstr "Per defecte: 15" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:996 +#: sssd.conf.5.xml:999 msgid "local_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:999 +#: sssd.conf.5.xml:1002 msgid "" "Specifies for how many seconds nss_sss should keep local users and groups in " "negative cache before trying to look it up in the back end again. Setting " @@ -1398,17 +1405,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1005 +#: sssd.conf.5.xml:1008 msgid "Default: 14400 (4 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1013 msgid "filter_users, filter_groups (string)" msgstr "filter_users, filter_groups (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1013 +#: sssd.conf.5.xml:1016 msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " @@ -1417,7 +1424,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1024 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1426,17 +1433,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1029 +#: sssd.conf.5.xml:1032 msgid "Default: root" msgstr "Per defecte: root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1037 msgid "filter_users_in_groups (bool)" msgstr "filter_users_in_groups (booleà)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1037 +#: sssd.conf.5.xml:1040 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" @@ -1444,12 +1451,12 @@ msgstr "" "aquesta opció a false." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1048 +#: sssd.conf.5.xml:1051 msgid "fallback_homedir (string)" msgstr "fallback_homedir (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 +#: sssd.conf.5.xml:1054 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." @@ -1458,7 +1465,7 @@ msgstr "" "si no se n'especifica cap explícitament amb el proveïdor de dades del domini." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1056 +#: sssd.conf.5.xml:1059 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" @@ -1466,7 +1473,7 @@ msgstr "" "override_homedir." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1062 +#: sssd.conf.5.xml:1065 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1476,25 +1483,25 @@ msgstr "" " " #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 sssd.conf.5.xml:1622 sssd.conf.5.xml:1641 -#: sssd.conf.5.xml:1718 sssd-krb5.5.xml:451 include/override_homedir.xml:66 +#: sssd.conf.5.xml:1063 sssd.conf.5.xml:1625 sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1721 sssd-krb5.5.xml:451 include/override_homedir.xml:66 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "exemple: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1069 msgid "Default: not set (no substitution for unset home directories)" msgstr "" "Per defecte: sense establir (cap substitució per als directoris inicials no " "establerts)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1072 +#: sssd.conf.5.xml:1075 msgid "override_shell (string)" msgstr "override_shell (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 +#: sssd.conf.5.xml:1078 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1505,18 +1512,18 @@ msgstr "" "pot configurar ja sigui en la secció [nss] o per cada domini." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1084 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" "Per defecte: sense establir (SSSD utilitzarà el valor recuperat del LDAP)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1090 msgid "allowed_shells (string)" msgstr "allowed_shells (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1093 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" @@ -1524,31 +1531,31 @@ msgstr "" "d'avaluació és:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:1096 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "1. Si el shell està present al <quote>/etc/shells</quote>, s'utilitza." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1097 +#: sssd.conf.5.xml:1100 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1105 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 +#: sssd.conf.5.xml:1110 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1110 +#: sssd.conf.5.xml:1113 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1556,117 +1563,117 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1117 +#: sssd.conf.5.xml:1120 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1123 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1127 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1132 msgid "vetoed_shells (string)" msgstr "vetoed_shells (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1132 +#: sssd.conf.5.xml:1135 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1140 msgid "shell_fallback (string)" msgstr "shell_fallback (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1143 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1147 msgid "Default: /bin/sh" msgstr "Per defecte: /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1152 msgid "default_shell" msgstr "default_shell" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1155 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1161 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 sssd.conf.5.xml:1548 +#: sssd.conf.5.xml:1168 sssd.conf.5.xml:1551 msgid "get_domains_timeout (int)" msgstr "get_domains_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 sssd.conf.5.xml:1551 +#: sssd.conf.5.xml:1171 sssd.conf.5.xml:1554 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1180 #, fuzzy #| msgid "enum_cache_timeout (integer)" msgid "memcache_timeout (integer)" msgstr "enum_cache_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1180 +#: sssd.conf.5.xml:1183 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1191 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 sssd.conf.5.xml:1219 sssd.conf.5.xml:1244 -#: sssd.conf.5.xml:1269 sssd.conf.5.xml:1296 +#: sssd.conf.5.xml:1197 sssd.conf.5.xml:1222 sssd.conf.5.xml:1247 +#: sssd.conf.5.xml:1272 sssd.conf.5.xml:1299 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1202 +#: sssd.conf.5.xml:1205 #, fuzzy #| msgid "enum_cache_timeout (integer)" msgid "memcache_size_passwd (integer)" msgstr "enum_cache_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1205 +#: sssd.conf.5.xml:1208 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for passwd requests. Setting the size to 0 will disable the passwd in-" @@ -1674,27 +1681,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:2963 sssd-ldap.5.xml:549 +#: sssd.conf.5.xml:1214 sssd.conf.5.xml:2966 sssd-ldap.5.xml:560 msgid "Default: 8" msgstr "Per defecte: 8" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1214 sssd.conf.5.xml:1239 sssd.conf.5.xml:1264 -#: sssd.conf.5.xml:1291 +#: sssd.conf.5.xml:1217 sssd.conf.5.xml:1242 sssd.conf.5.xml:1267 +#: sssd.conf.5.xml:1294 msgid "" "WARNING: Disabled or too small in-memory cache can have significant negative " "impact on SSSD's performance." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1230 #, fuzzy #| msgid "enum_cache_timeout (integer)" msgid "memcache_size_group (integer)" msgstr "enum_cache_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1233 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for group requests. Setting the size to 0 will disable the group in-memory " @@ -1702,21 +1709,21 @@ msgid "" msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1236 sssd.conf.5.xml:1288 sssd.conf.5.xml:3724 -#: sssd-ldap.5.xml:474 sssd-ldap.5.xml:526 include/failover.xml:116 +#: sssd.conf.5.xml:1239 sssd.conf.5.xml:1291 sssd.conf.5.xml:3727 +#: sssd-ldap.5.xml:485 sssd-ldap.5.xml:537 include/failover.xml:116 #: include/krb5_options.xml:11 msgid "Default: 6" msgstr "Per defecte: 6" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1252 +#: sssd.conf.5.xml:1255 #, fuzzy #| msgid "enum_cache_timeout (integer)" msgid "memcache_size_initgroups (integer)" msgstr "enum_cache_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1255 +#: sssd.conf.5.xml:1258 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for initgroups requests. Setting the size to 0 will disable the initgroups " @@ -1724,14 +1731,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 +#: sssd.conf.5.xml:1280 #, fuzzy #| msgid "enum_cache_timeout (integer)" msgid "memcache_size_sid (integer)" msgstr "enum_cache_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 +#: sssd.conf.5.xml:1283 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for SID related requests. Only SID-by-ID and ID-by-SID requests are " @@ -1740,12 +1747,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1304 sssd-ifp.5.xml:90 +#: sssd.conf.5.xml:1307 sssd-ifp.5.xml:90 msgid "user_attributes (string)" msgstr "user_attributes (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1307 +#: sssd.conf.5.xml:1310 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1756,45 +1763,45 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1320 +#: sssd.conf.5.xml:1323 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1325 +#: sssd.conf.5.xml:1328 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1330 +#: sssd.conf.5.xml:1333 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1336 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1341 #, fuzzy #| msgid "Default: <quote>permit</quote>" msgid "Default: <quote>*</quote>" msgstr "Per defecte: <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1341 +#: sssd.conf.5.xml:1344 msgid "" "Note: This option can also be set per-domain which overwrites the value in " "[nss] section." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1348 msgid "" "Default: <quote>not set</quote> (remote domains), <phrase " "condition=\"with_files_provider\"> <quote>x</quote> (the files domain), </" @@ -1803,12 +1810,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1360 msgid "PAM configuration options" msgstr "Opcions de configuració del PAM" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1359 +#: sssd.conf.5.xml:1362 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." @@ -1817,12 +1824,12 @@ msgstr "" "(Pluggable Authentication Module)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1364 +#: sssd.conf.5.xml:1367 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1367 +#: sssd.conf.5.xml:1370 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." @@ -1832,17 +1839,17 @@ msgstr "" "de sessió)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1372 sssd.conf.5.xml:1385 +#: sssd.conf.5.xml:1375 sssd.conf.5.xml:1388 msgid "Default: 0 (No limit)" msgstr "Per defecte: 0 (sense límit)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1381 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1384 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." @@ -1851,12 +1858,12 @@ msgstr "" "fallits es permet." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1391 +#: sssd.conf.5.xml:1394 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1394 +#: sssd.conf.5.xml:1397 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." @@ -1866,7 +1873,7 @@ msgstr "" "possible." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1399 +#: sssd.conf.5.xml:1402 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1874,17 +1881,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1405 sssd.conf.5.xml:1515 +#: sssd.conf.5.xml:1408 sssd.conf.5.xml:1518 msgid "Default: 5" msgstr "Per defecte: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1411 +#: sssd.conf.5.xml:1414 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1414 +#: sssd.conf.5.xml:1417 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." @@ -1893,45 +1900,45 @@ msgstr "" "l'autenticació. Com més gran sigui el nombre més missatges es mostren." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1422 msgid "Currently sssd supports the following values:" msgstr "L'sssd actualment admet els següents valors:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1422 +#: sssd.conf.5.xml:1425 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis>: no mostris cap missatge" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1425 +#: sssd.conf.5.xml:1428 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis>: Mostra només missatges importants" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1432 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis>: Mostra missatges informatius" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1435 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" "<emphasis>3</emphasis>: Mostra tots els missatges i informació de depuració" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1436 sssd.8.xml:63 +#: sssd.conf.5.xml:1439 sssd.8.xml:63 msgid "Default: 1" msgstr "Per defecte: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1442 +#: sssd.conf.5.xml:1445 #, fuzzy #| msgid "ad_access_filter (string)" msgid "pam_response_filter (string)" msgstr "ad_access_filter (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:1448 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1940,51 +1947,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1453 +#: sssd.conf.5.xml:1456 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1463 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1461 +#: sssd.conf.5.xml:1464 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1464 +#: sssd.conf.5.xml:1467 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1465 +#: sssd.conf.5.xml:1468 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:1472 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1470 +#: sssd.conf.5.xml:1473 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1458 +#: sssd.conf.5.xml:1461 msgid "" "Currently the following filters are supported: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1477 +#: sssd.conf.5.xml:1480 msgid "" "The list of strings can either be the list of filters which would set this " "list of filters and overwrite the defaults. Or each element of the list can " @@ -1995,23 +2002,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1488 +#: sssd.conf.5.xml:1491 msgid "Default: ENV:KRB5CCNAME:sudo, ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1491 +#: sssd.conf.5.xml:1494 msgid "" "Example: -ENV:KRB5CCNAME:sudo-i will remove the filter from the default list" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1498 +#: sssd.conf.5.xml:1501 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1501 +#: sssd.conf.5.xml:1504 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -2023,7 +2030,7 @@ msgstr "" "l'última informació." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1507 +#: sssd.conf.5.xml:1510 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -2037,17 +2044,17 @@ msgstr "" "excessives al proveïdor d'identitat." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1521 +#: sssd.conf.5.xml:1524 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1524 sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:1527 sssd.conf.5.xml:2990 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1527 +#: sssd.conf.5.xml:1530 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2055,32 +2062,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1533 sssd.conf.5.xml:2990 +#: sssd.conf.5.xml:1536 sssd.conf.5.xml:2993 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1541 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1543 sssd.conf.5.xml:3990 sssd-ldap.5.xml:607 -#: sssd-ldap.5.xml:1673 sssd.8.xml:79 +#: sssd.conf.5.xml:1546 sssd.conf.5.xml:3993 sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:1684 sssd.8.xml:79 msgid "Default: 0" msgstr "Per defecte: 0" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1560 +#: sssd.conf.5.xml:1563 msgid "pam_trusted_users (string)" msgstr "pam_trusted_users (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1563 +#: sssd.conf.5.xml:1566 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -2090,75 +2097,75 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1573 +#: sssd.conf.5.xml:1576 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1577 +#: sssd.conf.5.xml:1580 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1584 +#: sssd.conf.5.xml:1587 msgid "pam_public_domains (string)" msgstr "pam_public_domains (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1587 +#: sssd.conf.5.xml:1590 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1591 +#: sssd.conf.5.xml:1594 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1595 +#: sssd.conf.5.xml:1598 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1602 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1603 sssd.conf.5.xml:1628 sssd.conf.5.xml:1647 -#: sssd.conf.5.xml:1884 sssd.conf.5.xml:2725 sssd.conf.5.xml:3919 -#: sssd-ldap.5.xml:1210 +#: sssd.conf.5.xml:1606 sssd.conf.5.xml:1631 sssd.conf.5.xml:1650 +#: sssd.conf.5.xml:1887 sssd.conf.5.xml:2728 sssd.conf.5.xml:3922 +#: sssd-ldap.5.xml:1221 msgid "Default: none" msgstr "Per defecte: none" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1611 msgid "pam_account_expired_message (string)" msgstr "pam_account_expired_message (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1611 +#: sssd.conf.5.xml:1614 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1616 +#: sssd.conf.5.xml:1619 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1627 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -2166,19 +2173,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1633 +#: sssd.conf.5.xml:1636 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1639 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1643 +#: sssd.conf.5.xml:1646 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -2186,48 +2193,48 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1652 +#: sssd.conf.5.xml:1655 #, fuzzy #| msgid "ldap_chpass_update_last_change (bool)" msgid "pam_passkey_auth (bool)" msgstr "ldap_chpass_update_last_change (booleà)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1655 +#: sssd.conf.5.xml:1658 msgid "Enable passkey device based authentication." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1658 sssd.conf.5.xml:1970 sssd-ad.5.xml:1272 +#: sssd.conf.5.xml:1661 sssd.conf.5.xml:1973 sssd-ad.5.xml:1275 #: sss_rpcidmapd.5.xml:76 sssd-files.5.xml:145 msgid "Default: True" msgstr "Per defecte: True" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1663 +#: sssd.conf.5.xml:1666 msgid "passkey_debug_libfido2 (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1666 +#: sssd.conf.5.xml:1669 msgid "Enable libfido2 library debug messages." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1669 sssd.conf.5.xml:1683 sssd-ldap.5.xml:672 -#: sssd-ldap.5.xml:693 sssd-ldap.5.xml:789 sssd-ldap.5.xml:1296 -#: sssd-ad.5.xml:506 sssd-ad.5.xml:582 sssd-ad.5.xml:1127 sssd-ad.5.xml:1176 +#: sssd.conf.5.xml:1672 sssd.conf.5.xml:1686 sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:704 sssd-ldap.5.xml:800 sssd-ldap.5.xml:1307 +#: sssd-ad.5.xml:506 sssd-ad.5.xml:582 sssd-ad.5.xml:1127 sssd-ad.5.xml:1179 #: include/ldap_id_mapping.xml:250 msgid "Default: False" msgstr "Per defecte: False" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1674 +#: sssd.conf.5.xml:1677 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1677 +#: sssd.conf.5.xml:1680 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -2235,36 +2242,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1688 +#: sssd.conf.5.xml:1691 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1691 +#: sssd.conf.5.xml:1694 msgid "The path to the certificate database." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1694 sssd.conf.5.xml:2219 sssd.conf.5.xml:4411 +#: sssd.conf.5.xml:1697 sssd.conf.5.xml:2222 sssd.conf.5.xml:4414 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1696 sssd.conf.5.xml:2221 +#: sssd.conf.5.xml:1699 sssd.conf.5.xml:2224 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (path to a file with trusted CA " "certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:1709 #, fuzzy #| msgid "ldap_user_certificate (string)" msgid "pam_cert_verification (string)" msgstr "ldap_user_certificate (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:1712 msgid "" "With this parameter the PAM certificate verification can be tuned with a " "comma separated list of options that override the " @@ -2274,7 +2281,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:1723 #, fuzzy, no-wrap #| msgid "" #| "ad_gpo_map_service = +my_pam_service\n" @@ -2287,63 +2294,63 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:1727 msgid "" "Default: not set, i.e. use default <quote>certificate_verification</quote> " "option defined in <quote>[sssd]</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1731 +#: sssd.conf.5.xml:1734 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1734 +#: sssd.conf.5.xml:1737 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1743 +#: sssd.conf.5.xml:1746 #, fuzzy #| msgid "pam_id_timeout (integer)" msgid "passkey_child_timeout (integer)" msgstr "pam_id_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 +#: sssd.conf.5.xml:1749 msgid "" "How many seconds will the PAM responder wait for passkey_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1758 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1761 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1767 +#: sssd.conf.5.xml:1770 #, fuzzy #| msgid "ad_gpo_map_service (string)" msgid "pam_p11_allowed_services (string)" msgstr "ad_gpo_map_service (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1770 +#: sssd.conf.5.xml:1773 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1785 +#: sssd.conf.5.xml:1788 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -2351,7 +2358,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1774 +#: sssd.conf.5.xml:1777 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -2363,63 +2370,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1789 sssd-ad.5.xml:645 sssd-ad.5.xml:754 sssd-ad.5.xml:812 +#: sssd.conf.5.xml:1792 sssd-ad.5.xml:645 sssd-ad.5.xml:754 sssd-ad.5.xml:812 #: sssd-ad.5.xml:870 sssd-ad.5.xml:948 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1794 sssd-ad.5.xml:649 +#: sssd.conf.5.xml:1797 sssd-ad.5.xml:649 msgid "login" msgstr "login" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1799 sssd-ad.5.xml:654 +#: sssd.conf.5.xml:1802 sssd-ad.5.xml:654 msgid "su" msgstr "su" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1804 sssd-ad.5.xml:659 +#: sssd.conf.5.xml:1807 sssd-ad.5.xml:659 msgid "su-l" msgstr "su-l" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1809 sssd-ad.5.xml:674 +#: sssd.conf.5.xml:1812 sssd-ad.5.xml:674 msgid "gdm-smartcard" msgstr "gdm-smartcard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1814 sssd-ad.5.xml:669 +#: sssd.conf.5.xml:1817 sssd-ad.5.xml:669 msgid "gdm-password" msgstr "gdm-password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1819 sssd-ad.5.xml:679 +#: sssd.conf.5.xml:1822 sssd-ad.5.xml:679 msgid "kdm" msgstr "kdm" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1824 sssd-ad.5.xml:957 +#: sssd.conf.5.xml:1827 sssd-ad.5.xml:957 msgid "sudo" msgstr "sudo" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1829 sssd-ad.5.xml:962 +#: sssd.conf.5.xml:1832 sssd-ad.5.xml:962 msgid "sudo-i" msgstr "sudo-i" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1837 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1845 msgid "p11_wait_for_card_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1845 +#: sssd.conf.5.xml:1848 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2427,12 +2434,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1856 +#: sssd.conf.5.xml:1859 msgid "p11_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1859 +#: sssd.conf.5.xml:1862 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " @@ -2443,7 +2450,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1872 +#: sssd.conf.5.xml:1875 #, no-wrap msgid "" "p11_uri = pkcs11:slot-description=My%20Smartcard%20Reader\n" @@ -2451,7 +2458,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1876 +#: sssd.conf.5.xml:1879 #, no-wrap msgid "" "p11_uri = pkcs11:library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2459,7 +2466,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1870 +#: sssd.conf.5.xml:1873 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2468,47 +2475,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1892 msgid "pam_initgroups_scheme" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1897 +#: sssd.conf.5.xml:1900 msgid "always" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1898 +#: sssd.conf.5.xml:1901 msgid "" "Always do an online lookup, please note that pam_id_timeout still applies" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1902 +#: sssd.conf.5.xml:1905 msgid "no_session" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1903 +#: sssd.conf.5.xml:1906 msgid "" "Only do an online lookup if there is no active session of the user, i.e. if " "the user is currently not logged in" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1908 +#: sssd.conf.5.xml:1911 msgid "never" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1909 +#: sssd.conf.5.xml:1912 msgid "" "Never force an online lookup, use the data from the cache as long as they " "are not expired" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1892 +#: sssd.conf.5.xml:1895 msgid "" "The PAM responder can force an online lookup to get the current group " "memberships of the user trying to log in. This option controls when this " @@ -2517,19 +2524,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1916 +#: sssd.conf.5.xml:1919 msgid "Default: no_session" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1921 sssd.conf.5.xml:4350 +#: sssd.conf.5.xml:1924 sssd.conf.5.xml:4353 #, fuzzy #| msgid "ad_gpo_map_service (string)" msgid "pam_gssapi_services" msgstr "ad_gpo_map_service (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1924 +#: sssd.conf.5.xml:1927 #, fuzzy #| msgid "Comma separated list of users who are allowed to log in." msgid "" @@ -2539,13 +2546,13 @@ msgstr "" "Llista separada per comes dels usuaris a qui se'ls permet iniciar la sessió." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:1932 msgid "" "To disable GSSAPI authentication, set this option to <quote>-</quote> (dash)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1933 sssd.conf.5.xml:1964 sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:1936 sssd.conf.5.xml:1967 sssd.conf.5.xml:2005 msgid "" "Note: This option can also be set per-domain which overwrites the value in " "[pam] section. It can also be set for trusted domain which overwrites the " @@ -2553,7 +2560,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1941 +#: sssd.conf.5.xml:1944 #, fuzzy, no-wrap #| msgid "" #| "ad_gpo_map_service = +my_pam_service\n" @@ -2566,22 +2573,22 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1939 sssd.conf.5.xml:3913 +#: sssd.conf.5.xml:1942 sssd.conf.5.xml:3916 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "Exemple: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1945 +#: sssd.conf.5.xml:1948 msgid "Default: - (GSSAPI authentication is disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1950 sssd.conf.5.xml:4351 +#: sssd.conf.5.xml:1953 sssd.conf.5.xml:4354 msgid "pam_gssapi_check_upn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1953 +#: sssd.conf.5.xml:1956 msgid "" "If True, SSSD will require that the Kerberos user principal that " "successfully authenticated through GSSAPI can be associated with the user " @@ -2589,19 +2596,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1960 +#: sssd.conf.5.xml:1963 msgid "" "If False, every user that is able to obtained required service ticket will " "be authenticated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:1978 msgid "pam_gssapi_indicators_map" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1978 +#: sssd.conf.5.xml:1981 msgid "" "Comma separated list of authentication indicators required to be present in " "a Kerberos ticket to access a PAM service that is allowed to try GSSAPI " @@ -2609,7 +2616,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1984 +#: sssd.conf.5.xml:1987 msgid "" "Each element of the list can be either an authentication indicator name or a " "pair <quote>service:indicator</quote>. Indicators not prefixed with the PAM " @@ -2624,7 +2631,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1997 +#: sssd.conf.5.xml:2000 msgid "" "To disable GSSAPI authentication indicator check, set this option to <quote>-" "</quote> (dash). To disable the check for a specific PAM service, add " @@ -2632,45 +2639,45 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2008 +#: sssd.conf.5.xml:2011 msgid "" "Following authentication indicators are supported by IPA Kerberos " "deployments:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2011 +#: sssd.conf.5.xml:2014 msgid "" "pkinit -- pre-authentication using X.509 certificates -- whether stored in " "files or on smart cards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2014 +#: sssd.conf.5.xml:2017 msgid "" "hardened -- SPAKE pre-authentication or any pre-authentication wrapped in a " "FAST channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2017 +#: sssd.conf.5.xml:2020 msgid "radius -- pre-authentication with the help of a RADIUS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2020 +#: sssd.conf.5.xml:2023 msgid "" "otp -- pre-authentication using integrated two-factor authentication (2FA or " "one-time password, OTP) in IPA." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2023 +#: sssd.conf.5.xml:2026 msgid "idp -- pre-authentication using external identity provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2033 +#: sssd.conf.5.xml:2036 #, fuzzy, no-wrap #| msgid "" #| "ad_gpo_map_permit = +my_pam_service, -sudo\n" @@ -2683,7 +2690,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2028 +#: sssd.conf.5.xml:2031 msgid "" "Example: to require access to SUDO services only for users which obtained " "their Kerberos tickets with a X.509 certificate pre-authentication (PKINIT), " @@ -2691,7 +2698,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2037 +#: sssd.conf.5.xml:2040 #, fuzzy #| msgid "Default: not set (no substitution for unset home directories)" msgid "Default: not set (use of authentication indicators is not required)" @@ -2700,12 +2707,12 @@ msgstr "" "establerts)" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2048 msgid "SUDO configuration options" msgstr "Opcions de configuració de SUDO" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2047 +#: sssd.conf.5.xml:2050 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2723,24 +2730,24 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2064 +#: sssd.conf.5.xml:2067 msgid "sudo_timed (bool)" msgstr "sudo_timed (booleà)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2067 +#: sssd.conf.5.xml:2070 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2079 +#: sssd.conf.5.xml:2082 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2082 +#: sssd.conf.5.xml:2085 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2750,23 +2757,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2101 +#: sssd.conf.5.xml:2104 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2103 +#: sssd.conf.5.xml:2106 msgid "These options can be used to configure the autofs service." msgstr "" "Es poden utilitzar aquestes opcions per configurar el servei de l'autofs." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2107 +#: sssd.conf.5.xml:2110 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2110 +#: sssd.conf.5.xml:2113 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2774,51 +2781,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2126 +#: sssd.conf.5.xml:2129 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2128 +#: sssd.conf.5.xml:2131 msgid "These options can be used to configure the SSH service." msgstr "Es poden utilitzar aquestes opcions per configurar el servei de l'SSH." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:2135 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (booleà)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2135 +#: sssd.conf.5.xml:2138 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2144 +#: sssd.conf.5.xml:2147 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2147 +#: sssd.conf.5.xml:2150 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2154 msgid "Default: 180" msgstr "Per defecte: 180" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2156 +#: sssd.conf.5.xml:2159 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2159 +#: sssd.conf.5.xml:2162 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2827,12 +2834,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2174 +#: sssd.conf.5.xml:2177 msgid "ssh_use_certificate_matching_rules (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2177 +#: sssd.conf.5.xml:2180 msgid "" "By default the ssh responder will use all available certificate matching " "rules to filter the certificates so that ssh keys are only derived from the " @@ -2842,7 +2849,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2186 +#: sssd.conf.5.xml:2189 msgid "" "There are two special key words 'all_rules' and 'no_rules' which will enable " "all or no rules, respectively. The latter means that no certificates will be " @@ -2850,7 +2857,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2193 +#: sssd.conf.5.xml:2196 msgid "" "If no rules are configured using 'all_rules' will enable a default rule " "which enables all certificates suitable for client authentication. This is " @@ -2859,38 +2866,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2200 +#: sssd.conf.5.xml:2203 msgid "" "A non-existing rule name is considered an error. If as a result no rule is " "selected all certificates will be ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2205 +#: sssd.conf.5.xml:2208 msgid "" "Default: not set, equivalent to 'all_rules', all found rules or the default " "rule are used" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2211 +#: sssd.conf.5.xml:2214 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2214 +#: sssd.conf.5.xml:2217 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2234 +#: sssd.conf.5.xml:2237 msgid "PAC responder configuration options" msgstr "Opcions de configuració del contestador del PAC." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2239 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2901,7 +2908,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2245 +#: sssd.conf.5.xml:2248 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2912,25 +2919,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2253 +#: sssd.conf.5.xml:2256 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2259 +#: sssd.conf.5.xml:2262 msgid "These options can be used to configure the PAC responder." msgstr "" "Es poden utilitzar aquestes opcions per configurar el contestador del PAC." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2263 sssd-ifp.5.xml:66 +#: sssd.conf.5.xml:2266 sssd-ifp.5.xml:66 msgid "allowed_uids (string)" msgstr "allowed_uids (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2266 +#: sssd.conf.5.xml:2269 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2938,7 +2945,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2272 +#: sssd.conf.5.xml:2275 #, fuzzy #| msgid "" #| "Default: 0 (only the root user is allowed to access the InfoPipe " @@ -2951,12 +2958,12 @@ msgstr "" "contestador de l'InfoPipe)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2279 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2280 +#: sssd.conf.5.xml:2283 #, fuzzy #| msgid "" #| "Please note that although the UID 0 is used as the default it will be " @@ -2975,7 +2982,7 @@ msgstr "" "també cal afegir 0 a la llista dels UID permesos." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2287 +#: sssd.conf.5.xml:2290 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2984,26 +2991,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2296 +#: sssd.conf.5.xml:2299 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2299 +#: sssd.conf.5.xml:2302 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2309 +#: sssd.conf.5.xml:2312 #, fuzzy #| msgid "ldap_schema (string)" msgid "pac_check (string)" msgstr "ldap_schema (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2312 +#: sssd.conf.5.xml:2315 msgid "" "Apply additional checks on the PAC of the Kerberos ticket which is available " "in Active Directory and FreeIPA domains, if configured. Please note that " @@ -3014,24 +3021,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2326 +#: sssd.conf.5.xml:2329 msgid "no_check" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2328 +#: sssd.conf.5.xml:2331 msgid "" "The PAC must not be present and even if it is present no additional checks " "will be done." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2334 +#: sssd.conf.5.xml:2337 msgid "pac_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:2339 msgid "" "The PAC must be present in the service ticket which SSSD will request with " "the help of the user's TGT. If the PAC is not available the authentication " @@ -3039,24 +3046,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2344 +#: sssd.conf.5.xml:2347 msgid "check_upn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2346 +#: sssd.conf.5.xml:2349 msgid "" "If the PAC is present check if the user principal name (UPN) information is " "consistent." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2352 +#: sssd.conf.5.xml:2355 msgid "check_upn_allow_missing" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2357 msgid "" "This option should be used together with 'check_upn' and handles the case " "where a UPN is set on the server-side but is not read by SSSD. The typical " @@ -3068,7 +3075,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2366 +#: sssd.conf.5.xml:2369 msgid "" "Currently this option is set by default to avoid regressions in such " "environments. A log message will be added to the system log and SSSD's debug " @@ -3079,41 +3086,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2380 +#: sssd.conf.5.xml:2383 msgid "upn_dns_info_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2382 +#: sssd.conf.5.xml:2385 msgid "The PAC must contain the UPN-DNS-INFO buffer, implies 'check_upn'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2387 +#: sssd.conf.5.xml:2390 msgid "check_upn_dns_info_ex" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2389 +#: sssd.conf.5.xml:2392 msgid "" "If the PAC is present and the extension to the UPN-DNS-INFO buffer is " "available check if the information in the extension is consistent." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2396 +#: sssd.conf.5.xml:2399 msgid "upn_dns_info_ex_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2401 msgid "" "The PAC must contain the extension of the UPN-DNS-INFO buffer, implies " "'check_upn_dns_info_ex', 'upn_dns_info_present' and 'check_upn'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2325 #, fuzzy #| msgid "" #| "The following expansions are supported: <placeholder " @@ -3126,19 +3133,19 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2408 +#: sssd.conf.5.xml:2411 msgid "" "Default: no_check (AD and IPA provider 'check_upn, check_upn_allow_missing, " "check_upn_dns_info_ex')" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2417 +#: sssd.conf.5.xml:2420 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2419 +#: sssd.conf.5.xml:2422 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -3148,66 +3155,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2432 +#: sssd.conf.5.xml:2435 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2436 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:2439 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2443 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:2446 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2446 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:2449 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2451 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:2454 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2454 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:2457 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2463 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:2466 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2466 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:2469 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2439 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:2442 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:2476 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2478 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:2481 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2481 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:2484 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -3215,17 +3222,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2487 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:2490 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2492 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:2495 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2495 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:2498 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -3233,7 +3240,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2501 sssd.conf.5.xml:2533 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:2504 sssd.conf.5.xml:2536 sssd-session-recording.5.xml:129 #: sssd-session-recording.5.xml:161 msgid "" "NOTE: using this option (having it set to anything) has a considerable " @@ -3242,65 +3249,65 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2508 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:2511 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2513 sssd-session-recording.5.xml:141 +#: sssd.conf.5.xml:2516 sssd-session-recording.5.xml:141 #, fuzzy #| msgid "simple_deny_users (string)" msgid "exclude_users (string)" msgstr "simple_deny_users (cadena)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2516 sssd-session-recording.5.xml:144 +#: sssd.conf.5.xml:2519 sssd-session-recording.5.xml:144 msgid "" "A comma-separated list of users to be excluded from recording, only " "applicable with 'scope=all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2520 sssd-session-recording.5.xml:148 +#: sssd.conf.5.xml:2523 sssd-session-recording.5.xml:148 #, fuzzy #| msgid "Default: empty, i.e. ldap_uri is used." msgid "Default: Empty. No users excluded." msgstr "Per defecte: buit, és a dir, s'utilitza ldap_uri." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2525 sssd-session-recording.5.xml:153 +#: sssd.conf.5.xml:2528 sssd-session-recording.5.xml:153 #, fuzzy #| msgid "simple_deny_groups (string)" msgid "exclude_groups (string)" msgstr "simple_deny_groups (cadena)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2528 sssd-session-recording.5.xml:156 +#: sssd.conf.5.xml:2531 sssd-session-recording.5.xml:156 msgid "" "A comma-separated list of groups, members of which should be excluded from " "recording. Only applicable with 'scope=all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2540 sssd-session-recording.5.xml:168 +#: sssd.conf.5.xml:2543 sssd-session-recording.5.xml:168 #, fuzzy #| msgid "Default: empty, i.e. ldap_uri is used." msgid "Default: Empty. No groups excluded." msgstr "Per defecte: buit, és a dir, s'utilitza ldap_uri." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:2550 +#: sssd.conf.5.xml:2553 msgid "DOMAIN SECTIONS" msgstr "SECCIONS DE DOMINI" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para> -#: sssd.conf.5.xml:2557 sssd.conf.5.xml:4041 sssd.conf.5.xml:4042 -#: sssd.conf.5.xml:4045 +#: sssd.conf.5.xml:2560 sssd.conf.5.xml:4044 sssd.conf.5.xml:4045 +#: sssd.conf.5.xml:4048 msgid "enabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2560 +#: sssd.conf.5.xml:2563 msgid "" "Explicitly enable or disable the domain. If <quote>true</quote>, the domain " "is always <quote>enabled</quote>. If <quote>false</quote>, the domain is " @@ -3310,12 +3317,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2572 +#: sssd.conf.5.xml:2575 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2578 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -3324,14 +3331,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2583 +#: sssd.conf.5.xml:2586 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2587 +#: sssd.conf.5.xml:2590 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -3340,31 +3347,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2595 +#: sssd.conf.5.xml:2598 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2602 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2603 +#: sssd.conf.5.xml:2606 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2609 +#: sssd.conf.5.xml:2612 msgid "min_id,max_id (integer)" msgstr "min_id, max_id (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2615 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -3373,7 +3380,7 @@ msgstr "" "fora d'aquests límits, s'ignora." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2617 +#: sssd.conf.5.xml:2620 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -3386,24 +3393,24 @@ msgstr "" "com s'esperava." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2627 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2631 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Per defecte: 1 per a min_id, 0 (sense límit) per a max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2637 msgid "enumerate (bool)" msgstr "enumerate (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2637 +#: sssd.conf.5.xml:2640 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -3412,36 +3419,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:2648 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = Els usuaris i grups s'enumeren" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:2651 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = Cap enumeració per a aquest domini" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2651 sssd.conf.5.xml:2942 sssd.conf.5.xml:3119 +#: sssd.conf.5.xml:2654 sssd.conf.5.xml:2945 sssd.conf.5.xml:3122 msgid "Default: FALSE" msgstr "Per defecte: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2654 +#: sssd.conf.5.xml:2657 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2659 +#: sssd.conf.5.xml:2662 msgid "" "Feature is only supported for domains with id_provider = ldap or id_provider " "= proxy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2663 +#: sssd.conf.5.xml:2666 msgid "" "Note: Enabling enumeration has a severe performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -3455,7 +3462,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2678 +#: sssd.conf.5.xml:2681 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -3465,7 +3472,7 @@ msgstr "" "finalitzi." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2683 +#: sssd.conf.5.xml:2686 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -3479,14 +3486,14 @@ msgstr "" "ús." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2694 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2696 +#: sssd.conf.5.xml:2699 msgid "" "Note: the proxy provider is tested with open source modules like " "'libnss_files' and 'libnss_ldap'. 3rd party modules must follow the " @@ -3494,32 +3501,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2705 +#: sssd.conf.5.xml:2708 msgid "subdomain_enumerate (string)" msgstr "subdomain_enumerate (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2712 +#: sssd.conf.5.xml:2715 msgid "all" msgstr "all" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2716 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2716 +#: sssd.conf.5.xml:2719 msgid "none" msgstr "none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2717 +#: sssd.conf.5.xml:2720 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2708 +#: sssd.conf.5.xml:2711 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -3528,12 +3535,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2731 +#: sssd.conf.5.xml:2734 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2734 +#: sssd.conf.5.xml:2737 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -3542,7 +3549,7 @@ msgstr "" "demanar al rerefons una altra vegada" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2738 +#: sssd.conf.5.xml:2741 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -3553,139 +3560,139 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2751 +#: sssd.conf.5.xml:2754 msgid "Default: 5400" msgstr "Per defecte: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2757 +#: sssd.conf.5.xml:2760 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2760 +#: sssd.conf.5.xml:2763 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2764 sssd.conf.5.xml:2777 sssd.conf.5.xml:2790 -#: sssd.conf.5.xml:2803 sssd.conf.5.xml:2817 sssd.conf.5.xml:2830 -#: sssd.conf.5.xml:2844 sssd.conf.5.xml:2858 sssd.conf.5.xml:2871 +#: sssd.conf.5.xml:2767 sssd.conf.5.xml:2780 sssd.conf.5.xml:2793 +#: sssd.conf.5.xml:2806 sssd.conf.5.xml:2820 sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2847 sssd.conf.5.xml:2861 sssd.conf.5.xml:2874 msgid "Default: entry_cache_timeout" msgstr "Per defecte: entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2773 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2776 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2783 +#: sssd.conf.5.xml:2786 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2786 +#: sssd.conf.5.xml:2789 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2796 +#: sssd.conf.5.xml:2799 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2799 +#: sssd.conf.5.xml:2802 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2812 msgid "entry_cache_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2812 +#: sssd.conf.5.xml:2815 msgid "" "How many seconds should nss_sss consider hosts and networks entries valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:2826 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2826 +#: sssd.conf.5.xml:2829 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2836 +#: sssd.conf.5.xml:2839 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2839 +#: sssd.conf.5.xml:2842 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2850 +#: sssd.conf.5.xml:2853 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "entry_cache_ssh_host_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2853 +#: sssd.conf.5.xml:2856 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2867 msgid "entry_cache_computer_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2867 +#: sssd.conf.5.xml:2870 msgid "" "How many seconds to keep the local computer entry before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2877 +#: sssd.conf.5.xml:2880 msgid "refresh_expired_interval (integer)" msgstr "refresh_expired_interval (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2880 +#: sssd.conf.5.xml:2883 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2885 +#: sssd.conf.5.xml:2888 msgid "" "The background refresh will process users, groups and netgroups in the " "cache. For users who have performed the initgroups (get group membership for " @@ -3694,17 +3701,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2893 +#: sssd.conf.5.xml:2896 msgid "This option is automatically inherited for all trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2897 +#: sssd.conf.5.xml:2900 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2901 +#: sssd.conf.5.xml:2904 msgid "" "Cache entry will be refreshed by background task when 2/3 of cache timeout " "has already passed. If there are existing cached entries, the background " @@ -3716,18 +3723,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2914 sssd-ldap.5.xml:361 sssd-ldap.5.xml:1774 +#: sssd.conf.5.xml:2917 sssd-ldap.5.xml:372 sssd-ldap.5.xml:1785 #: sssd-ipa.5.xml:270 msgid "Default: 0 (disabled)" msgstr "Per defecte: 0 (inhabilitat)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2920 +#: sssd.conf.5.xml:2923 msgid "cache_credentials (bool)" msgstr "cache_credentials (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:2926 msgid "" "Determines if user credentials are also cached in the local LDB cache. The " "cached credentials refer to passwords, which includes the first (long term) " @@ -3738,7 +3745,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2934 +#: sssd.conf.5.xml:2937 msgid "" "Take a note that while credentials are stored as a salted SHA512 hash, this " "still potentially poses some security risk in case an attacker manages to " @@ -3747,12 +3754,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:2951 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2951 +#: sssd.conf.5.xml:2954 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -3760,19 +3767,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2958 +#: sssd.conf.5.xml:2961 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:2972 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:2975 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -3785,17 +3792,17 @@ msgstr "" "ha de ser superior o igual que offline_credentials_expiration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2979 +#: sssd.conf.5.xml:2982 msgid "Default: 0 (unlimited)" msgstr "Per defecte: 0 (sense límit)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:2987 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2995 +#: sssd.conf.5.xml:2998 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -3804,28 +3811,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3002 +#: sssd.conf.5.xml:3005 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "Per defecte: 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3008 +#: sssd.conf.5.xml:3011 msgid "id_provider (string)" msgstr "id_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3011 +#: sssd.conf.5.xml:3014 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3015 +#: sssd.conf.5.xml:3018 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3018 +#: sssd.conf.5.xml:3021 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3833,7 +3840,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3026 +#: sssd.conf.5.xml:3029 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3841,8 +3848,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3034 sssd.conf.5.xml:3145 sssd.conf.5.xml:3196 -#: sssd.conf.5.xml:3259 +#: sssd.conf.5.xml:3037 sssd.conf.5.xml:3148 sssd.conf.5.xml:3199 +#: sssd.conf.5.xml:3262 #, fuzzy #| msgid "" #| "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " @@ -3858,8 +3865,8 @@ msgstr "" "manvolnum></citerefentry> per a més informació sobre configuració d'LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3043 sssd.conf.5.xml:3154 sssd.conf.5.xml:3205 -#: sssd.conf.5.xml:3268 +#: sssd.conf.5.xml:3046 sssd.conf.5.xml:3157 sssd.conf.5.xml:3208 +#: sssd.conf.5.xml:3271 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3867,19 +3874,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3054 +#: sssd.conf.5.xml:3057 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3057 +#: sssd.conf.5.xml:3060 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3062 +#: sssd.conf.5.xml:3065 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -3892,7 +3899,7 @@ msgstr "" "l'usuari mentre que <command>getent passwd test@LOCAL</command> sí." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3070 +#: sssd.conf.5.xml:3073 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -3900,24 +3907,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3077 +#: sssd.conf.5.xml:3080 msgid "" "Default: FALSE (TRUE for trusted domain/sub-domains or if " "default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3084 +#: sssd.conf.5.xml:3087 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3087 +#: sssd.conf.5.xml:3090 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3090 +#: sssd.conf.5.xml:3093 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -3929,7 +3936,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3111 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -3937,23 +3944,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3114 sssd.conf.5.xml:3835 sssd-ldap.5.xml:327 -#: sssd-ldap.5.xml:356 sssd-ldap.5.xml:409 sssd-ldap.5.xml:469 -#: sssd-ldap.5.xml:490 sssd-ldap.5.xml:521 sssd-ldap.5.xml:544 -#: sssd-ldap.5.xml:583 sssd-ldap.5.xml:602 sssd-ldap.5.xml:626 -#: sssd-ldap.5.xml:1054 sssd-ldap.5.xml:1087 +#: sssd.conf.5.xml:3117 sssd.conf.5.xml:3838 sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:367 sssd-ldap.5.xml:420 sssd-ldap.5.xml:480 +#: sssd-ldap.5.xml:501 sssd-ldap.5.xml:532 sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:594 sssd-ldap.5.xml:613 sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:1065 sssd-ldap.5.xml:1098 msgid "" "This option can be also set per subdomain or inherited via " "<emphasis>subdomain_inherit</emphasis>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3124 +#: sssd.conf.5.xml:3127 msgid "auth_provider (string)" msgstr "auth_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3127 +#: sssd.conf.5.xml:3130 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -3962,7 +3969,7 @@ msgstr "" "d'autenticació suportats són:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3131 sssd.conf.5.xml:3189 +#: sssd.conf.5.xml:3134 sssd.conf.5.xml:3192 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3973,7 +3980,7 @@ msgstr "" "manvolnum></citerefentry> per a més informació sobre configuració d'LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3138 +#: sssd.conf.5.xml:3141 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3984,7 +3991,7 @@ msgstr "" "manvolnum></citerefentry> per a més informació sobre configurar Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3162 +#: sssd.conf.5.xml:3165 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" @@ -3992,12 +3999,12 @@ msgstr "" "de PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3168 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> impossibilita l'autenticació explícitament." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3168 +#: sssd.conf.5.xml:3171 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -4006,12 +4013,12 @@ msgstr "" "gestionar les sol·licituds d'autenticació." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3174 +#: sssd.conf.5.xml:3177 msgid "access_provider (string)" msgstr "access_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3177 +#: sssd.conf.5.xml:3180 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -4022,19 +4029,19 @@ msgstr "" "instal·lats) Els proveïdors especials interns són:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3183 +#: sssd.conf.5.xml:3186 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3186 +#: sssd.conf.5.xml:3189 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> sempre denega l'accés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3213 +#: sssd.conf.5.xml:3216 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -4047,7 +4054,7 @@ msgstr "" "configuració del mòdul d'accés simple." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3223 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -4055,22 +4062,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3227 +#: sssd.conf.5.xml:3230 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3230 +#: sssd.conf.5.xml:3233 msgid "Default: <quote>permit</quote>" msgstr "Per defecte: <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3235 +#: sssd.conf.5.xml:3238 msgid "chpass_provider (string)" msgstr "chpass_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3238 +#: sssd.conf.5.xml:3241 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -4079,7 +4086,7 @@ msgstr "" "al domini. Els proveïdors de canvi de contrasenya compatibles són:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3243 +#: sssd.conf.5.xml:3246 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -4087,7 +4094,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3251 +#: sssd.conf.5.xml:3254 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4098,7 +4105,7 @@ msgstr "" "manvolnum></citerefentry> per a més informació sobre configurar Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3276 +#: sssd.conf.5.xml:3279 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" @@ -4106,12 +4113,12 @@ msgstr "" "objectiu PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3280 +#: sssd.conf.5.xml:3283 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "<quote>none</quote> rebutja els canvis de contrasenya explícitament." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3283 +#: sssd.conf.5.xml:3286 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -4120,17 +4127,17 @@ msgstr "" "gestionar peticions de canvi de contrasenya." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3290 +#: sssd.conf.5.xml:3293 msgid "sudo_provider (string)" msgstr "sudo_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3293 +#: sssd.conf.5.xml:3296 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3297 +#: sssd.conf.5.xml:3300 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4138,32 +4145,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3305 +#: sssd.conf.5.xml:3308 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3309 +#: sssd.conf.5.xml:3312 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3313 +#: sssd.conf.5.xml:3316 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3316 sssd.conf.5.xml:3402 sssd.conf.5.xml:3467 -#: sssd.conf.5.xml:3492 sssd.conf.5.xml:3528 +#: sssd.conf.5.xml:3319 sssd.conf.5.xml:3405 sssd.conf.5.xml:3470 +#: sssd.conf.5.xml:3495 sssd.conf.5.xml:3531 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3320 +#: sssd.conf.5.xml:3323 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -4174,7 +4181,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3335 +#: sssd.conf.5.xml:3338 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -4183,12 +4190,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3345 +#: sssd.conf.5.xml:3348 msgid "selinux_provider (string)" msgstr "selinux_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3348 +#: sssd.conf.5.xml:3351 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -4196,7 +4203,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3354 +#: sssd.conf.5.xml:3357 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -4204,31 +4211,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3362 +#: sssd.conf.5.xml:3365 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3365 +#: sssd.conf.5.xml:3368 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3371 +#: sssd.conf.5.xml:3374 msgid "subdomains_provider (string)" msgstr "subdomains_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3374 +#: sssd.conf.5.xml:3377 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3380 +#: sssd.conf.5.xml:3383 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -4236,7 +4243,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3389 +#: sssd.conf.5.xml:3392 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -4245,17 +4252,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3398 +#: sssd.conf.5.xml:3401 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3408 +#: sssd.conf.5.xml:3411 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3411 +#: sssd.conf.5.xml:3414 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -4263,36 +4270,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3418 +#: sssd.conf.5.xml:3421 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3422 +#: sssd.conf.5.xml:3425 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3426 +#: sssd.conf.5.xml:3429 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3433 +#: sssd.conf.5.xml:3436 msgid "autofs_provider (string)" msgstr "autofs_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3436 +#: sssd.conf.5.xml:3439 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3440 +#: sssd.conf.5.xml:3443 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4300,7 +4307,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3447 +#: sssd.conf.5.xml:3450 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4308,7 +4315,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3455 +#: sssd.conf.5.xml:3458 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4316,24 +4323,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3464 +#: sssd.conf.5.xml:3467 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3474 +#: sssd.conf.5.xml:3477 msgid "hostid_provider (string)" msgstr "hostid_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3477 +#: sssd.conf.5.xml:3480 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3481 +#: sssd.conf.5.xml:3484 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -4341,31 +4348,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3492 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3499 +#: sssd.conf.5.xml:3502 msgid "resolver_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3502 +#: sssd.conf.5.xml:3505 msgid "" "The provider which should handle hosts and networks lookups. Supported " "resolver providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3506 +#: sssd.conf.5.xml:3509 msgid "" "<quote>proxy</quote> to forward lookups to another NSS library. See " "<quote>proxy_resolver_lib_name</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3510 +#: sssd.conf.5.xml:3513 msgid "" "<quote>ldap</quote> to fetch hosts and networks stored in LDAP. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -4373,7 +4380,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3517 +#: sssd.conf.5.xml:3520 msgid "" "<quote>ad</quote> to fetch hosts and networks stored in AD. See " "<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" @@ -4382,12 +4389,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3525 +#: sssd.conf.5.xml:3528 msgid "<quote>none</quote> disallows fetching hosts and networks explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3538 +#: sssd.conf.5.xml:3541 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -4397,24 +4404,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3547 +#: sssd.conf.5.xml:3550 msgid "" "Default: <quote>^((?P<name>.+)@(?P<domain>[^@]*)|(?P<name>" "[^@]+))$</quote> which allows two different styles for user names:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3552 sssd.conf.5.xml:3566 +#: sssd.conf.5.xml:3555 sssd.conf.5.xml:3569 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3555 sssd.conf.5.xml:3569 +#: sssd.conf.5.xml:3558 sssd.conf.5.xml:3572 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3560 +#: sssd.conf.5.xml:3563 msgid "" "Default for the AD and IPA provider: <quote>^(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+))|((?P<name>.+)@(?P<domain>[^@]+))|((?P<" @@ -4423,19 +4430,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3572 +#: sssd.conf.5.xml:3575 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3575 +#: sssd.conf.5.xml:3578 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3580 +#: sssd.conf.5.xml:3583 msgid "" "The default re_expression uses the <quote>@</quote> character as a separator " "between the name and the domain. As a result of this setting the default " @@ -4445,17 +4452,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3632 +#: sssd.conf.5.xml:3635 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Per defecte: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3638 +#: sssd.conf.5.xml:3641 msgid "lookup_family_order (string)" msgstr "lookup_family_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3641 +#: sssd.conf.5.xml:3644 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -4464,76 +4471,76 @@ msgstr "" "realitzar cerques de DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3645 +#: sssd.conf.5.xml:3648 msgid "Supported values:" msgstr "Valors admesos:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3648 +#: sssd.conf.5.xml:3651 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "ipv4_first: Intenta resoldre l'adreça IPv4, si falla, intenta IPv6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3651 +#: sssd.conf.5.xml:3654 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "ipv4_only: Intenta resoldre només noms màquina a adreces IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3654 +#: sssd.conf.5.xml:3657 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "ipv6_first: Intenta resoldre l'adreça IPv6, si falla, intenta IPv4" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3657 +#: sssd.conf.5.xml:3660 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "ipv6_only: Intenta resoldre només noms màquina a adreces IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3660 +#: sssd.conf.5.xml:3663 msgid "Default: ipv4_first" msgstr "Per defecte: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3666 +#: sssd.conf.5.xml:3669 #, fuzzy #| msgid "dns_resolver_timeout (integer)" msgid "dns_resolver_server_timeout (integer)" msgstr "dns_resolver_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3669 +#: sssd.conf.5.xml:3672 msgid "" "Defines the amount of time (in milliseconds) SSSD would try to talk to DNS " "server before trying next DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3674 +#: sssd.conf.5.xml:3677 msgid "" "The AD provider will use this option for the CLDAP ping timeouts as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3678 sssd.conf.5.xml:3698 sssd.conf.5.xml:3719 +#: sssd.conf.5.xml:3681 sssd.conf.5.xml:3701 sssd.conf.5.xml:3722 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3683 sssd-ldap.5.xml:645 include/failover.xml:84 +#: sssd.conf.5.xml:3686 sssd-ldap.5.xml:656 include/failover.xml:84 msgid "Default: 1000" msgstr "Per defecte: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3689 +#: sssd.conf.5.xml:3692 #, fuzzy #| msgid "dns_resolver_timeout (integer)" msgid "dns_resolver_op_timeout (integer)" msgstr "dns_resolver_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3692 +#: sssd.conf.5.xml:3695 msgid "" "Defines the amount of time (in seconds) to wait to resolve single DNS query " "(e.g. resolution of a hostname or an SRV record) before trying the next " @@ -4541,17 +4548,17 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3703 include/failover.xml:100 +#: sssd.conf.5.xml:3706 include/failover.xml:100 msgid "Default: 3" msgstr "Per defecte: 3" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3709 +#: sssd.conf.5.xml:3712 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3712 +#: sssd.conf.5.xml:3715 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -4560,14 +4567,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3730 +#: sssd.conf.5.xml:3733 #, fuzzy #| msgid "dns_resolver_timeout (integer)" msgid "dns_resolver_use_search_list (bool)" msgstr "dns_resolver_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3733 +#: sssd.conf.5.xml:3736 msgid "" "Normally, the DNS resolver searches the domain list defined in the " "\"search\" directive from the resolv.conf file. This can lead to delays in " @@ -4575,7 +4582,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3739 +#: sssd.conf.5.xml:3742 msgid "" "If fully qualified domain names (or _srv_) are used in the SSSD " "configuration, setting this option to FALSE can prevent unnecessary DNS " @@ -4583,17 +4590,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3745 +#: sssd.conf.5.xml:3748 msgid "Default: TRUE" msgstr "Per defecte: TRUE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3751 +#: sssd.conf.5.xml:3754 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3754 +#: sssd.conf.5.xml:3757 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -4602,19 +4609,19 @@ msgstr "" "del domini de la consulta DNS del servei de descobriment." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3758 +#: sssd.conf.5.xml:3761 msgid "Default: Use the domain part of machine's hostname" msgstr "Per defecte: Utilitza la part del domini del nom de màquina" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3764 +#: sssd.conf.5.xml:3767 #, fuzzy #| msgid "pam_id_timeout (integer)" msgid "failover_primary_timeout (integer)" msgstr "pam_id_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3767 +#: sssd.conf.5.xml:3770 msgid "" "When no primary server is available, SSSD fails over to a backup server. " "This option defines the number of seconds SSSD waits before attempting to " @@ -4622,59 +4629,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3774 +#: sssd.conf.5.xml:3777 msgid "Note: The minimum value is 31." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3777 +#: sssd.conf.5.xml:3780 #, fuzzy #| msgid "Default: 3" msgid "Default: 31" msgstr "Per defecte: 3" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3783 +#: sssd.conf.5.xml:3786 msgid "override_gid (integer)" msgstr "override_gid (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3786 +#: sssd.conf.5.xml:3789 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3792 +#: sssd.conf.5.xml:3795 msgid "case_sensitive (string)" msgstr "case_sensitive (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3799 +#: sssd.conf.5.xml:3802 msgid "True" msgstr "True" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3802 +#: sssd.conf.5.xml:3805 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3808 +#: sssd.conf.5.xml:3811 msgid "False" msgstr "False" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3810 +#: sssd.conf.5.xml:3813 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3814 +#: sssd.conf.5.xml:3817 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3817 +#: sssd.conf.5.xml:3820 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -4682,14 +4689,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3825 +#: sssd.conf.5.xml:3828 msgid "" "If you want to set this value for trusted domain with IPA provider, you need " "to set it on both the client and SSSD on the server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3795 +#: sssd.conf.5.xml:3798 #, fuzzy #| msgid "" #| "The following expansions are supported: <placeholder " @@ -4702,17 +4709,17 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3840 +#: sssd.conf.5.xml:3843 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3846 +#: sssd.conf.5.xml:3849 msgid "subdomain_inherit (string)" msgstr "subdomain_inherit (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3849 +#: sssd.conf.5.xml:3852 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -4720,130 +4727,130 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3855 +#: sssd.conf.5.xml:3858 #, fuzzy #| msgid "ldap_search_timeout (integer)" msgid "ldap_search_timeout" msgstr "ldap_search_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3858 +#: sssd.conf.5.xml:3861 #, fuzzy #| msgid "ldap_network_timeout (integer)" msgid "ldap_network_timeout" msgstr "ldap_network_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3861 +#: sssd.conf.5.xml:3864 #, fuzzy #| msgid "ldap_opt_timeout (integer)" msgid "ldap_opt_timeout" msgstr "ldap_opt_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3864 +#: sssd.conf.5.xml:3867 #, fuzzy #| msgid "ldap_connection_expire_timeout (integer)" msgid "ldap_offline_timeout" msgstr "ldap_connection_expire_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3867 +#: sssd.conf.5.xml:3870 #, fuzzy #| msgid "ldap_enumeration_refresh_timeout (integer)" msgid "ldap_enumeration_refresh_timeout" msgstr "ldap_enumeration_refresh_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3870 +#: sssd.conf.5.xml:3873 #, fuzzy #| msgid "ldap_enumeration_refresh_timeout (integer)" msgid "ldap_enumeration_refresh_offset" msgstr "ldap_enumeration_refresh_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3873 +#: sssd.conf.5.xml:3876 msgid "ldap_purge_cache_timeout" msgstr "ldap_purge_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3876 +#: sssd.conf.5.xml:3879 #, fuzzy #| msgid "ldap_purge_cache_timeout" msgid "ldap_purge_cache_offset" msgstr "ldap_purge_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3879 +#: sssd.conf.5.xml:3882 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3883 +#: sssd.conf.5.xml:3886 #, fuzzy #| msgid "ldap_krb5_ticket_lifetime (integer)" msgid "ldap_krb5_ticket_lifetime" msgstr "ldap_krb5_ticket_lifetime (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3886 +#: sssd.conf.5.xml:3889 #, fuzzy #| msgid "ldap_enumeration_search_timeout (integer)" msgid "ldap_enumeration_search_timeout" msgstr "ldap_enumeration_search_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3889 +#: sssd.conf.5.xml:3892 #, fuzzy #| msgid "ldap_connection_expire_timeout (integer)" msgid "ldap_connection_expire_timeout" msgstr "ldap_connection_expire_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3892 +#: sssd.conf.5.xml:3895 #, fuzzy #| msgid "ldap_connection_expire_timeout (integer)" msgid "ldap_connection_expire_offset" msgstr "ldap_connection_expire_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3895 +#: sssd.conf.5.xml:3898 #, fuzzy #| msgid "ldap_connection_expire_timeout (integer)" msgid "ldap_connection_idle_timeout" msgstr "ldap_connection_expire_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3898 sssd-ldap.5.xml:401 +#: sssd.conf.5.xml:3901 sssd-ldap.5.xml:412 msgid "ldap_use_tokengroups" msgstr "ldap_use_tokengroups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3901 +#: sssd.conf.5.xml:3904 msgid "ldap_user_principal" msgstr "ldap_user_principal" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3904 +#: sssd.conf.5.xml:3907 msgid "ignore_group_members" msgstr "ignore_group_members" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3907 +#: sssd.conf.5.xml:3910 msgid "auto_private_groups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3910 +#: sssd.conf.5.xml:3913 #, fuzzy #| msgid "case_sensitive (string)" msgid "case_sensitive" msgstr "case_sensitive (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3915 +#: sssd.conf.5.xml:3918 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -4853,27 +4860,27 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3922 +#: sssd.conf.5.xml:3925 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3929 +#: sssd.conf.5.xml:3932 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3940 +#: sssd.conf.5.xml:3943 msgid "%F" msgstr "%F" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3941 +#: sssd.conf.5.xml:3944 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3932 +#: sssd.conf.5.xml:3935 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -4883,34 +4890,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3946 +#: sssd.conf.5.xml:3949 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3950 +#: sssd.conf.5.xml:3953 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "Per defecte: <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3955 +#: sssd.conf.5.xml:3958 msgid "realmd_tags (string)" msgstr "realmd_tags (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3958 +#: sssd.conf.5.xml:3961 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3964 +#: sssd.conf.5.xml:3967 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3967 +#: sssd.conf.5.xml:3970 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -4919,19 +4926,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3975 +#: sssd.conf.5.xml:3978 msgid "" "This option's value is inherited by all trusted domains. At the moment it is " "not possible to set a different value per trusted domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3980 +#: sssd.conf.5.xml:3983 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3984 +#: sssd.conf.5.xml:3987 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -4939,14 +4946,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3995 +#: sssd.conf.5.xml:3998 #, fuzzy #| msgid "ldap_pwd_policy (string)" msgid "local_auth_policy (string)" msgstr "ldap_pwd_policy (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3998 +#: sssd.conf.5.xml:4001 msgid "" "Local authentication methods policy. Some backends (i.e. LDAP, proxy " "provider) only support a password based authentication, while others can " @@ -4958,7 +4965,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4010 +#: sssd.conf.5.xml:4013 msgid "" "There are three possible values for this option: match, only, enable. " "<quote>match</quote> is used to match offline and online states for Kerberos " @@ -4970,7 +4977,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4023 +#: sssd.conf.5.xml:4026 msgid "" "The following table shows which authentication methods, if configured " "properly, are currently enabled or disabled for each backend, with the " @@ -4978,46 +4985,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4036 +#: sssd.conf.5.xml:4039 #, fuzzy #| msgid "ldap_pwd_policy (string)" msgid "local_auth_policy = match (default)" msgstr "ldap_pwd_policy (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4037 +#: sssd.conf.5.xml:4040 msgid "Passkey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4038 +#: sssd.conf.5.xml:4041 #, fuzzy #| msgid "gdm-smartcard" msgid "Smartcard" msgstr "gdm-smartcard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4041 sssd-ldap.5.xml:189 +#: sssd.conf.5.xml:4044 sssd-ldap.5.xml:189 msgid "IPA" msgstr "IPA" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4044 sssd-ldap.5.xml:194 +#: sssd.conf.5.xml:4047 sssd-ldap.5.xml:194 msgid "AD" msgstr "AD" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para> -#: sssd.conf.5.xml:4044 sssd.conf.5.xml:4047 sssd.conf.5.xml:4048 +#: sssd.conf.5.xml:4047 sssd.conf.5.xml:4050 sssd.conf.5.xml:4051 msgid "disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry> -#: sssd.conf.5.xml:4047 +#: sssd.conf.5.xml:4050 msgid "LDAP" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4052 +#: sssd.conf.5.xml:4055 msgid "" "Please note that if local Smartcard authentication is enabled and a " "Smartcard is present, Smartcard authentication will be preferred over the " @@ -5026,7 +5033,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4064 +#: sssd.conf.5.xml:4067 #, no-wrap msgid "" "[domain/shadowutils]\n" @@ -5037,7 +5044,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4060 +#: sssd.conf.5.xml:4063 #, fuzzy #| msgid "" #| "The following example shows a minimal idmapd.conf which makes use of the " @@ -5051,38 +5058,38 @@ msgstr "" "sss. <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4072 +#: sssd.conf.5.xml:4075 msgid "" "It is expected that the <quote>files</quote> provider ignores the " "local_auth_policy option and supports Smartcard authentication by default." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4077 +#: sssd.conf.5.xml:4080 #, fuzzy #| msgid "Default: cn" msgid "Default: match" msgstr "Per defecte: cn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4082 +#: sssd.conf.5.xml:4085 msgid "auto_private_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4088 +#: sssd.conf.5.xml:4091 msgid "true" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4091 +#: sssd.conf.5.xml:4094 msgid "" "Create user's private group unconditionally from user's UID number. The GID " "number is ignored in this case." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4095 +#: sssd.conf.5.xml:4098 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -5091,24 +5098,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4104 +#: sssd.conf.5.xml:4107 msgid "false" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4107 +#: sssd.conf.5.xml:4110 msgid "" "Always use the user's primary GID number. The GID number must refer to a " "group object in the LDAP database." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4113 +#: sssd.conf.5.xml:4116 msgid "hybrid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4116 +#: sssd.conf.5.xml:4119 msgid "" "A primary group is autogenerated for user entries whose UID and GID numbers " "have the same value and at the same time the GID number does not correspond " @@ -5118,14 +5125,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4129 +#: sssd.conf.5.xml:4132 msgid "" "If the UID and GID of a user are different, then the GID must correspond to " "a group entry, otherwise the GID is simply not resolvable." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4136 +#: sssd.conf.5.xml:4139 msgid "" "This feature is useful for environments that wish to stop maintaining a " "separate group objects for the user private groups, but also wish to retain " @@ -5133,21 +5140,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4085 +#: sssd.conf.5.xml:4088 msgid "" "This option takes any of three available values: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4148 +#: sssd.conf.5.xml:4151 msgid "" "For subdomains, the default value is False for subdomains that use assigned " "POSIX IDs and True for subdomains that use automatic ID-mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4156 +#: sssd.conf.5.xml:4159 #, no-wrap msgid "" "[domain/forest.domain/sub.domain]\n" @@ -5155,7 +5162,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4162 +#: sssd.conf.5.xml:4165 #, no-wrap msgid "" "[domain/forest.domain]\n" @@ -5164,7 +5171,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4153 +#: sssd.conf.5.xml:4156 msgid "" "The value of auto_private_groups can either be set per subdomains in a " "subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " @@ -5173,7 +5180,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2552 +#: sssd.conf.5.xml:2555 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -5184,17 +5191,17 @@ msgstr "" "replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4177 +#: sssd.conf.5.xml:4180 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4180 +#: sssd.conf.5.xml:4183 msgid "The proxy target PAM proxies to." msgstr "El servidor intermediari on reenvia PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4183 +#: sssd.conf.5.xml:4186 #, fuzzy #| msgid "" #| "Default: not set by default, you have to take an existing pam " @@ -5208,12 +5215,12 @@ msgstr "" "de pam existent o crear-ne una de nova i afegir aquí el nom del servei." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4193 +#: sssd.conf.5.xml:4196 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4196 +#: sssd.conf.5.xml:4199 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -5224,12 +5231,12 @@ msgstr "" "format _nss_$(libName)_$(function), per exemple _nss_files_getpwent." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4206 +#: sssd.conf.5.xml:4209 msgid "proxy_resolver_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4209 +#: sssd.conf.5.xml:4212 msgid "" "The name of the NSS library to use for hosts and networks lookups in proxy " "domains. The NSS functions searched for in the library are in the form of " @@ -5237,12 +5244,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4220 +#: sssd.conf.5.xml:4223 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4223 +#: sssd.conf.5.xml:4226 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -5251,12 +5258,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4237 +#: sssd.conf.5.xml:4240 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4240 +#: sssd.conf.5.xml:4243 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -5264,7 +5271,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4173 +#: sssd.conf.5.xml:4176 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -5273,12 +5280,12 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:4256 +#: sssd.conf.5.xml:4259 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4258 +#: sssd.conf.5.xml:4261 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -5295,7 +5302,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4278 +#: sssd.conf.5.xml:4281 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -5303,17 +5310,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:4284 +#: sssd.conf.5.xml:4287 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4286 +#: sssd.conf.5.xml:4289 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4289 +#: sssd.conf.5.xml:4292 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -5322,7 +5329,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4303 +#: sssd.conf.5.xml:4306 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -5332,7 +5339,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:4311 +#: sssd.conf.5.xml:4314 #, no-wrap msgid "" "[sssd]\n" @@ -5352,12 +5359,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4331 +#: sssd.conf.5.xml:4334 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4333 +#: sssd.conf.5.xml:4336 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -5368,69 +5375,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4340 +#: sssd.conf.5.xml:4343 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4341 +#: sssd.conf.5.xml:4344 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4342 +#: sssd.conf.5.xml:4345 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4343 +#: sssd.conf.5.xml:4346 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4344 +#: sssd.conf.5.xml:4347 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4345 +#: sssd.conf.5.xml:4348 msgid "ldap_sasl_mech," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4346 +#: sssd.conf.5.xml:4349 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4347 +#: sssd.conf.5.xml:4350 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4348 +#: sssd.conf.5.xml:4351 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4349 sssd-ipa.5.xml:884 +#: sssd.conf.5.xml:4352 sssd-ipa.5.xml:948 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4353 +#: sssd.conf.5.xml:4356 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4359 +#: sssd.conf.5.xml:4362 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4361 +#: sssd.conf.5.xml:4364 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -5443,7 +5450,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4375 +#: sssd.conf.5.xml:4378 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -5451,7 +5458,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4384 +#: sssd.conf.5.xml:4387 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -5460,55 +5467,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4391 +#: sssd.conf.5.xml:4394 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4394 +#: sssd.conf.5.xml:4397 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4398 +#: sssd.conf.5.xml:4401 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4405 +#: sssd.conf.5.xml:4408 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4408 +#: sssd.conf.5.xml:4411 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4414 +#: sssd.conf.5.xml:4417 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4420 +#: sssd.conf.5.xml:4423 msgid "" -"The RULE_NAME for the <quote>files</quote> provider which tries to find a " -"user with the same name." +"If maprule is not set and provider is <quote>proxy</quote><phrase " +"condition=\"with_files_provider\">  or <quote>files</quote></phrase>, " +"the RULE_NAME name is assumed to be the name of the matching user." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4429 +#: sssd.conf.5.xml:4434 msgid "domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4432 +#: sssd.conf.5.xml:4437 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -5517,17 +5525,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4439 +#: sssd.conf.5.xml:4444 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4444 +#: sssd.conf.5.xml:4449 msgid "priority (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4447 +#: sssd.conf.5.xml:4452 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -5535,26 +5543,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4453 +#: sssd.conf.5.xml:4458 msgid "Default: the lowest priority" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4459 +#: sssd.conf.5.xml:4464 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4465 +#: sssd.conf.5.xml:4470 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4471 +#: sssd.conf.5.xml:4476 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -5563,17 +5571,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4480 +#: sssd.conf.5.xml:4485 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4488 +#: sssd.conf.5.xml:4493 msgid "PROMPTING CONFIGURATION SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4490 +#: sssd.conf.5.xml:4495 msgid "" "If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" "filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " @@ -5583,7 +5591,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4498 +#: sssd.conf.5.xml:4503 msgid "" "With the growing number of authentication methods and the possibility that " "there are multiple ones for a single user the heuristic used by pam_sss to " @@ -5592,59 +5600,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4510 +#: sssd.conf.5.xml:4515 msgid "[prompting/password]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4513 +#: sssd.conf.5.xml:4518 msgid "password_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4514 +#: sssd.conf.5.xml:4519 msgid "to change the string of the password prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4512 +#: sssd.conf.5.xml:4517 msgid "" "to configure password prompting, allowed options are: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4522 +#: sssd.conf.5.xml:4527 msgid "[prompting/2fa]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4526 +#: sssd.conf.5.xml:4531 msgid "first_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4527 +#: sssd.conf.5.xml:4532 msgid "to change the string of the prompt for the first factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4530 +#: sssd.conf.5.xml:4535 msgid "second_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4531 +#: sssd.conf.5.xml:4536 msgid "to change the string of the prompt for the second factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4534 +#: sssd.conf.5.xml:4539 msgid "single_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4535 +#: sssd.conf.5.xml:4540 msgid "" "boolean value, if True there will be only a single prompt using the value of " "first_prompt where it is expected that both factors are entered as a single " @@ -5653,7 +5661,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4524 +#: sssd.conf.5.xml:4529 msgid "" "to configure two-factor authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/> If the second factor is " @@ -5662,7 +5670,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4548 +#: sssd.conf.5.xml:4553 msgid "" "Some clients, such as SSH with 'PasswordAuthentication yes', generate their " "own prompts and do not use prompts provided by SSSD or other PAM modules. " @@ -5673,17 +5681,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4563 +#: sssd.conf.5.xml:4568 msgid "[prompting/passkey]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4569 sssd-ad.5.xml:1022 +#: sssd.conf.5.xml:4574 sssd-ad.5.xml:1022 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4571 +#: sssd.conf.5.xml:4576 msgid "" "boolean value, if True prompt a message and wait before testing the presence " "of a passkey device. Recommended if your device doesn’t have a tactile " @@ -5691,39 +5699,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4579 +#: sssd.conf.5.xml:4584 msgid "interactive_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4581 +#: sssd.conf.5.xml:4586 msgid "to change the message of the interactive prompt." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4586 +#: sssd.conf.5.xml:4591 msgid "touch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4588 +#: sssd.conf.5.xml:4593 msgid "" "boolean value, if True prompt a message to remind the user to touch the " "device." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4594 +#: sssd.conf.5.xml:4599 msgid "touch_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4596 +#: sssd.conf.5.xml:4601 msgid "to change the message of the touch prompt." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4565 +#: sssd.conf.5.xml:4570 #, fuzzy #| msgid "" #| "The following expansions are supported: <placeholder " @@ -5736,7 +5744,7 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4505 +#: sssd.conf.5.xml:4510 msgid "" "Each supported authentication method has its own configuration subsection " "under <quote>[prompting/...]</quote>. Currently there are: <placeholder " @@ -5745,7 +5753,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4607 +#: sssd.conf.5.xml:4612 msgid "" "It is possible to add a subsection for specific PAM services, e.g. " "<quote>[prompting/password/sshd]</quote> to individual change the prompting " @@ -5753,12 +5761,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4614 pam_sss_gss.8.xml:157 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:4619 pam_sss_gss.8.xml:157 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4620 +#: sssd.conf.5.xml:4625 #, fuzzy, no-wrap #| msgid "" #| "[sssd]\n" @@ -5836,7 +5844,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4616 +#: sssd.conf.5.xml:4621 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -5845,7 +5853,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4652 +#: sssd.conf.5.xml:4657 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -5853,7 +5861,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4646 +#: sssd.conf.5.xml:4651 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -5864,7 +5872,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4663 +#: sssd.conf.5.xml:4668 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -5875,7 +5883,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4657 +#: sssd.conf.5.xml:4662 msgid "" "3. The following example shows the configuration of a certificate mapping " "rule. It is valid for the configured domain <quote>my.domain</quote> and " @@ -6172,8 +6180,17 @@ msgstr "" msgid "ldap_modify - Direct modification of userPassword (not recommended)." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:239 +msgid "" +"exop_force - Try Password Modify Extended Operation (RFC 3062) even if there " +"are no grace logins left. Depending on the type and configuration of the " +"LDAP server the password change might fail because an authenticated bind is " +"not possible." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:240 +#: sssd-ldap.5.xml:251 msgid "" "Note: First, a new connection is established to verify current password by " "binding as the user that requested password change. If successful, this " @@ -6182,75 +6199,75 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:248 +#: sssd-ldap.5.xml:259 msgid "Default: exop" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:265 msgid "ldap_default_bind_dn (string)" msgstr "ldap_default_bind_dn (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:268 msgid "The default bind DN to use for performing LDAP operations." msgstr "" "El vincle DN per defecte per utilitzar en realitzar les operacions d'LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:264 +#: sssd-ldap.5.xml:275 msgid "ldap_default_authtok_type (string)" msgstr "ldap_default_authtok_type (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:267 +#: sssd-ldap.5.xml:278 msgid "The type of the authentication token of the default bind DN." msgstr "El tipus de testimoni d'autenticació del vincle DN per defecte." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:271 +#: sssd-ldap.5.xml:282 msgid "The two mechanisms currently supported are:" msgstr "Els dos mecanismes suportats actualment són:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:274 +#: sssd-ldap.5.xml:285 msgid "password" msgstr "contrasenya" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:288 msgid "obfuscated_password" msgstr "obfuscated_password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:291 msgid "Default: password" msgstr "Per defecte: password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:283 +#: sssd-ldap.5.xml:294 msgid "" "See the <citerefentry> <refentrytitle>sss_obfuscate</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> manual page for more information." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:294 +#: sssd-ldap.5.xml:305 msgid "ldap_default_authtok (string)" msgstr "ldap_default_authtok (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 +#: sssd-ldap.5.xml:308 msgid "The authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:314 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:317 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -6263,24 +6280,24 @@ msgstr "" "voleu utilitzar un àmbit en majúscules." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:319 +#: sssd-ldap.5.xml:330 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:322 +#: sssd-ldap.5.xml:333 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:349 msgid "ldap_purge_cache_timeout (integer)" msgstr "ldap_purge_cache_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:341 +#: sssd-ldap.5.xml:352 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -6291,7 +6308,7 @@ msgstr "" "los per estalviar espai." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:358 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -6300,12 +6317,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:367 +#: sssd-ldap.5.xml:378 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:370 +#: sssd-ldap.5.xml:381 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -6317,7 +6334,7 @@ msgstr "" "RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:377 +#: sssd-ldap.5.xml:388 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -6327,7 +6344,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:397 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -6337,67 +6354,67 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:395 +#: sssd-ldap.5.xml:406 msgid "Default: 2" msgstr "Per defecte: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 +#: sssd-ldap.5.xml:415 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:414 +#: sssd-ldap.5.xml:425 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:420 +#: sssd-ldap.5.xml:431 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:423 +#: sssd-ldap.5.xml:434 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:427 sssd-ipa.5.xml:462 sssd-ipa.5.xml:481 sssd-ipa.5.xml:500 -#: sssd-ipa.5.xml:519 +#: sssd-ldap.5.xml:438 sssd-ipa.5.xml:526 sssd-ipa.5.xml:545 sssd-ipa.5.xml:564 +#: sssd-ipa.5.xml:583 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " "multiple search bases." msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:432 sssd-ipa.5.xml:467 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:443 sssd-ipa.5.xml:531 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "Per defecte: el valor de <emphasis>ldap_search_base</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:450 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:444 +#: sssd-ldap.5.xml:455 msgid "ldap_iphost_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:449 +#: sssd-ldap.5.xml:460 msgid "ldap_ipnetwork_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:465 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:468 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -6405,7 +6422,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:463 +#: sssd-ldap.5.xml:474 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -6413,12 +6430,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:480 +#: sssd-ldap.5.xml:491 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:483 +#: sssd-ldap.5.xml:494 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -6426,12 +6443,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:501 +#: sssd-ldap.5.xml:512 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:504 +#: sssd-ldap.5.xml:515 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -6448,12 +6465,12 @@ msgstr "" "manvolnum></citerefentry> retorna en cas de cap activitat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:532 +#: sssd-ldap.5.xml:543 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:546 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -6462,12 +6479,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:566 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:569 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -6476,7 +6493,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:577 msgid "" "If the connection is idle (not actively running an operation) within " "<emphasis>ldap_opt_timeout</emphasis> seconds of expiration, then it will be " @@ -6487,38 +6504,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:578 +#: sssd-ldap.5.xml:589 msgid "" "This timeout can be extended of a random value specified by " "<emphasis>ldap_connection_expire_offset</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:588 sssd-ldap.5.xml:631 sssd-ldap.5.xml:1749 +#: sssd-ldap.5.xml:599 sssd-ldap.5.xml:642 sssd-ldap.5.xml:1760 msgid "Default: 900 (15 minutes)" msgstr "Per defecte: 900 (15 minuts)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:594 +#: sssd-ldap.5.xml:605 msgid "ldap_connection_expire_offset (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:597 +#: sssd-ldap.5.xml:608 msgid "" "Random offset between 0 and configured value is added to " "<emphasis>ldap_connection_expire_timeout</emphasis>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:624 #, fuzzy #| msgid "ldap_connection_expire_timeout (integer)" msgid "ldap_connection_idle_timeout (integer)" msgstr "ldap_connection_expire_timeout (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 +#: sssd-ldap.5.xml:627 msgid "" "Specifies a timeout (in seconds) that an idle connection to an LDAP server " "will be maintained. If the connection is idle for more than this time then " @@ -6526,29 +6543,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:622 +#: sssd-ldap.5.xml:633 msgid "You can disable this timeout by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:648 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:651 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:662 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:654 +#: sssd-ldap.5.xml:665 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -6556,14 +6573,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:660 +#: sssd-ldap.5.xml:671 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:666 +#: sssd-ldap.5.xml:677 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -6571,17 +6588,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:678 +#: sssd-ldap.5.xml:689 msgid "ldap_disable_range_retrieval (boolean)" msgstr "ldap_disable_range_retrieval (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:681 +#: sssd-ldap.5.xml:692 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:684 +#: sssd-ldap.5.xml:695 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -6591,12 +6608,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:699 +#: sssd-ldap.5.xml:710 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 +#: sssd-ldap.5.xml:713 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -6604,17 +6621,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:708 sssd-ldap.5.xml:724 +#: sssd-ldap.5.xml:719 sssd-ldap.5.xml:735 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:715 +#: sssd-ldap.5.xml:726 msgid "ldap_sasl_maxssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:718 +#: sssd-ldap.5.xml:729 msgid "" "When communicating with an LDAP server using SASL, specify the maximal " "security level necessary to establish the connection. The values of this " @@ -6622,12 +6639,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:742 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:734 +#: sssd-ldap.5.xml:745 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -6635,7 +6652,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:740 +#: sssd-ldap.5.xml:751 msgid "" "You can turn off dereference lookups completely by setting the value to 0. " "Please note that there are some codepaths in SSSD, like the IPA HBAC " @@ -6646,7 +6663,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:751 +#: sssd-ldap.5.xml:762 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -6655,7 +6672,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 +#: sssd-ldap.5.xml:770 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -6663,12 +6680,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:783 msgid "ldap_ignore_unreadable_references (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 +#: sssd-ldap.5.xml:786 msgid "" "Ignore unreadable LDAP entries referenced in group's member attribute. If " "this parameter is set to false an error will be returned and the operation " @@ -6676,7 +6693,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:782 +#: sssd-ldap.5.xml:793 msgid "" "This parameter may be useful when using the AD provider and the computer " "account that sssd uses to connect to AD does not have access to a particular " @@ -6684,12 +6701,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:795 +#: sssd-ldap.5.xml:806 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:798 +#: sssd-ldap.5.xml:809 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -6699,7 +6716,7 @@ msgstr "" "valors següents:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 +#: sssd-ldap.5.xml:815 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -6708,7 +6725,7 @@ msgstr "" "certificat del servidor." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:808 +#: sssd-ldap.5.xml:819 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6720,7 +6737,7 @@ msgstr "" "normalment." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:826 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6731,7 +6748,7 @@ msgstr "" "proporciona un certificat dolent, immediatament s'acaba la sessió." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:821 +#: sssd-ldap.5.xml:832 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -6742,22 +6759,22 @@ msgstr "" "immediatament s'acaba la sessió." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:838 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> = Igual que <quote>demand</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:831 +#: sssd-ldap.5.xml:842 msgid "Default: hard" msgstr "Per defecte: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:837 +#: sssd-ldap.5.xml:848 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:840 +#: sssd-ldap.5.xml:851 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -6766,7 +6783,7 @@ msgstr "" "Certificació que reconeixerà l'<command>sssd</command>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 sssd-ldap.5.xml:864 sssd-ldap.5.xml:905 +#: sssd-ldap.5.xml:856 sssd-ldap.5.xml:875 sssd-ldap.5.xml:916 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -6775,12 +6792,12 @@ msgstr "" "<filename>/etc/openldap/ldap.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:852 +#: sssd-ldap.5.xml:863 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:866 #, fuzzy #| msgid "" #| "Specifies the path of a directory that contains Certificate Authority " @@ -6802,32 +6819,32 @@ msgstr "" "correctes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:871 +#: sssd-ldap.5.xml:882 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:885 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 +#: sssd-ldap.5.xml:895 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:898 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:907 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:910 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -6835,12 +6852,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 +#: sssd-ldap.5.xml:923 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:926 #, fuzzy #| msgid "" #| "Specifies that the id_provider connection must also use <systemitem " @@ -6854,12 +6871,12 @@ msgstr "" "class=\"protocol\">tls</systemitem> per a protegir el canal." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:937 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:940 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -6867,17 +6884,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:946 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:945 +#: sssd-ldap.5.xml:956 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:959 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -6888,24 +6905,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:960 +#: sssd-ldap.5.xml:971 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:966 +#: sssd-ldap.5.xml:977 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:969 +#: sssd-ldap.5.xml:980 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " "tested and supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 +#: sssd-ldap.5.xml:984 msgid "" "If the backend supports sub-domains the value of ldap_sasl_mech is " "automatically inherited to the sub-domains. If a different value is needed " @@ -6916,12 +6933,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:989 +#: sssd-ldap.5.xml:1000 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1001 +#: sssd-ldap.5.xml:1012 #, no-wrap msgid "" "hostname@REALM\n" @@ -6934,7 +6951,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:992 +#: sssd-ldap.5.xml:1003 msgid "" "Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " "this represents the Kerberos principal used for authentication to the " @@ -6946,17 +6963,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1012 +#: sssd-ldap.5.xml:1023 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1018 +#: sssd-ldap.5.xml:1029 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1032 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6964,51 +6981,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1038 msgid "Default: the value of krb5_realm." msgstr "Per defecte: el valor de krb5_realm." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 +#: sssd-ldap.5.xml:1044 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 +#: sssd-ldap.5.xml:1047 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1041 +#: sssd-ldap.5.xml:1052 msgid "Default: false;" msgstr "Per defecte: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1047 +#: sssd-ldap.5.xml:1058 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1050 +#: sssd-ldap.5.xml:1061 msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 sssd-krb5.5.xml:247 +#: sssd-ldap.5.xml:1070 sssd-krb5.5.xml:247 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Per defecte: Fitxer keytab de sistema, normalment <filename>/etc/krb5." "keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 +#: sssd-ldap.5.xml:1076 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 +#: sssd-ldap.5.xml:1079 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -7016,28 +7033,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1080 +#: sssd-ldap.5.xml:1091 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1094 msgid "" "Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1092 sssd-ad.5.xml:1253 +#: sssd-ldap.5.xml:1103 sssd-ad.5.xml:1256 msgid "Default: 86400 (24 hours)" msgstr "Per defecte: 86400 (24 hores)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1098 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1109 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1101 +#: sssd-ldap.5.xml:1112 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -7049,7 +7066,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1113 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1124 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -7060,7 +7077,7 @@ msgstr "" "retorna a _tcp si no se'n troba cap." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1118 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1129 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -7072,41 +7089,41 @@ msgstr "" "<quote>krb5_server</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1127 sssd-ipa.5.xml:531 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1138 sssd-ipa.5.xml:595 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1130 +#: sssd-ldap.5.xml:1141 msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1134 +#: sssd-ldap.5.xml:1145 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Per defecte: Paràmetres predeterminats del sistema, vegeu <filename>/etc/" "krb5.conf</filename>" #. type: Content of: <variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1140 include/krb5_options.xml:154 +#: sssd-ldap.5.xml:1151 include/krb5_options.xml:154 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1143 +#: sssd-ldap.5.xml:1154 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1155 sssd-krb5.5.xml:336 +#: sssd-ldap.5.xml:1166 sssd-krb5.5.xml:336 msgid "krb5_use_kdcinfo (boolean)" msgstr "krb5_use_kdcinfo (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1158 sssd-krb5.5.xml:339 +#: sssd-ldap.5.xml:1169 sssd-krb5.5.xml:339 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -7116,7 +7133,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 sssd-krb5.5.xml:350 +#: sssd-ldap.5.xml:1180 sssd-krb5.5.xml:350 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -7124,12 +7141,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1183 +#: sssd-ldap.5.xml:1194 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1186 +#: sssd-ldap.5.xml:1197 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -7138,7 +7155,7 @@ msgstr "" "costat del client. S'admeten els valors següents:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1202 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -7147,7 +7164,7 @@ msgstr "" "opció no inhabilita les polítiques de contrasenya de servidor." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1196 +#: sssd-ldap.5.xml:1207 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -7156,7 +7173,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1204 +#: sssd-ldap.5.xml:1215 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -7168,25 +7185,25 @@ msgstr "" "contrasenya." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1213 +#: sssd-ldap.5.xml:1224 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1232 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1235 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" "Especifica si el seguiment automàtic del referenciador s'hauria d'habilitar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 +#: sssd-ldap.5.xml:1239 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -7195,7 +7212,7 @@ msgstr "" "quan es compila amb la versió 2.4.13 o superiors d'OpenLDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1233 +#: sssd-ldap.5.xml:1244 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -7208,29 +7225,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1263 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1255 +#: sssd-ldap.5.xml:1266 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "Especifica el nom de servei per utilitzar quan està habilitada la detecció " "de serveis." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1259 +#: sssd-ldap.5.xml:1270 msgid "Default: ldap" msgstr "Per defecte: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1265 +#: sssd-ldap.5.xml:1276 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1279 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -7240,25 +7257,25 @@ msgstr "" "dels serveis." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 +#: sssd-ldap.5.xml:1284 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" "Defecte: no definit, és a dir, el descobriment de serveis està inhabilitat" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1290 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 +#: sssd-ldap.5.xml:1293 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1288 +#: sssd-ldap.5.xml:1299 msgid "" "It is recommend to set this option explicitly if \"ldap_pwd_policy = " "shadow\" is used to let SSSD know if the LDAP server will update " @@ -7267,12 +7284,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1313 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1305 +#: sssd-ldap.5.xml:1316 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -7288,12 +7305,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1336 msgid "Example:" msgstr "Exemple:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1328 +#: sssd-ldap.5.xml:1339 #, no-wrap msgid "" "access_provider = ldap\n" @@ -7302,14 +7319,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1332 +#: sssd-ldap.5.xml:1343 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 +#: sssd-ldap.5.xml:1348 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -7318,17 +7335,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1345 sssd-ldap.5.xml:1401 +#: sssd-ldap.5.xml:1356 sssd-ldap.5.xml:1412 msgid "Default: Empty" msgstr "Per defecte: Buit" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1351 +#: sssd-ldap.5.xml:1362 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1354 +#: sssd-ldap.5.xml:1365 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -7337,7 +7354,7 @@ msgstr "" "d'atributs de control d'accés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1358 +#: sssd-ldap.5.xml:1369 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -7349,12 +7366,12 @@ msgstr "" "contrasenya és correcta." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1365 +#: sssd-ldap.5.xml:1376 msgid "The following values are allowed:" msgstr "S'admeten els valors següents:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1368 +#: sssd-ldap.5.xml:1379 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -7363,7 +7380,7 @@ msgstr "" "determinar si el compte ha caducat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1373 +#: sssd-ldap.5.xml:1384 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -7372,7 +7389,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1380 +#: sssd-ldap.5.xml:1391 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -7380,7 +7397,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1386 +#: sssd-ldap.5.xml:1397 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -7389,7 +7406,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1394 +#: sssd-ldap.5.xml:1405 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -7397,24 +7414,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1407 +#: sssd-ldap.5.xml:1418 msgid "ldap_access_order (string)" msgstr "ldap_access_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1410 sssd-ipa.5.xml:356 +#: sssd-ldap.5.xml:1421 sssd-ipa.5.xml:420 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "Llista separada per comes d'opcions de control d'accés. Els valors permesos " "són:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 +#: sssd-ldap.5.xml:1425 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis>: utilitza ldap_access_filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1417 +#: sssd-ldap.5.xml:1428 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -7424,14 +7441,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1427 +#: sssd-ldap.5.xml:1438 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1434 +#: sssd-ldap.5.xml:1445 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -7444,12 +7461,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1451 +#: sssd-ldap.5.xml:1462 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>expire</emphasis>: utilitza ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 sssd-ipa.5.xml:364 +#: sssd-ldap.5.xml:1466 sssd-ipa.5.xml:428 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -7459,31 +7476,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1465 sssd-ipa.5.xml:374 +#: sssd-ldap.5.xml:1476 sssd-ipa.5.xml:438 msgid "" "The difference between these options is the action taken if user password is " "expired:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1470 sssd-ipa.5.xml:379 +#: sssd-ldap.5.xml:1481 sssd-ipa.5.xml:443 msgid "pwd_expire_policy_reject - user is denied to log in," msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1476 sssd-ipa.5.xml:385 +#: sssd-ldap.5.xml:1487 sssd-ipa.5.xml:449 msgid "pwd_expire_policy_warn - user is still able to log in," msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1482 sssd-ipa.5.xml:391 +#: sssd-ldap.5.xml:1493 sssd-ipa.5.xml:455 msgid "" "pwd_expire_policy_renew - user is prompted to change their password " "immediately." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1490 +#: sssd-ldap.5.xml:1501 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to shadow or mit_kerberos, these " @@ -7491,7 +7508,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1507 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -7500,31 +7517,31 @@ msgstr "" "authorizedService per determinar l'accés" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1501 +#: sssd-ldap.5.xml:1512 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1505 +#: sssd-ldap.5.xml:1516 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1520 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1514 +#: sssd-ldap.5.xml:1525 msgid "Default: filter" msgstr "Per defecte: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1528 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -7533,12 +7550,12 @@ msgstr "" "s'utilitza més d'una vegada." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1524 +#: sssd-ldap.5.xml:1535 msgid "ldap_pwdlockout_dn (string)" msgstr "ldap_pwdlockout_dn (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 +#: sssd-ldap.5.xml:1538 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -7547,22 +7564,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:1546 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "Exemple: cn=ppolicy,ou=policies,dc=exemple,dc=com" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1538 +#: sssd-ldap.5.xml:1549 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "Per defecte: cn=ppolicy,ou=policies,$ldap_search_base" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1555 msgid "ldap_deref (string)" msgstr "ldap_deref (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1558 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -7571,13 +7588,13 @@ msgstr "" "es fa una cerca. S'admeten les opcions següents:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1563 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" "<emphasis>never</emphasis>: les referències dels àlies mai són eliminades." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1556 +#: sssd-ldap.5.xml:1567 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -7587,7 +7604,7 @@ msgstr "" "de la cerca." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1561 +#: sssd-ldap.5.xml:1572 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -7596,7 +7613,7 @@ msgstr "" "només en localitzar l'objecte base de la cerca." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1566 +#: sssd-ldap.5.xml:1577 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -7605,7 +7622,7 @@ msgstr "" "en la recerca i en la localització de l'objecte base de la cerca." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 +#: sssd-ldap.5.xml:1582 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -7614,19 +7631,19 @@ msgstr "" "biblioteques de client LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1579 +#: sssd-ldap.5.xml:1590 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1593 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1586 +#: sssd-ldap.5.xml:1597 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -7637,7 +7654,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1597 +#: sssd-ldap.5.xml:1608 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -7645,64 +7662,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1609 sssd-ifp.5.xml:152 +#: sssd-ldap.5.xml:1620 sssd-ifp.5.xml:152 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1612 +#: sssd-ldap.5.xml:1623 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1616 +#: sssd-ldap.5.xml:1627 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1631 msgid "Default: 1000 (often the size of one page)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1626 +#: sssd-ldap.5.xml:1637 #, fuzzy #| msgid "debug_level (integer)" msgid "ldap_library_debug_level (integer)" msgstr "debug_level (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1629 +#: sssd-ldap.5.xml:1640 msgid "" "Switches on libldap debugging with the given level. The libldap debug " "messages will be written independent of the general debug_level." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1634 +#: sssd-ldap.5.xml:1645 msgid "" "OpenLDAP uses a bitmap to enable debugging for specific components, -1 will " "enable full debug output." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1639 +#: sssd-ldap.5.xml:1650 #, fuzzy #| msgid "Default: 0 (disabled)" msgid "Default: 0 (libldap debugging disabled)" msgstr "Per defecte: 0 (inhabilitat)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1645 +#: sssd-ldap.5.xml:1656 #, fuzzy #| msgid "ldap_id_mapping (boolean)" msgid "ldap_use_ppolicy (boolean)" msgstr "ldap_id_mapping (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1659 msgid "" "Turns on requesting and relying on the server-side password policy controls. " "Disabling this allows interacting with services which send back invalid " @@ -7710,14 +7727,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1671 #, fuzzy #| msgid "ldap_deref_threshold (integer)" msgid "ldap_ppolicy_pwd_change_threshold (integer)" msgstr "ldap_deref_threshold (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1663 +#: sssd-ldap.5.xml:1674 msgid "" "Forces a password change when server side password policy controls are " "enabled and remaining grace logins returned by the server after the " @@ -7740,12 +7757,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1683 +#: sssd-ldap.5.xml:1694 msgid "SUDO OPTIONS" msgstr "OPCIONS DE SUDO" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1685 +#: sssd-ldap.5.xml:1696 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -7753,43 +7770,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 +#: sssd-ldap.5.xml:1707 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 +#: sssd-ldap.5.xml:1710 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1715 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1709 +#: sssd-ldap.5.xml:1720 msgid "" "You can disable full refresh by setting this option to 0. However, either " "smart or full refresh must be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1725 msgid "Default: 21600 (6 hours)" msgstr "Per defecte: 21600 (6 hores)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1720 +#: sssd-ldap.5.xml:1731 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1734 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest " @@ -7797,14 +7814,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1740 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1733 +#: sssd-ldap.5.xml:1744 msgid "" "<emphasis>Note:</emphasis> the highest USN value can be updated by three " "tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " @@ -7814,21 +7831,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1744 +#: sssd-ldap.5.xml:1755 msgid "" "You can disable smart refresh by setting this option to 0. However, either " "smart or full refresh must be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1755 +#: sssd-ldap.5.xml:1766 #, fuzzy #| msgid "ldap_idmap_range_size (integer)" msgid "ldap_sudo_random_offset (integer)" msgstr "ldap_idmap_range_size (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1758 +#: sssd-ldap.5.xml:1769 msgid "" "Random offset between 0 and configured value is added to smart and full " "refresh periods each time the periodic task is scheduled. The value is in " @@ -7836,7 +7853,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 +#: sssd-ldap.5.xml:1775 msgid "" "Note that this random offset is also applied on the first SSSD start which " "delays the first sudo rules refresh. This prolongs the time when the sudo " @@ -7844,106 +7861,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1770 +#: sssd-ldap.5.xml:1781 msgid "You can disable this offset by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1780 +#: sssd-ldap.5.xml:1791 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1794 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1794 +#: sssd-ldap.5.xml:1805 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1797 +#: sssd-ldap.5.xml:1808 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1813 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1807 sssd-ldap.5.xml:1830 sssd-ldap.5.xml:1848 -#: sssd-ldap.5.xml:1866 +#: sssd-ldap.5.xml:1818 sssd-ldap.5.xml:1841 sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1877 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1812 sssd-ldap.5.xml:1835 +#: sssd-ldap.5.xml:1823 sssd-ldap.5.xml:1846 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1818 +#: sssd-ldap.5.xml:1829 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1821 +#: sssd-ldap.5.xml:1832 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1826 +#: sssd-ldap.5.xml:1837 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1841 +#: sssd-ldap.5.xml:1852 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "ldap_sudo_include_netgroups (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1855 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1870 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1862 +#: sssd-ldap.5.xml:1873 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:1872 +#: sssd-ldap.5.xml:1883 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1884 +#: sssd-ldap.5.xml:1895 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7952,59 +7969,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1894 +#: sssd-ldap.5.xml:1905 msgid "AUTOFS OPTIONS" msgstr "OPCIONS D'AUTOFS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1896 +#: sssd-ldap.5.xml:1907 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1913 msgid "ldap_autofs_map_master_name (string)" msgstr "ldap_autofs_map_master_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1905 +#: sssd-ldap.5.xml:1916 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1919 msgid "Default: auto.master" msgstr "Per defecte: auto.master" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1919 +#: sssd-ldap.5.xml:1930 msgid "ADVANCED OPTIONS" msgstr "OPCIONS AVANÇADES" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1926 +#: sssd-ldap.5.xml:1937 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1931 +#: sssd-ldap.5.xml:1942 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1936 +#: sssd-ldap.5.xml:1947 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:1941 +#: sssd-ldap.5.xml:1952 msgid "<note>" msgstr "<note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:1943 +#: sssd-ldap.5.xml:1954 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -8013,22 +8030,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:1950 +#: sssd-ldap.5.xml:1961 msgid "</note>" msgstr "</note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:1963 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1968 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1921 +#: sssd-ldap.5.xml:1932 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -8037,14 +8054,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1972 sssd-simple.5.xml:131 sssd-ipa.5.xml:930 -#: sssd-ad.5.xml:1392 sssd-krb5.5.xml:483 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:1983 sssd-simple.5.xml:131 sssd-ipa.5.xml:994 +#: sssd-ad.5.xml:1459 sssd-krb5.5.xml:483 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:155 sssd-session-recording.5.xml:176 msgid "EXAMPLE" msgstr "EXEMPLE" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1974 +#: sssd-ldap.5.xml:1985 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -8055,7 +8072,7 @@ msgstr "" "replaceable>." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1980 +#: sssd-ldap.5.xml:1991 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -8068,27 +8085,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:1979 sssd-ldap.5.xml:1997 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:938 sssd-ad.5.xml:1400 sssd-sudo.5.xml:56 sssd-krb5.5.xml:492 -#: sssd-files.5.xml:162 sssd-files.5.xml:173 sssd-session-recording.5.xml:182 -#: include/ldap_id_mapping.xml:105 +#: sssd-ldap.5.xml:1990 sssd-ldap.5.xml:2008 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:1002 sssd-ad.5.xml:1467 sssd-sudo.5.xml:56 +#: sssd-krb5.5.xml:492 sssd-files.5.xml:162 sssd-files.5.xml:173 +#: sssd-session-recording.5.xml:182 include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1991 +#: sssd-ldap.5.xml:2002 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1993 +#: sssd-ldap.5.xml:2004 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1998 +#: sssd-ldap.5.xml:2009 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -8104,13 +8121,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2013 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1415 sssd.8.xml:270 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2024 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1482 sssd.8.xml:270 sss_seed.8.xml:163 msgid "NOTES" msgstr "NOTES" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2015 +#: sssd-ldap.5.xml:2026 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -10482,7 +10499,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 sssd-ad.5.xml:1182 +#: sssd-ipa.5.xml:129 sssd-ad.5.xml:1185 msgid "dyndns_update (boolean)" msgstr "dyndns_update (booleà)" @@ -10497,7 +10514,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:141 sssd-ad.5.xml:1196 +#: sssd-ipa.5.xml:141 sssd-ad.5.xml:1199 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -10512,12 +10529,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:158 sssd-ad.5.xml:1207 +#: sssd-ipa.5.xml:158 sssd-ad.5.xml:1210 msgid "dyndns_ttl (integer)" msgstr "dyndns_ttl (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:161 sssd-ad.5.xml:1210 +#: sssd-ipa.5.xml:161 sssd-ad.5.xml:1213 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -10538,12 +10555,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:178 sssd-ad.5.xml:1221 +#: sssd-ipa.5.xml:178 sssd-ad.5.xml:1224 msgid "dyndns_iface (string)" msgstr "dyndns_iface (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:181 sssd-ad.5.xml:1224 +#: sssd-ipa.5.xml:181 sssd-ad.5.xml:1227 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -10567,17 +10584,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:198 sssd-ad.5.xml:1235 +#: sssd-ipa.5.xml:198 sssd-ad.5.xml:1238 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:204 sssd-ad.5.xml:1291 +#: sssd-ipa.5.xml:204 sssd-ad.5.xml:1294 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:207 sssd-ad.5.xml:1294 +#: sssd-ipa.5.xml:207 sssd-ad.5.xml:1297 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -10585,19 +10602,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:213 sssd-ad.5.xml:1300 +#: sssd-ipa.5.xml:213 sssd-ad.5.xml:1303 msgid "Default: GSS-TSIG" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:219 sssd-ad.5.xml:1306 +#: sssd-ipa.5.xml:219 sssd-ad.5.xml:1309 #, fuzzy #| msgid "dyndns_iface (string)" msgid "dyndns_auth_ptr (string)" msgstr "dyndns_iface (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:222 sssd-ad.5.xml:1309 +#: sssd-ipa.5.xml:222 sssd-ad.5.xml:1312 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "PTR updates with the DNS server, insecure updates can be sent by setting " @@ -10605,7 +10622,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:228 sssd-ad.5.xml:1315 +#: sssd-ipa.5.xml:228 sssd-ad.5.xml:1318 msgid "Default: Same as dyndns_auth" msgstr "" @@ -10632,7 +10649,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1241 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1244 msgid "dyndns_refresh_interval (integer)" msgstr "dyndns_refresh_interval (enter)" @@ -10645,12 +10662,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:276 sssd-ad.5.xml:1259 +#: sssd-ipa.5.xml:276 sssd-ad.5.xml:1262 msgid "dyndns_update_ptr (bool)" msgstr "dyndns_update_ptr (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 sssd-ad.5.xml:1262 +#: sssd-ipa.5.xml:279 sssd-ad.5.xml:1265 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -10664,7 +10681,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:290 sssd-ad.5.xml:1267 +#: sssd-ipa.5.xml:290 sssd-ad.5.xml:1270 msgid "" "Note that <emphasis>dyndns_update_per_family</emphasis> parameter does not " "apply for PTR record updates. Those updates are always sent separately." @@ -10676,60 +10693,77 @@ msgid "Default: False (disabled)" msgstr "Per defecte: False (inhabilitat)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1278 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1281 msgid "dyndns_force_tcp (bool)" msgstr "dyndns_force_tcp (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:304 sssd-ad.5.xml:1281 +#: sssd-ipa.5.xml:304 sssd-ad.5.xml:1284 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:308 sssd-ad.5.xml:1285 +#: sssd-ipa.5.xml:308 sssd-ad.5.xml:1288 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:314 sssd-ad.5.xml:1321 +#: sssd-ipa.5.xml:314 sssd-ad.5.xml:1324 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1324 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1327 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 sssd-ad.5.xml:1329 +#: sssd-ipa.5.xml:322 sssd-ad.5.xml:1332 msgid "" "Setting this option makes sense for environments where the DNS server is " -"different from the identity server." +"different from the identity server or when we use encrypted DNS." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:327 sssd-ad.5.xml:1337 +msgid "" +"The parameter can be a simple string containing DNS name or IP address. It " +"can also be an URI. The URI can look like <emphasis>dns://servername/</" +"emphasis> or <emphasis>dns+tls://1.2.3.4:853#servername/</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:334 sssd-ad.5.xml:1344 +msgid "" +"The second example enables DNS-over-TLS protocol for DNS updates. The " +"nsupdate utility must support DoT - check the <emphasis>man nsupdate</" +"emphasis> before enabling it in SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:327 sssd-ad.5.xml:1334 +#: sssd-ipa.5.xml:340 sssd-ad.5.xml:1350 msgid "" "Please note that this option will be only used in fallback attempt when " -"previous attempt using autodetected settings failed." +"previous attempt using autodetected settings failed or when DNS-over-TLS is " +"enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:332 sssd-ad.5.xml:1339 +#: sssd-ipa.5.xml:346 sssd-ad.5.xml:1356 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:338 sssd-ad.5.xml:1345 +#: sssd-ipa.5.xml:352 sssd-ad.5.xml:1362 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:341 sssd-ad.5.xml:1348 +#: sssd-ipa.5.xml:355 sssd-ad.5.xml:1365 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -10737,185 +10771,251 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:353 +#: sssd-ipa.5.xml:367 sssd-ad.5.xml:1377 +#, fuzzy +#| msgid "dyndns_iface (string)" +msgid "dyndns_dot_cacert (string)" +msgstr "dyndns_iface (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:370 sssd-ad.5.xml:1380 +msgid "" +"This option specifies the file of the certificate authorities certificates " +"(in PEM format) in order to verify the remote server TLS certificate when " +"using DoT." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:376 sssd-ad.5.xml:1386 +msgid "Default: None (use global certificate store)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:382 sssd-ad.5.xml:1392 +#, fuzzy +#| msgid "dyndns_iface (string)" +msgid "dyndns_dot_cert (string)" +msgstr "dyndns_iface (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:385 sssd-ad.5.xml:1395 +msgid "" +"This option sets the certificate(s) file for authentication for the DoT " +"transport to the remote server. The certificate chain file is expected to be " +"in PEM format." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:391 sssd-ad.5.xml:1401 +msgid "" +"The <emphasis>dyndns_dot_cert</emphasis> and <emphasis>dyndns_dot_key</" +"emphasis> options must be both set to achieve mutual TLS authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:396 sssd-ipa.5.xml:411 sssd-ad.5.xml:1406 sssd-ad.5.xml:1421 +#, fuzzy +#| msgid "Default: not set (no substitution for unset home directories)" +msgid "Default: None (Do not use TLS authentication)" +msgstr "" +"Per defecte: sense establir (cap substitució per als directoris inicials no " +"establerts)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:402 sssd-ad.5.xml:1412 +#, fuzzy +#| msgid "dyndns_iface (string)" +msgid "dyndns_dot_key (string)" +msgstr "dyndns_iface (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:405 sssd-ad.5.xml:1415 +msgid "" +"This option sets the key file for authenticated encryption for the DoT " +"transport to the remote server. The private key file is expected to be in " +"PEM format." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:417 #, fuzzy #| msgid "ldap_access_order (string)" msgid "ipa_access_order (string)" msgstr "ldap_access_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:360 +#: sssd-ipa.5.xml:424 #, fuzzy #| msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgid "<emphasis>expire</emphasis>: use IPA's account expiration policy." msgstr "<emphasis>expire</emphasis>: utilitza ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:399 +#: sssd-ipa.5.xml:463 msgid "" "Please note that 'access_provider = ipa' must be set for this feature to " "work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:406 +#: sssd-ipa.5.xml:470 msgid "ipa_deskprofile_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:409 +#: sssd-ipa.5.xml:473 msgid "" "Optional. Use the given string as search base for Desktop Profile related " "objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:413 sssd-ipa.5.xml:440 +#: sssd-ipa.5.xml:477 sssd-ipa.5.xml:504 msgid "Default: Use base DN" msgstr "Per defecte: Utilitza el DN base" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:419 +#: sssd-ipa.5.xml:483 #, fuzzy #| msgid "ipa_subdomains_search_base (string)" msgid "ipa_subid_ranges_search_base (string)" msgstr "ipa_subdomains_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:422 +#: sssd-ipa.5.xml:486 msgid "" "Optional. Use the given string as search base for subordinate ranges related " "objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:426 +#: sssd-ipa.5.xml:490 #, fuzzy #| msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgid "Default: the value of <emphasis>cn=subids,%basedn</emphasis>" msgstr "Per defecte: el valor de <emphasis>ldap_search_base</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:433 +#: sssd-ipa.5.xml:497 msgid "ipa_hbac_search_base (string)" msgstr "ipa_hbac_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:436 +#: sssd-ipa.5.xml:500 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:446 +#: sssd-ipa.5.xml:510 msgid "ipa_host_search_base (string)" msgstr "ipa_host_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:449 +#: sssd-ipa.5.xml:513 msgid "Deprecated. Use ldap_host_search_base instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:455 +#: sssd-ipa.5.xml:519 msgid "ipa_selinux_search_base (string)" msgstr "ipa_selinux_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:458 +#: sssd-ipa.5.xml:522 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:474 +#: sssd-ipa.5.xml:538 msgid "ipa_subdomains_search_base (string)" msgstr "ipa_subdomains_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:477 +#: sssd-ipa.5.xml:541 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 +#: sssd-ipa.5.xml:550 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:493 +#: sssd-ipa.5.xml:557 msgid "ipa_master_domain_search_base (string)" msgstr "ipa_master_domain_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:496 +#: sssd-ipa.5.xml:560 msgid "Optional. Use the given string as search base for master domain object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:505 +#: sssd-ipa.5.xml:569 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 +#: sssd-ipa.5.xml:576 msgid "ipa_views_search_base (string)" msgstr "ipa_views_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 +#: sssd-ipa.5.xml:579 msgid "Optional. Use the given string as search base for views containers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:524 +#: sssd-ipa.5.xml:588 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:534 +#: sssd-ipa.5.xml:598 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:538 +#: sssd-ipa.5.xml:602 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:546 sssd-ad.5.xml:1363 +#: sssd-ipa.5.xml:610 sssd-ad.5.xml:1430 msgid "krb5_confd_path (string)" msgstr "krb5_confd_path (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:549 sssd-ad.5.xml:1366 +#: sssd-ipa.5.xml:613 sssd-ad.5.xml:1433 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:553 sssd-ad.5.xml:1370 +#: sssd-ipa.5.xml:617 sssd-ad.5.xml:1437 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:557 sssd-ad.5.xml:1374 +#: sssd-ipa.5.xml:621 sssd-ad.5.xml:1441 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:564 +#: sssd-ipa.5.xml:628 msgid "ipa_deskprofile_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:567 +#: sssd-ipa.5.xml:631 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server. This will reduce the latency and load on the IPA server if there " @@ -10923,34 +11023,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:574 sssd-ipa.5.xml:604 sssd-ipa.5.xml:620 sssd-ad.5.xml:600 +#: sssd-ipa.5.xml:638 sssd-ipa.5.xml:668 sssd-ipa.5.xml:684 sssd-ad.5.xml:600 msgid "Default: 5 (seconds)" msgstr "Per defecte: 5 (segons)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:580 +#: sssd-ipa.5.xml:644 msgid "ipa_deskprofile_request_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:583 +#: sssd-ipa.5.xml:647 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server in case the last request did not return any rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:588 +#: sssd-ipa.5.xml:652 msgid "Default: 60 (minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:594 +#: sssd-ipa.5.xml:658 msgid "ipa_hbac_refresh (integer)" msgstr "ipa_hbac_refresh (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:597 +#: sssd-ipa.5.xml:661 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -10958,12 +11058,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:610 +#: sssd-ipa.5.xml:674 msgid "ipa_hbac_selinux (integer)" msgstr "ipa_hbac_selinux (enter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:613 +#: sssd-ipa.5.xml:677 msgid "" "The amount of time between lookups of the SELinux maps against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -10971,33 +11071,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:626 +#: sssd-ipa.5.xml:690 msgid "ipa_server_mode (boolean)" msgstr "ipa_server_mode (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:629 +#: sssd-ipa.5.xml:693 msgid "" "This option will be set by the IPA installer (ipa-server-install) " "automatically and denotes if SSSD is running on an IPA server or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:634 +#: sssd-ipa.5.xml:698 msgid "" "On an IPA server SSSD will lookup users and groups from trusted domains " "directly while on a client it will ask an IPA server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:639 +#: sssd-ipa.5.xml:703 msgid "" "NOTE: There are currently some assumptions that must be met when SSSD is " "running on an IPA server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:644 +#: sssd-ipa.5.xml:708 msgid "" "The <quote>ipa_server</quote> option must be configured to point to the IPA " "server itself. This is already the default set by the IPA installer, so no " @@ -11005,59 +11105,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:653 +#: sssd-ipa.5.xml:717 msgid "" "The <quote>full_name_format</quote> option must not be tweaked to only print " "short names for users from trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:668 +#: sssd-ipa.5.xml:732 msgid "ipa_automount_location (string)" msgstr "ipa_automount_location (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:671 +#: sssd-ipa.5.xml:735 msgid "The automounter location this IPA client will be using" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:674 +#: sssd-ipa.5.xml:738 msgid "Default: The location named \"default\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:682 +#: sssd-ipa.5.xml:746 msgid "VIEWS AND OVERRIDES" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:691 +#: sssd-ipa.5.xml:755 msgid "ipa_view_class (string)" msgstr "ipa_view_class (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:694 +#: sssd-ipa.5.xml:758 msgid "Objectclass of the view container." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:697 +#: sssd-ipa.5.xml:761 msgid "Default: nsContainer" msgstr "Per defecte: nsContainer" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:703 +#: sssd-ipa.5.xml:767 msgid "ipa_view_name (string)" msgstr "ipa_view_name (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:706 +#: sssd-ipa.5.xml:770 msgid "Name of the attribute holding the name of the view." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:710 sssd-ldap-attributes.5.xml:496 +#: sssd-ipa.5.xml:774 sssd-ldap-attributes.5.xml:496 #: sssd-ldap-attributes.5.xml:832 sssd-ldap-attributes.5.xml:913 #: sssd-ldap-attributes.5.xml:1010 sssd-ldap-attributes.5.xml:1068 #: sssd-ldap-attributes.5.xml:1226 sssd-ldap-attributes.5.xml:1271 @@ -11065,128 +11165,128 @@ msgid "Default: cn" msgstr "Per defecte: cn" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:716 +#: sssd-ipa.5.xml:780 msgid "ipa_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:719 +#: sssd-ipa.5.xml:783 msgid "Objectclass of the override objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:722 +#: sssd-ipa.5.xml:786 msgid "Default: ipaOverrideAnchor" msgstr "Per defecte: ipaOverrideAnchor" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:728 +#: sssd-ipa.5.xml:792 msgid "ipa_anchor_uuid (string)" msgstr "ipa_anchor_uuid (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:731 +#: sssd-ipa.5.xml:795 msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:735 +#: sssd-ipa.5.xml:799 msgid "Default: ipaAnchorUUID" msgstr "Per defecte: ipaAnchorUUID" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:741 +#: sssd-ipa.5.xml:805 msgid "ipa_user_override_object_class (string)" msgstr "ipa_user_override_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:744 +#: sssd-ipa.5.xml:808 msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:749 +#: sssd-ipa.5.xml:813 msgid "User overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:752 +#: sssd-ipa.5.xml:816 msgid "ldap_user_name" msgstr "ldap_user_name" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:755 +#: sssd-ipa.5.xml:819 msgid "ldap_user_uid_number" msgstr "ldap_user_uid_number" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:758 +#: sssd-ipa.5.xml:822 msgid "ldap_user_gid_number" msgstr "ldap_user_gid_number" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:761 +#: sssd-ipa.5.xml:825 msgid "ldap_user_gecos" msgstr "ldap_user_gecos" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:764 +#: sssd-ipa.5.xml:828 msgid "ldap_user_home_directory" msgstr "ldap_user_home_directory" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:767 +#: sssd-ipa.5.xml:831 msgid "ldap_user_shell" msgstr "ldap_user_shell" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:770 +#: sssd-ipa.5.xml:834 msgid "ldap_user_ssh_public_key" msgstr "ldap_user_ssh_public_key" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:775 +#: sssd-ipa.5.xml:839 msgid "Default: ipaUserOverride" msgstr "Per defecte: ipaUserOverride" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:781 +#: sssd-ipa.5.xml:845 msgid "ipa_group_override_object_class (string)" msgstr "ipa_group_override_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:784 +#: sssd-ipa.5.xml:848 msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:789 +#: sssd-ipa.5.xml:853 msgid "Group overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:792 +#: sssd-ipa.5.xml:856 msgid "ldap_group_name" msgstr "ldap_group_name" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:795 +#: sssd-ipa.5.xml:859 msgid "ldap_group_gid_number" msgstr "ldap_group_gid_number" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:800 +#: sssd-ipa.5.xml:864 msgid "Default: ipaGroupOverride" msgstr "Per defecte: ipaGroupOverride" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:684 +#: sssd-ipa.5.xml:748 msgid "" "SSSD can handle views and overrides which are offered by FreeIPA 4.1 and " "later version. Since all paths and objectclasses are fixed on the server " @@ -11196,19 +11296,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:812 +#: sssd-ipa.5.xml:876 msgid "SUBDOMAINS PROVIDER" msgstr "PROVEÏDOR DELS SUBDOMINIS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:814 +#: sssd-ipa.5.xml:878 msgid "" "The IPA subdomains provider behaves slightly differently if it is configured " "explicitly or implicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:818 +#: sssd-ipa.5.xml:882 msgid "" "If the option 'subdomains_provider = ipa' is found in the domain section of " "sssd.conf, the IPA subdomains provider is configured explicitly, and all " @@ -11216,7 +11316,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:824 +#: sssd-ipa.5.xml:888 msgid "" "If the option 'subdomains_provider' is not set in the domain section of sssd." "conf but there is the option 'id_provider = ipa', the IPA subdomains " @@ -11228,12 +11328,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:835 +#: sssd-ipa.5.xml:899 msgid "TRUSTED DOMAINS CONFIGURATION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:843 +#: sssd-ipa.5.xml:907 #, no-wrap msgid "" "[domain/ipa.domain.com/ad.domain.com]\n" @@ -11241,7 +11341,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:837 +#: sssd-ipa.5.xml:901 msgid "" "Some configuration options can also be set for a trusted domain. A trusted " "domain configuration can be set using the trusted domain subsection as shown " @@ -11251,80 +11351,80 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:848 +#: sssd-ipa.5.xml:912 msgid "" "For more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:855 +#: sssd-ipa.5.xml:919 msgid "" "Different configuration options are tunable for a trusted domain depending " "on whether you are configuring SSSD on an IPA server or an IPA client." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:860 +#: sssd-ipa.5.xml:924 msgid "OPTIONS TUNABLE ON IPA MASTERS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:862 +#: sssd-ipa.5.xml:926 msgid "" "The following options can be set in a subdomain section on an IPA master:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:866 sssd-ipa.5.xml:896 +#: sssd-ipa.5.xml:930 sssd-ipa.5.xml:960 msgid "ad_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:869 +#: sssd-ipa.5.xml:933 msgid "ad_backup_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:872 sssd-ipa.5.xml:899 +#: sssd-ipa.5.xml:936 sssd-ipa.5.xml:963 msgid "ad_site" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:875 +#: sssd-ipa.5.xml:939 msgid "ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:878 +#: sssd-ipa.5.xml:942 msgid "ldap_user_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:881 +#: sssd-ipa.5.xml:945 msgid "ldap_group_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:890 +#: sssd-ipa.5.xml:954 msgid "OPTIONS TUNABLE ON IPA CLIENTS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:892 +#: sssd-ipa.5.xml:956 msgid "" "The following options can be set in a subdomain section on an IPA client:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:904 +#: sssd-ipa.5.xml:968 msgid "" "Note that if both options are set, only <quote>ad_server</quote> is " "evaluated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:908 +#: sssd-ipa.5.xml:972 msgid "" "Since any request for a user or a group identity from a trusted domain " "triggered from an IPA client is resolved by the IPA server, the " @@ -11338,7 +11438,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:932 +#: sssd-ipa.5.xml:996 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -11350,7 +11450,7 @@ msgstr "" "específiques del proveïdor IPA." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:939 +#: sssd-ipa.5.xml:1003 #, no-wrap msgid "" "[domain/example.com]\n" @@ -12506,6 +12606,11 @@ msgstr "ldap_sudo_include_netgroups (booleà)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:1136 +msgid "This option is deprecated." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1139 msgid "" "If this option is set to <quote>true</quote> SSSD will not filter out Domain " "Local groups from remote domains in the AD forest. By default they are " @@ -12516,7 +12621,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1146 +#: sssd-ad.5.xml:1149 msgid "" "Please note that setting this option to <quote>true</quote> will be against " "the intention of Domain Local group in Active Directory and <emphasis>SHOULD " @@ -12531,7 +12636,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1162 +#: sssd-ad.5.xml:1165 msgid "" "Given the comments above, if this option is set to <quote>true</quote> the " "tokenGroups request must be disabled by setting <quote>ldap_use_tokengroups</" @@ -12543,7 +12648,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1185 +#: sssd-ad.5.xml:1188 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -12554,19 +12659,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1215 +#: sssd-ad.5.xml:1218 msgid "Default: 3600 (seconds)" msgstr "Per defecte: 3600 (segons)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1231 +#: sssd-ad.5.xml:1234 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1244 +#: sssd-ad.5.xml:1247 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -12576,7 +12681,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1394 +#: sssd-ad.5.xml:1461 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -12584,7 +12689,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1401 +#: sssd-ad.5.xml:1468 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -12608,7 +12713,7 @@ msgstr "" "ad_domain = exemple.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1421 +#: sssd-ad.5.xml:1488 #, no-wrap msgid "" "access_provider = ldap\n" @@ -12620,7 +12725,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1417 +#: sssd-ad.5.xml:1484 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -12628,7 +12733,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1427 +#: sssd-ad.5.xml:1494 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -12638,7 +12743,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1435 +#: sssd-ad.5.xml:1502 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -18545,7 +18650,7 @@ msgstr "" #: include/ldap_id_mapping.xml:67 msgid "" "The SSSD ID-mapping algorithm takes a range of available UIDs and divides it " -"into equally-sized component sections - called \"slices\"-. Each slice " +"into equally-sized component sections - called \"slices\". Each slice " "represents the space available to an Active Directory domain." msgstr "" @@ -18690,7 +18795,7 @@ msgid "" "For example, if your most recently-added Active Directory user has " "objectSid=S-1-5-21-2153326666-2176343378-3404031434-1107, " "<quote>ldap_idmap_range_size</quote> must be at least 1108 as range size is " -"equal to maximal SID minus minimal SID plus one (e.g. 1108 = 1107 - 0 + 1)." +"equal to maximal RID minus minimal RID plus one (e.g. 1108 = 1107 - 0 + 1)." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> diff --git a/src/man/po/cs.po b/src/man/po/cs.po index def0eb2577f..03a24e9c7ff 100644 --- a/src/man/po/cs.po +++ b/src/man/po/cs.po @@ -10,7 +10,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 2.3.0\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2024-10-15 11:44+0200\n" +"POT-Creation-Date: 2024-12-10 14:33+0100\n" "PO-Revision-Date: 2024-09-02 11:38+0000\n" "Last-Translator: Jan Kalabza <jan.kalabza@gmail.com>\n" "Language-Team: Czech <https://translate.fedoraproject.org/projects/sssd/sssd-" @@ -135,17 +135,17 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:60 msgid "" -"<filename>sssd.conf</filename> must be a regular file that is owned, " -"readable, and writeable by the same user as configured to run SSSD service." +"<filename>sssd.conf</filename> must be a regular file that is accessible " +"only by the user used to run SSSD service or root." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:67 +#: sssd.conf.5.xml:66 msgid "CONFIGURATION SNIPPETS FROM INCLUDE DIRECTORY" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:70 +#: sssd.conf.5.xml:69 msgid "" "The configuration file <filename>sssd.conf</filename> will include " "configuration snippets using the include directory <filename>conf.d</" @@ -153,7 +153,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:76 +#: sssd.conf.5.xml:75 msgid "" "Any file placed in <filename>conf.d</filename> that ends in " "<quote><filename>.conf</filename></quote> and does not begin with a dot " @@ -162,7 +162,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:84 +#: sssd.conf.5.xml:83 msgid "" "The configuration snippets from <filename>conf.d</filename> have higher " "priority than <filename>sssd.conf</filename> and will override " @@ -175,39 +175,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:98 +#: sssd.conf.5.xml:97 msgid "" "The snippet files require the same owner and permissions as <filename>sssd." "conf</filename>." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:104 +#: sssd.conf.5.xml:103 msgid "GENERAL OPTIONS" msgstr "OBECNÉ VOLBY" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:106 +#: sssd.conf.5.xml:105 msgid "Following options are usable in more than one configuration sections." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:110 +#: sssd.conf.5.xml:109 msgid "Options usable in all sections" msgstr "Volby použitelné ve všech sekcích" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:114 +#: sssd.conf.5.xml:113 msgid "debug_level (integer)" msgstr "debug_level (celé kladné číslo)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:118 +#: sssd.conf.5.xml:117 msgid "debug (integer)" msgstr "debug (celé kladné číslo)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:121 +#: sssd.conf.5.xml:120 msgid "" "SSSD 1.14 and later also includes the <replaceable>debug</replaceable> alias " "for <replaceable>debug_level</replaceable> as a convenience feature. If both " @@ -216,62 +216,62 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:131 +#: sssd.conf.5.xml:130 msgid "debug_timestamps (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:134 +#: sssd.conf.5.xml:133 msgid "" "Add a timestamp to the debug messages. If journald is enabled for SSSD " "debug logging this option is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 sssd.conf.5.xml:176 sssd.conf.5.xml:338 -#: sssd.conf.5.xml:698 sssd.conf.5.xml:713 sssd.conf.5.xml:923 -#: sssd.conf.5.xml:1041 sssd.conf.5.xml:2169 sssd-ldap.5.xml:920 -#: sssd-ldap.5.xml:1074 sssd-ldap.5.xml:1177 sssd-ldap.5.xml:1246 -#: sssd-ldap.5.xml:1654 sssd-ldap.5.xml:1788 sssd-ldap.5.xml:1853 -#: sssd-ipa.5.xml:347 sssd-ad.5.xml:252 sssd-ad.5.xml:367 sssd-ad.5.xml:1201 -#: sssd-ad.5.xml:1354 sssd-krb5.5.xml:358 +#: sssd.conf.5.xml:138 sssd.conf.5.xml:175 sssd.conf.5.xml:337 +#: sssd.conf.5.xml:701 sssd.conf.5.xml:716 sssd.conf.5.xml:926 +#: sssd.conf.5.xml:1044 sssd.conf.5.xml:2172 sssd-ldap.5.xml:931 +#: sssd-ldap.5.xml:1085 sssd-ldap.5.xml:1188 sssd-ldap.5.xml:1257 +#: sssd-ldap.5.xml:1665 sssd-ldap.5.xml:1799 sssd-ldap.5.xml:1864 +#: sssd-ipa.5.xml:361 sssd-ad.5.xml:252 sssd-ad.5.xml:367 sssd-ad.5.xml:1204 +#: sssd-ad.5.xml:1371 sssd-krb5.5.xml:358 msgid "Default: true" msgstr "Výchozí: true (pravda)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:144 +#: sssd.conf.5.xml:143 msgid "debug_microseconds (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:147 +#: sssd.conf.5.xml:146 msgid "" "Add microseconds to the timestamp in debug messages. If journald is enabled " "for SSSD debug logging this option is ignored." msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:152 sssd.conf.5.xml:636 sssd.conf.5.xml:920 -#: sssd.conf.5.xml:2072 sssd.conf.5.xml:2139 sssd.conf.5.xml:4231 -#: sssd-ldap.5.xml:313 sssd-ldap.5.xml:939 sssd-ldap.5.xml:1149 -#: sssd-ldap.5.xml:1603 sssd-ldap.5.xml:1877 sssd-ipa.5.xml:152 -#: sssd-ipa.5.xml:254 sssd-ipa.5.xml:662 sssd-ad.5.xml:1107 sssd-krb5.5.xml:268 +#: sssd.conf.5.xml:151 sssd.conf.5.xml:639 sssd.conf.5.xml:923 +#: sssd.conf.5.xml:2075 sssd.conf.5.xml:2142 sssd.conf.5.xml:4234 +#: sssd-ldap.5.xml:324 sssd-ldap.5.xml:950 sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1888 sssd-ipa.5.xml:152 +#: sssd-ipa.5.xml:254 sssd-ipa.5.xml:726 sssd-ad.5.xml:1107 sssd-krb5.5.xml:268 #: sssd-krb5.5.xml:330 sssd-krb5.5.xml:432 include/krb5_options.xml:163 msgid "Default: false" msgstr "Výchozí: false (nepravda)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:157 +#: sssd.conf.5.xml:156 msgid "debug_backtrace_enabled (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:160 +#: sssd.conf.5.xml:159 msgid "Enable debug backtrace." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:163 +#: sssd.conf.5.xml:162 msgid "" "In case SSSD is run with debug_level less than 9, everything is logged to a " "ring buffer in memory and flushed to a log file on any error up to and " @@ -281,15 +281,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:172 +#: sssd.conf.5.xml:171 msgid "" "Feature is only supported for `logger == files` (i.e. setting doesn't have " "effect for other logger types)." msgstr "" #. type: Content of: outside any tag (error?) -#: sssd.conf.5.xml:112 sssd.conf.5.xml:187 sssd-ldap.5.xml:1694 -#: sssd-ldap.5.xml:1900 sss-certmap.5.xml:645 sssd-systemtap.5.xml:82 +#: sssd.conf.5.xml:111 sssd.conf.5.xml:186 sssd-ldap.5.xml:1705 +#: sssd-ldap.5.xml:1911 sss-certmap.5.xml:645 sssd-systemtap.5.xml:82 #: sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 #: sssd-systemtap.5.xml:330 sssd-ldap-attributes.5.xml:40 #: sssd-ldap-attributes.5.xml:661 sssd-ldap-attributes.5.xml:803 @@ -301,17 +301,17 @@ msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:185 +#: sssd.conf.5.xml:184 msgid "Options usable in SERVICE and DOMAIN sections" msgstr "Volby použitelné v sekcích SERVICE a DOMAIN" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:189 +#: sssd.conf.5.xml:188 msgid "timeout (integer)" msgstr "timeout (celé kladné číslo)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:192 +#: sssd.conf.5.xml:191 msgid "" "Timeout in seconds between heartbeats for this service. This is used to " "ensure that the process is alive and capable of answering requests. Note " @@ -319,33 +319,33 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:199 sssd.conf.5.xml:1261 sssd.conf.5.xml:1738 -#: sssd.conf.5.xml:4247 sssd-ldap.5.xml:766 include/ldap_id_mapping.xml:270 +#: sssd.conf.5.xml:198 sssd.conf.5.xml:1264 sssd.conf.5.xml:1741 +#: sssd.conf.5.xml:4250 sssd-ldap.5.xml:777 include/ldap_id_mapping.xml:270 msgid "Default: 10" msgstr "Výchozí: 10" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:209 +#: sssd.conf.5.xml:208 msgid "SPECIAL SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:212 +#: sssd.conf.5.xml:211 msgid "The [sssd] section" msgstr "Sekce [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><title> -#: sssd.conf.5.xml:221 +#: sssd.conf.5.xml:220 msgid "Section parameters" msgstr "Parametry sekce" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:223 +#: sssd.conf.5.xml:222 msgid "services" msgstr "služby" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:226 +#: sssd.conf.5.xml:225 msgid "" "Comma separated list of services that are started when sssd itself starts. " "<phrase condition=\"have_systemd\"> The services' list is optional on " @@ -354,7 +354,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:235 +#: sssd.conf.5.xml:234 msgid "" "Supported services: nss, pam, ifp <phrase condition=\"with_sudo\">, sudo</" "phrase> <phrase condition=\"with_autofs\">, autofs</phrase> <phrase " @@ -363,7 +363,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:242 +#: sssd.conf.5.xml:241 msgid "" "<phrase condition=\"have_systemd\"> By default, all services are disabled " "and the administrator must enable the ones allowed to be used by executing: " @@ -371,12 +371,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:251 +#: sssd.conf.5.xml:250 msgid "domains" msgstr "domény" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:254 +#: sssd.conf.5.xml:253 msgid "" "A domain is a database containing user information. SSSD can use more " "domains at the same time, but at least one must be configured or SSSD won't " @@ -387,19 +387,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:267 sssd.conf.5.xml:3535 +#: sssd.conf.5.xml:266 sssd.conf.5.xml:3538 msgid "re_expression (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:270 +#: sssd.conf.5.xml:269 msgid "" "Default regular expression that describes how to parse the string containing " "user name and domain into these components." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:275 +#: sssd.conf.5.xml:274 msgid "" "Each domain can have an individual regular expression configured. For some " "ID providers there are also default regular expressions. See DOMAIN SECTIONS " @@ -407,12 +407,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:284 sssd.conf.5.xml:3592 +#: sssd.conf.5.xml:283 sssd.conf.5.xml:3595 msgid "full_name_format (string)" msgstr "full_name_format (řetězec)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:3595 +#: sssd.conf.5.xml:286 sssd.conf.5.xml:3598 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -420,58 +420,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:298 sssd.conf.5.xml:3606 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:3609 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 sssd.conf.5.xml:3607 +#: sssd.conf.5.xml:298 sssd.conf.5.xml:3610 msgid "user name" msgstr "uživatelské jméno" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:302 sssd.conf.5.xml:3610 +#: sssd.conf.5.xml:301 sssd.conf.5.xml:3613 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:305 sssd.conf.5.xml:3613 +#: sssd.conf.5.xml:304 sssd.conf.5.xml:3616 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:311 sssd.conf.5.xml:3619 +#: sssd.conf.5.xml:310 sssd.conf.5.xml:3622 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:314 sssd.conf.5.xml:3622 +#: sssd.conf.5.xml:313 sssd.conf.5.xml:3625 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:295 sssd.conf.5.xml:3603 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:3606 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:324 +#: sssd.conf.5.xml:323 msgid "" "Each domain can have an individual format string configured. See DOMAIN " "SECTIONS for more info on this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:330 +#: sssd.conf.5.xml:329 msgid "monitor_resolv_conf (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:333 +#: sssd.conf.5.xml:332 msgid "" "Controls if SSSD should monitor the state of resolv.conf to identify when it " "needs to update its internal DNS resolver." @@ -480,12 +480,12 @@ msgstr "" "zapotřebí aktualizovat svůj vestavěný překlad DNS názvů." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:343 +#: sssd.conf.5.xml:342 msgid "try_inotify (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:346 +#: sssd.conf.5.xml:345 msgid "" "By default, SSSD will attempt to use inotify to monitor configuration files " "changes and will fall back to polling every five seconds if inotify cannot " @@ -493,7 +493,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:352 +#: sssd.conf.5.xml:351 msgid "" "There are some limited situations where it is preferred that we should skip " "even trying to use inotify. In these rare cases, this option should be set " @@ -501,26 +501,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:358 +#: sssd.conf.5.xml:357 msgid "" "Default: true on platforms where inotify is supported. False on other " "platforms." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:362 +#: sssd.conf.5.xml:361 msgid "" "Note: this option will have no effect on platforms where inotify is " "unavailable. On these platforms, polling will always be used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 +#: sssd.conf.5.xml:368 msgid "krb5_rcache_dir (string)" msgstr "krb5_rcache_dir (řetězec)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 +#: sssd.conf.5.xml:371 msgid "" "Directory on the filesystem where SSSD should store Kerberos replay cache " "files." @@ -529,26 +529,26 @@ msgstr "" "replay." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:376 +#: sssd.conf.5.xml:375 msgid "" "This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " "SSSD to let libkrb5 decide the appropriate location for the replay cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:382 +#: sssd.conf.5.xml:381 msgid "" "Default: Distribution-specific and specified at build-time. " "(__LIBKRB5_DEFAULTS__ if not configured)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:389 +#: sssd.conf.5.xml:388 msgid "user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:392 +#: sssd.conf.5.xml:391 msgid "" "A legacy (deprecated) method to configure the user to drop the privileges to " "where appropriate to avoid running as the root user. The only supported " @@ -556,14 +556,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 +#: sssd.conf.5.xml:398 msgid "" "This option is ignored if main SSSD process is started under non-root user " "initially (preferred method)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:404 +#: sssd.conf.5.xml:403 msgid "" "This option doesn't apply to socket activated services, as in this case the " "user to run the processes is configured in systemd service files. Keep in " @@ -573,17 +573,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:415 +#: sssd.conf.5.xml:414 msgid "Default: not set, process will run as root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:420 +#: sssd.conf.5.xml:419 msgid "default_domain_suffix (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:423 +#: sssd.conf.5.xml:422 +msgid "" +"Please note that this option is deprecated and domain_resolution_order " +"should be used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:426 msgid "" "This string will be used as a default domain name for all names without a " "domain name component. The main use case is environments where the primary " @@ -593,7 +600,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 +#: sssd.conf.5.xml:436 msgid "" "Please note that if this option is set all users from the primary domain " "have to use their fully qualified name, e.g. user@domain.name, to log in. " @@ -606,8 +613,8 @@ msgid "" msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:450 sssd-ldap.5.xml:878 sssd-ldap.5.xml:890 -#: sssd-ldap.5.xml:983 sssd-ad.5.xml:921 sssd-ad.5.xml:996 sssd-krb5.5.xml:468 +#: sssd.conf.5.xml:453 sssd-ldap.5.xml:889 sssd-ldap.5.xml:901 +#: sssd-ldap.5.xml:994 sssd-ad.5.xml:921 sssd-ad.5.xml:996 sssd-krb5.5.xml:468 #: sssd-ldap-attributes.5.xml:470 sssd-ldap-attributes.5.xml:978 #: include/ldap_id_mapping.xml:211 include/ldap_id_mapping.xml:222 #: include/krb5_options.xml:148 @@ -615,12 +622,12 @@ msgid "Default: not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:455 +#: sssd.conf.5.xml:458 msgid "override_space (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:458 +#: sssd.conf.5.xml:461 msgid "" "This parameter will replace spaces (space bar) with the given character for " "user and group names. e.g. (_). User name "john doe" will be " @@ -630,7 +637,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:467 +#: sssd.conf.5.xml:470 msgid "" "Please note it is a configuration error to use a replacement character that " "might be used in user or group names. If a name contains the replacement " @@ -639,22 +646,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:475 +#: sssd.conf.5.xml:478 msgid "Default: not set (spaces will not be replaced)" msgstr "Výchozí: nenastaveno (mezery nebudou nahrazovány)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:480 +#: sssd.conf.5.xml:483 msgid "certificate_verification (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:488 +#: sssd.conf.5.xml:491 msgid "no_ocsp" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:490 +#: sssd.conf.5.xml:493 msgid "" "Disables Online Certificate Status Protocol (OCSP) checks. This might be " "needed if the OCSP servers defined in the certificate are not reachable from " @@ -662,12 +669,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:498 +#: sssd.conf.5.xml:501 msgid "soft_ocsp" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:500 +#: sssd.conf.5.xml:503 msgid "" "If a connection cannot be established to an OCSP responder the OCSP check is " "skipped. This option should be used to allow authentication when the system " @@ -675,61 +682,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:510 +#: sssd.conf.5.xml:513 msgid "ocsp_dgst" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:512 +#: sssd.conf.5.xml:515 msgid "" "Digest (hash) function used to create the certificate ID for the OCSP " "request. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:516 +#: sssd.conf.5.xml:519 msgid "sha1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:517 +#: sssd.conf.5.xml:520 msgid "sha256" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:518 +#: sssd.conf.5.xml:521 msgid "sha384" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:519 +#: sssd.conf.5.xml:522 msgid "sha512" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:522 +#: sssd.conf.5.xml:525 msgid "Default: sha1 (to allow compatibility with RFC5019-compliant responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:528 +#: sssd.conf.5.xml:531 msgid "no_verification" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:530 +#: sssd.conf.5.xml:533 msgid "" "Disables verification completely. This option should only be used for " "testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:536 +#: sssd.conf.5.xml:539 msgid "partial_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:538 +#: sssd.conf.5.xml:541 msgid "" "Allow verification to succeed even if a <replaceable>complete</replaceable> " "chain cannot be built to a self-signed trust-anchor, provided it is possible " @@ -737,12 +744,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:547 +#: sssd.conf.5.xml:550 msgid "ocsp_default_responder=URL" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:549 +#: sssd.conf.5.xml:552 msgid "" "Sets the OCSP default responder which should be used instead of the one " "mentioned in the certificate. URL must be replaced with the URL of the OCSP " @@ -750,24 +757,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:559 +#: sssd.conf.5.xml:562 msgid "ocsp_default_responder_signing_cert=NAME" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:561 +#: sssd.conf.5.xml:564 msgid "" "This option is currently ignored. All needed certificates must be available " "in the PEM file given by pam_cert_db_path." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:569 +#: sssd.conf.5.xml:572 msgid "crl_file=/PATH/TO/CRL/FILE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:571 +#: sssd.conf.5.xml:574 msgid "" "Use the Certificate Revocation List (CRL) from the given file during the " "verification of the certificate. The CRL must be given in PEM format, see " @@ -776,12 +783,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:584 +#: sssd.conf.5.xml:587 msgid "soft_crl" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:587 +#: sssd.conf.5.xml:590 msgid "" "If a Certificate Revocation List (CRL) is expired ignore the expiration " "time of the CRL and check the related certificates with the expired CRL. " @@ -790,7 +797,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:483 +#: sssd.conf.5.xml:486 msgid "" "With this parameter the certificate verification can be tuned with a comma " "separated list of options. Supported options are: <placeholder " @@ -798,58 +805,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 +#: sssd.conf.5.xml:603 msgid "Unknown options are reported but ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:603 +#: sssd.conf.5.xml:606 msgid "Default: not set, i.e. do not restrict certificate verification" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:609 +#: sssd.conf.5.xml:612 msgid "disable_netlink (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:612 +#: sssd.conf.5.xml:615 msgid "" "SSSD hooks into the netlink interface to monitor changes to routes, " "addresses, links and trigger certain actions." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 +#: sssd.conf.5.xml:620 msgid "" "The SSSD state changes caused by netlink events may be undesirable and can " "be disabled by setting this option to 'true'" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:622 +#: sssd.conf.5.xml:625 msgid "Default: false (netlink changes are detected)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:627 +#: sssd.conf.5.xml:630 msgid "enable_files_domain (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:630 +#: sssd.conf.5.xml:633 msgid "" "When this option is enabled, SSSD prepends an implicit domain with " "<quote>id_provider=files</quote> before any explicitly configured domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:641 +#: sssd.conf.5.xml:644 msgid "domain_resolution_order" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:644 +#: sssd.conf.5.xml:647 msgid "" "Comma separated list of domains and subdomains representing the lookup order " "that will be followed. The list doesn't have to include all possible " @@ -860,7 +867,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:656 +#: sssd.conf.5.xml:659 msgid "" "Please, note that when this option is set the output format of all commands " "is always fully-qualified even when using short names for input <phrase " @@ -878,18 +885,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:684 sssd.conf.5.xml:1762 sssd.conf.5.xml:4297 +#: sssd.conf.5.xml:687 sssd.conf.5.xml:1765 sssd.conf.5.xml:4300 #: sssd-ad.5.xml:187 sssd-ad.5.xml:328 sssd-ad.5.xml:342 msgid "Default: Not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:692 msgid "implicit_pac_responder (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 +#: sssd.conf.5.xml:695 msgid "" "The PAC responder is enabled automatically for the IPA and AD provider to " "evaluate and check the PAC. If it has to be disabled set this option to " @@ -897,12 +904,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:703 +#: sssd.conf.5.xml:706 msgid "core_dumpable (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:706 +#: sssd.conf.5.xml:709 msgid "" "This option can be used for general system hardening: setting it to 'false' " "forbids core dumps for all SSSD processes to avoid leaking plain text " @@ -910,24 +917,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:718 +#: sssd.conf.5.xml:721 msgid "passkey_verification (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:726 +#: sssd.conf.5.xml:729 msgid "user_verification (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 +#: sssd.conf.5.xml:731 msgid "" "Enable or disable the user verification (i.e. PIN, fingerprint) during " "authentication. If enabled, the PIN will always be requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 +#: sssd.conf.5.xml:737 msgid "" "The default is that the key settings decide what to do. In the IPA or " "kerberos pre-authentication case, this value will be overwritten by the " @@ -935,7 +942,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:721 +#: sssd.conf.5.xml:724 msgid "" "With this parameter the passkey verification can be tuned with a comma " "separated list of options. Supported options are: <placeholder " @@ -943,7 +950,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:214 +#: sssd.conf.5.xml:213 msgid "" "Individual pieces of SSSD functionality are provided by special SSSD " "services that are started and stopped together with SSSD. The services are " @@ -954,12 +961,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:753 +#: sssd.conf.5.xml:756 msgid "SERVICES SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:755 +#: sssd.conf.5.xml:758 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -968,22 +975,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:762 +#: sssd.conf.5.xml:765 msgid "General service configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:764 +#: sssd.conf.5.xml:767 msgid "These options can be used to configure any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:768 +#: sssd.conf.5.xml:771 msgid "fd_limit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:771 +#: sssd.conf.5.xml:774 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -993,17 +1000,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:780 +#: sssd.conf.5.xml:783 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:785 +#: sssd.conf.5.xml:788 msgid "client_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:788 +#: sssd.conf.5.xml:791 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " @@ -1013,19 +1020,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:797 +#: sssd.conf.5.xml:800 #, fuzzy #| msgid "Default: 200000" msgid "Default: 60, KCM: 300" msgstr "Výchozí: 200000" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 +#: sssd.conf.5.xml:805 msgid "offline_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 +#: sssd.conf.5.xml:808 msgid "" "When SSSD switches to offline mode the amount of time before it tries to go " "back online will increase based upon the time spent disconnected. By " @@ -1036,14 +1043,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:816 sssd.conf.5.xml:872 +#: sssd.conf.5.xml:819 sssd.conf.5.xml:875 msgid "" "new_delay = Minimum(old_delay * 2, offline_timeout_max) + random[0..." "offline_timeout_random_offset]" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:822 msgid "" "The offline_timeout default value is 60. The offline_timeout_max default " "value is 3600. The offline_timeout_random_offset default value is 30. The " @@ -1051,46 +1058,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:825 +#: sssd.conf.5.xml:828 msgid "" "Note that the maximum length of each interval is defined by " "offline_timeout_max (apart of random part)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:829 sssd.conf.5.xml:1172 sssd.conf.5.xml:1555 -#: sssd.conf.5.xml:1851 sssd-ldap.5.xml:495 +#: sssd.conf.5.xml:832 sssd.conf.5.xml:1175 sssd.conf.5.xml:1558 +#: sssd.conf.5.xml:1854 sssd-ldap.5.xml:506 msgid "Default: 60" msgstr "Výchozí: 60" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:834 +#: sssd.conf.5.xml:837 #, fuzzy #| msgid "ldap_idmap_range_max (integer)" msgid "offline_timeout_max (integer)" msgstr "ldap_idmap_range_max (celé číslo)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:837 +#: sssd.conf.5.xml:840 msgid "" "Controls by how much the time between attempts to go online can be " "incremented following unsuccessful attempts to go online." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:842 +#: sssd.conf.5.xml:845 msgid "A value of 0 disables the incrementing behaviour." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:845 +#: sssd.conf.5.xml:848 msgid "" "The value of this parameter should be set in correlation to offline_timeout " "parameter value." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:849 +#: sssd.conf.5.xml:852 msgid "" "With offline_timeout set to 60 (default value) there is no point in setting " "offlinet_timeout_max to less than 120 as it will saturate instantly. General " @@ -1099,62 +1106,62 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:858 msgid "" "Although a value between 0 and offline_timeout may be specified, it has the " "effect of overriding the offline_timeout value so is of little use." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:863 #, fuzzy #| msgid "Default: 200000" msgid "Default: 3600" msgstr "Výchozí: 200000" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:865 +#: sssd.conf.5.xml:868 #, fuzzy #| msgid "ldap_idmap_range_size (integer)" msgid "offline_timeout_random_offset (integer)" msgstr "ldap_idmap_range_size (celé číslo)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:868 +#: sssd.conf.5.xml:871 msgid "" "When SSSD is in offline mode it keeps probing backend servers in specified " "time intervals:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:875 +#: sssd.conf.5.xml:878 msgid "" "This parameter controls the value of the random offset used for the above " "equation. Final random_offset value will be random number in range:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:880 +#: sssd.conf.5.xml:883 msgid "[0 - offline_timeout_random_offset]" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:883 +#: sssd.conf.5.xml:886 msgid "A value of 0 disables the random offset addition." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:886 +#: sssd.conf.5.xml:889 msgid "Default: 30" msgstr "Výchozí: 30" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:894 msgid "responder_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:894 +#: sssd.conf.5.xml:897 msgid "" "This option specifies the number of seconds that an SSSD responder process " "can be up without being used. This value is limited in order to avoid " @@ -1166,58 +1173,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:908 sssd.conf.5.xml:1185 sssd.conf.5.xml:2304 -#: sssd-ldap.5.xml:332 +#: sssd.conf.5.xml:911 sssd.conf.5.xml:1188 sssd.conf.5.xml:2307 +#: sssd-ldap.5.xml:343 msgid "Default: 300" msgstr "Výchozí: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:913 +#: sssd.conf.5.xml:916 msgid "cache_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:916 +#: sssd.conf.5.xml:919 msgid "" "This option specifies whether the responder should query all caches before " "querying the Data Providers." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:934 msgid "NSS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:933 +#: sssd.conf.5.xml:936 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:938 +#: sssd.conf.5.xml:941 msgid "enum_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:941 +#: sssd.conf.5.xml:944 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:945 +#: sssd.conf.5.xml:948 msgid "Default: 120" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:950 +#: sssd.conf.5.xml:953 msgid "entry_cache_nowait_percentage (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:956 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -1228,7 +1235,7 @@ msgstr "" "doménu." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:959 +#: sssd.conf.5.xml:962 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -1238,7 +1245,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:969 +#: sssd.conf.5.xml:972 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -1247,17 +1254,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:977 sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:980 sssd.conf.5.xml:2096 msgid "Default: 50" msgstr "Výchozí: 50" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:985 msgid "entry_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:985 +#: sssd.conf.5.xml:988 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -1265,17 +1272,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:991 sssd.conf.5.xml:1750 sssd.conf.5.xml:2117 +#: sssd.conf.5.xml:994 sssd.conf.5.xml:1753 sssd.conf.5.xml:2120 msgid "Default: 15" msgstr "Výchozí: 15" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:996 +#: sssd.conf.5.xml:999 msgid "local_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:999 +#: sssd.conf.5.xml:1002 msgid "" "Specifies for how many seconds nss_sss should keep local users and groups in " "negative cache before trying to look it up in the back end again. Setting " @@ -1283,17 +1290,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1005 +#: sssd.conf.5.xml:1008 msgid "Default: 14400 (4 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1013 msgid "filter_users, filter_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1013 +#: sssd.conf.5.xml:1016 msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " @@ -1302,7 +1309,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1024 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1311,41 +1318,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1029 +#: sssd.conf.5.xml:1032 msgid "Default: root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1037 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1037 +#: sssd.conf.5.xml:1040 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1048 +#: sssd.conf.5.xml:1051 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 +#: sssd.conf.5.xml:1054 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1056 +#: sssd.conf.5.xml:1059 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1062 +#: sssd.conf.5.xml:1065 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1353,23 +1360,23 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 sssd.conf.5.xml:1622 sssd.conf.5.xml:1641 -#: sssd.conf.5.xml:1718 sssd-krb5.5.xml:451 include/override_homedir.xml:66 +#: sssd.conf.5.xml:1063 sssd.conf.5.xml:1625 sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1721 sssd-krb5.5.xml:451 include/override_homedir.xml:66 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "příklad: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1069 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1072 +#: sssd.conf.5.xml:1075 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 +#: sssd.conf.5.xml:1078 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1377,47 +1384,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1084 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1090 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1093 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:1096 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1097 +#: sssd.conf.5.xml:1100 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1105 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 +#: sssd.conf.5.xml:1110 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1110 +#: sssd.conf.5.xml:1113 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1425,74 +1432,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1117 +#: sssd.conf.5.xml:1120 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1123 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1127 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1132 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1132 +#: sssd.conf.5.xml:1135 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1140 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1143 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1147 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1152 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1155 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1161 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 sssd.conf.5.xml:1548 +#: sssd.conf.5.xml:1168 sssd.conf.5.xml:1551 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 sssd.conf.5.xml:1551 +#: sssd.conf.5.xml:1171 sssd.conf.5.xml:1554 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." @@ -1501,39 +1508,39 @@ msgstr "" "platný." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1180 msgid "memcache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1180 +#: sssd.conf.5.xml:1183 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1191 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 sssd.conf.5.xml:1219 sssd.conf.5.xml:1244 -#: sssd.conf.5.xml:1269 sssd.conf.5.xml:1296 +#: sssd.conf.5.xml:1197 sssd.conf.5.xml:1222 sssd.conf.5.xml:1247 +#: sssd.conf.5.xml:1272 sssd.conf.5.xml:1299 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1202 +#: sssd.conf.5.xml:1205 msgid "memcache_size_passwd (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1205 +#: sssd.conf.5.xml:1208 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for passwd requests. Setting the size to 0 will disable the passwd in-" @@ -1541,27 +1548,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:2963 sssd-ldap.5.xml:549 +#: sssd.conf.5.xml:1214 sssd.conf.5.xml:2966 sssd-ldap.5.xml:560 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1214 sssd.conf.5.xml:1239 sssd.conf.5.xml:1264 -#: sssd.conf.5.xml:1291 +#: sssd.conf.5.xml:1217 sssd.conf.5.xml:1242 sssd.conf.5.xml:1267 +#: sssd.conf.5.xml:1294 msgid "" "WARNING: Disabled or too small in-memory cache can have significant negative " "impact on SSSD's performance." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1230 #, fuzzy #| msgid "ldap_idmap_range_size (integer)" msgid "memcache_size_group (integer)" msgstr "ldap_idmap_range_size (celé číslo)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1233 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for group requests. Setting the size to 0 will disable the group in-memory " @@ -1569,19 +1576,19 @@ msgid "" msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1236 sssd.conf.5.xml:1288 sssd.conf.5.xml:3724 -#: sssd-ldap.5.xml:474 sssd-ldap.5.xml:526 include/failover.xml:116 +#: sssd.conf.5.xml:1239 sssd.conf.5.xml:1291 sssd.conf.5.xml:3727 +#: sssd-ldap.5.xml:485 sssd-ldap.5.xml:537 include/failover.xml:116 #: include/krb5_options.xml:11 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1252 +#: sssd.conf.5.xml:1255 msgid "memcache_size_initgroups (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1255 +#: sssd.conf.5.xml:1258 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for initgroups requests. Setting the size to 0 will disable the initgroups " @@ -1589,14 +1596,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 +#: sssd.conf.5.xml:1280 #, fuzzy #| msgid "ldap_idmap_range_size (integer)" msgid "memcache_size_sid (integer)" msgstr "ldap_idmap_range_size (celé číslo)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 +#: sssd.conf.5.xml:1283 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for SID related requests. Only SID-by-ID and ID-by-SID requests are " @@ -1605,12 +1612,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1304 sssd-ifp.5.xml:90 +#: sssd.conf.5.xml:1307 sssd-ifp.5.xml:90 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1307 +#: sssd.conf.5.xml:1310 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1621,43 +1628,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1320 +#: sssd.conf.5.xml:1323 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1325 +#: sssd.conf.5.xml:1328 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1330 +#: sssd.conf.5.xml:1333 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1336 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1341 msgid "Default: <quote>*</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1341 +#: sssd.conf.5.xml:1344 msgid "" "Note: This option can also be set per-domain which overwrites the value in " "[nss] section." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1348 msgid "" "Default: <quote>not set</quote> (remote domains), <phrase " "condition=\"with_files_provider\"> <quote>x</quote> (the files domain), </" @@ -1666,60 +1673,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1360 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1359 +#: sssd.conf.5.xml:1362 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1364 +#: sssd.conf.5.xml:1367 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1367 +#: sssd.conf.5.xml:1370 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1372 sssd.conf.5.xml:1385 +#: sssd.conf.5.xml:1375 sssd.conf.5.xml:1388 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1381 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1384 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1391 +#: sssd.conf.5.xml:1394 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1394 +#: sssd.conf.5.xml:1397 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1399 +#: sssd.conf.5.xml:1402 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1727,59 +1734,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1405 sssd.conf.5.xml:1515 +#: sssd.conf.5.xml:1408 sssd.conf.5.xml:1518 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1411 +#: sssd.conf.5.xml:1414 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1414 +#: sssd.conf.5.xml:1417 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1422 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1422 +#: sssd.conf.5.xml:1425 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1425 +#: sssd.conf.5.xml:1428 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1432 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1435 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1436 sssd.8.xml:63 +#: sssd.conf.5.xml:1439 sssd.8.xml:63 msgid "Default: 1" msgstr "Výchozí: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1442 +#: sssd.conf.5.xml:1445 msgid "pam_response_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:1448 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1788,51 +1795,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1453 +#: sssd.conf.5.xml:1456 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1463 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1461 +#: sssd.conf.5.xml:1464 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1464 +#: sssd.conf.5.xml:1467 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1465 +#: sssd.conf.5.xml:1468 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:1472 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1470 +#: sssd.conf.5.xml:1473 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1458 +#: sssd.conf.5.xml:1461 msgid "" "Currently the following filters are supported: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1477 +#: sssd.conf.5.xml:1480 msgid "" "The list of strings can either be the list of filters which would set this " "list of filters and overwrite the defaults. Or each element of the list can " @@ -1843,23 +1850,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1488 +#: sssd.conf.5.xml:1491 msgid "Default: ENV:KRB5CCNAME:sudo, ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1491 +#: sssd.conf.5.xml:1494 msgid "" "Example: -ENV:KRB5CCNAME:sudo-i will remove the filter from the default list" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1498 +#: sssd.conf.5.xml:1501 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1501 +#: sssd.conf.5.xml:1504 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1867,7 +1874,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1507 +#: sssd.conf.5.xml:1510 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1876,17 +1883,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1521 +#: sssd.conf.5.xml:1524 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1524 sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:1527 sssd.conf.5.xml:2990 msgid "Display a warning N days before the password expires." msgstr "Zobrazit varování N dnů před skončením platnosti hesla." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1527 +#: sssd.conf.5.xml:1530 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1894,32 +1901,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1533 sssd.conf.5.xml:2990 +#: sssd.conf.5.xml:1536 sssd.conf.5.xml:2993 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1541 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1543 sssd.conf.5.xml:3990 sssd-ldap.5.xml:607 -#: sssd-ldap.5.xml:1673 sssd.8.xml:79 +#: sssd.conf.5.xml:1546 sssd.conf.5.xml:3993 sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:1684 sssd.8.xml:79 msgid "Default: 0" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1560 +#: sssd.conf.5.xml:1563 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1563 +#: sssd.conf.5.xml:1566 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1929,75 +1936,75 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1573 +#: sssd.conf.5.xml:1576 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1577 +#: sssd.conf.5.xml:1580 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1584 +#: sssd.conf.5.xml:1587 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1587 +#: sssd.conf.5.xml:1590 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1591 +#: sssd.conf.5.xml:1594 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1595 +#: sssd.conf.5.xml:1598 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1602 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1603 sssd.conf.5.xml:1628 sssd.conf.5.xml:1647 -#: sssd.conf.5.xml:1884 sssd.conf.5.xml:2725 sssd.conf.5.xml:3919 -#: sssd-ldap.5.xml:1210 +#: sssd.conf.5.xml:1606 sssd.conf.5.xml:1631 sssd.conf.5.xml:1650 +#: sssd.conf.5.xml:1887 sssd.conf.5.xml:2728 sssd.conf.5.xml:3922 +#: sssd-ldap.5.xml:1221 msgid "Default: none" msgstr "Výchozí: nic" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1611 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1611 +#: sssd.conf.5.xml:1614 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1616 +#: sssd.conf.5.xml:1619 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1627 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -2005,19 +2012,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1633 +#: sssd.conf.5.xml:1636 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1639 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1643 +#: sssd.conf.5.xml:1646 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -2025,46 +2032,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1652 +#: sssd.conf.5.xml:1655 msgid "pam_passkey_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1655 +#: sssd.conf.5.xml:1658 msgid "Enable passkey device based authentication." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1658 sssd.conf.5.xml:1970 sssd-ad.5.xml:1272 +#: sssd.conf.5.xml:1661 sssd.conf.5.xml:1973 sssd-ad.5.xml:1275 #: sss_rpcidmapd.5.xml:76 sssd-files.5.xml:145 msgid "Default: True" msgstr "Výchozí: true (pravda)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1663 +#: sssd.conf.5.xml:1666 msgid "passkey_debug_libfido2 (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1666 +#: sssd.conf.5.xml:1669 msgid "Enable libfido2 library debug messages." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1669 sssd.conf.5.xml:1683 sssd-ldap.5.xml:672 -#: sssd-ldap.5.xml:693 sssd-ldap.5.xml:789 sssd-ldap.5.xml:1296 -#: sssd-ad.5.xml:506 sssd-ad.5.xml:582 sssd-ad.5.xml:1127 sssd-ad.5.xml:1176 +#: sssd.conf.5.xml:1672 sssd.conf.5.xml:1686 sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:704 sssd-ldap.5.xml:800 sssd-ldap.5.xml:1307 +#: sssd-ad.5.xml:506 sssd-ad.5.xml:582 sssd-ad.5.xml:1127 sssd-ad.5.xml:1179 #: include/ldap_id_mapping.xml:250 msgid "Default: False" msgstr "Výchozí: false (nepravda)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1674 +#: sssd.conf.5.xml:1677 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1677 +#: sssd.conf.5.xml:1680 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -2072,34 +2079,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1688 +#: sssd.conf.5.xml:1691 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1691 +#: sssd.conf.5.xml:1694 msgid "The path to the certificate database." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1694 sssd.conf.5.xml:2219 sssd.conf.5.xml:4411 +#: sssd.conf.5.xml:1697 sssd.conf.5.xml:2222 sssd.conf.5.xml:4414 msgid "Default:" msgstr "Výchozí:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1696 sssd.conf.5.xml:2221 +#: sssd.conf.5.xml:1699 sssd.conf.5.xml:2224 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (path to a file with trusted CA " "certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:1709 msgid "pam_cert_verification (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:1712 msgid "" "With this parameter the PAM certificate verification can be tuned with a " "comma separated list of options that override the " @@ -2109,7 +2116,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:1723 #, no-wrap msgid "" "pam_cert_verification = partial_chain\n" @@ -2117,63 +2124,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:1727 msgid "" "Default: not set, i.e. use default <quote>certificate_verification</quote> " "option defined in <quote>[sssd]</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1731 +#: sssd.conf.5.xml:1734 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1734 +#: sssd.conf.5.xml:1737 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "Kolik sekund bude pam_sss čekat na dokončení p11_child." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1743 +#: sssd.conf.5.xml:1746 #, fuzzy #| msgid "timeout (integer)" msgid "passkey_child_timeout (integer)" msgstr "timeout (celé kladné číslo)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 +#: sssd.conf.5.xml:1749 msgid "" "How many seconds will the PAM responder wait for passkey_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1758 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1761 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1767 +#: sssd.conf.5.xml:1770 #, fuzzy #| msgid "simple_allow_users (string)" msgid "pam_p11_allowed_services (string)" msgstr "simple_allow_users (řetězec)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1770 +#: sssd.conf.5.xml:1773 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1785 +#: sssd.conf.5.xml:1788 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -2181,7 +2188,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1774 +#: sssd.conf.5.xml:1777 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -2193,63 +2200,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1789 sssd-ad.5.xml:645 sssd-ad.5.xml:754 sssd-ad.5.xml:812 +#: sssd.conf.5.xml:1792 sssd-ad.5.xml:645 sssd-ad.5.xml:754 sssd-ad.5.xml:812 #: sssd-ad.5.xml:870 sssd-ad.5.xml:948 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1794 sssd-ad.5.xml:649 +#: sssd.conf.5.xml:1797 sssd-ad.5.xml:649 msgid "login" msgstr "přihlášení" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1799 sssd-ad.5.xml:654 +#: sssd.conf.5.xml:1802 sssd-ad.5.xml:654 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1804 sssd-ad.5.xml:659 +#: sssd.conf.5.xml:1807 sssd-ad.5.xml:659 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1809 sssd-ad.5.xml:674 +#: sssd.conf.5.xml:1812 sssd-ad.5.xml:674 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1814 sssd-ad.5.xml:669 +#: sssd.conf.5.xml:1817 sssd-ad.5.xml:669 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1819 sssd-ad.5.xml:679 +#: sssd.conf.5.xml:1822 sssd-ad.5.xml:679 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1824 sssd-ad.5.xml:957 +#: sssd.conf.5.xml:1827 sssd-ad.5.xml:957 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1829 sssd-ad.5.xml:962 +#: sssd.conf.5.xml:1832 sssd-ad.5.xml:962 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1837 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1845 msgid "p11_wait_for_card_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1845 +#: sssd.conf.5.xml:1848 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2257,12 +2264,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1856 +#: sssd.conf.5.xml:1859 msgid "p11_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1859 +#: sssd.conf.5.xml:1862 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " @@ -2273,7 +2280,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1872 +#: sssd.conf.5.xml:1875 #, no-wrap msgid "" "p11_uri = pkcs11:slot-description=My%20Smartcard%20Reader\n" @@ -2281,7 +2288,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1876 +#: sssd.conf.5.xml:1879 #, no-wrap msgid "" "p11_uri = pkcs11:library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2289,7 +2296,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1870 +#: sssd.conf.5.xml:1873 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2298,47 +2305,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1892 msgid "pam_initgroups_scheme" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1897 +#: sssd.conf.5.xml:1900 msgid "always" msgstr "vždy" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1898 +#: sssd.conf.5.xml:1901 msgid "" "Always do an online lookup, please note that pam_id_timeout still applies" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1902 +#: sssd.conf.5.xml:1905 msgid "no_session" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1903 +#: sssd.conf.5.xml:1906 msgid "" "Only do an online lookup if there is no active session of the user, i.e. if " "the user is currently not logged in" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1908 +#: sssd.conf.5.xml:1911 msgid "never" msgstr "nikdy" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1909 +#: sssd.conf.5.xml:1912 msgid "" "Never force an online lookup, use the data from the cache as long as they " "are not expired" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1892 +#: sssd.conf.5.xml:1895 msgid "" "The PAM responder can force an online lookup to get the current group " "memberships of the user trying to log in. This option controls when this " @@ -2347,30 +2354,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1916 +#: sssd.conf.5.xml:1919 msgid "Default: no_session" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1921 sssd.conf.5.xml:4350 +#: sssd.conf.5.xml:1924 sssd.conf.5.xml:4353 msgid "pam_gssapi_services" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1924 +#: sssd.conf.5.xml:1927 msgid "" "Comma separated list of PAM services that are allowed to try GSSAPI " "authentication using pam_sss_gss.so module." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:1932 msgid "" "To disable GSSAPI authentication, set this option to <quote>-</quote> (dash)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1933 sssd.conf.5.xml:1964 sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:1936 sssd.conf.5.xml:1967 sssd.conf.5.xml:2005 msgid "" "Note: This option can also be set per-domain which overwrites the value in " "[pam] section. It can also be set for trusted domain which overwrites the " @@ -2378,7 +2385,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1941 +#: sssd.conf.5.xml:1944 #, no-wrap msgid "" "pam_gssapi_services = sudo, sudo-i\n" @@ -2386,22 +2393,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1939 sssd.conf.5.xml:3913 +#: sssd.conf.5.xml:1942 sssd.conf.5.xml:3916 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "Příklad: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1945 +#: sssd.conf.5.xml:1948 msgid "Default: - (GSSAPI authentication is disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1950 sssd.conf.5.xml:4351 +#: sssd.conf.5.xml:1953 sssd.conf.5.xml:4354 msgid "pam_gssapi_check_upn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1953 +#: sssd.conf.5.xml:1956 msgid "" "If True, SSSD will require that the Kerberos user principal that " "successfully authenticated through GSSAPI can be associated with the user " @@ -2409,19 +2416,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1960 +#: sssd.conf.5.xml:1963 msgid "" "If False, every user that is able to obtained required service ticket will " "be authenticated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:1978 msgid "pam_gssapi_indicators_map" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1978 +#: sssd.conf.5.xml:1981 msgid "" "Comma separated list of authentication indicators required to be present in " "a Kerberos ticket to access a PAM service that is allowed to try GSSAPI " @@ -2429,7 +2436,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1984 +#: sssd.conf.5.xml:1987 msgid "" "Each element of the list can be either an authentication indicator name or a " "pair <quote>service:indicator</quote>. Indicators not prefixed with the PAM " @@ -2444,7 +2451,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1997 +#: sssd.conf.5.xml:2000 msgid "" "To disable GSSAPI authentication indicator check, set this option to <quote>-" "</quote> (dash). To disable the check for a specific PAM service, add " @@ -2452,45 +2459,45 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2008 +#: sssd.conf.5.xml:2011 msgid "" "Following authentication indicators are supported by IPA Kerberos " "deployments:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2011 +#: sssd.conf.5.xml:2014 msgid "" "pkinit -- pre-authentication using X.509 certificates -- whether stored in " "files or on smart cards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2014 +#: sssd.conf.5.xml:2017 msgid "" "hardened -- SPAKE pre-authentication or any pre-authentication wrapped in a " "FAST channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2017 +#: sssd.conf.5.xml:2020 msgid "radius -- pre-authentication with the help of a RADIUS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2020 +#: sssd.conf.5.xml:2023 msgid "" "otp -- pre-authentication using integrated two-factor authentication (2FA or " "one-time password, OTP) in IPA." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2023 +#: sssd.conf.5.xml:2026 msgid "idp -- pre-authentication using external identity provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2033 +#: sssd.conf.5.xml:2036 #, no-wrap msgid "" "pam_gssapi_indicators_map = sudo:pkinit, sudo-i:pkinit\n" @@ -2498,7 +2505,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2028 +#: sssd.conf.5.xml:2031 msgid "" "Example: to require access to SUDO services only for users which obtained " "their Kerberos tickets with a X.509 certificate pre-authentication (PKINIT), " @@ -2506,17 +2513,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2037 +#: sssd.conf.5.xml:2040 msgid "Default: not set (use of authentication indicators is not required)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2048 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2047 +#: sssd.conf.5.xml:2050 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2527,24 +2534,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2064 +#: sssd.conf.5.xml:2067 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2067 +#: sssd.conf.5.xml:2070 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2079 +#: sssd.conf.5.xml:2082 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2082 +#: sssd.conf.5.xml:2085 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2554,22 +2561,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2101 +#: sssd.conf.5.xml:2104 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2103 +#: sssd.conf.5.xml:2106 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2107 +#: sssd.conf.5.xml:2110 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2110 +#: sssd.conf.5.xml:2113 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2577,22 +2584,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2126 +#: sssd.conf.5.xml:2129 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2128 +#: sssd.conf.5.xml:2131 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:2135 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2135 +#: sssd.conf.5.xml:2138 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." @@ -2601,12 +2608,12 @@ msgstr "" "zaheslovat." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2144 +#: sssd.conf.5.xml:2147 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2147 +#: sssd.conf.5.xml:2150 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." @@ -2615,17 +2622,17 @@ msgstr "" "byly vyžádány klíče hostitele." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2154 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2156 +#: sssd.conf.5.xml:2159 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2159 +#: sssd.conf.5.xml:2162 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2634,12 +2641,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2174 +#: sssd.conf.5.xml:2177 msgid "ssh_use_certificate_matching_rules (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2177 +#: sssd.conf.5.xml:2180 msgid "" "By default the ssh responder will use all available certificate matching " "rules to filter the certificates so that ssh keys are only derived from the " @@ -2649,7 +2656,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2186 +#: sssd.conf.5.xml:2189 msgid "" "There are two special key words 'all_rules' and 'no_rules' which will enable " "all or no rules, respectively. The latter means that no certificates will be " @@ -2657,7 +2664,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2193 +#: sssd.conf.5.xml:2196 msgid "" "If no rules are configured using 'all_rules' will enable a default rule " "which enables all certificates suitable for client authentication. This is " @@ -2666,38 +2673,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2200 +#: sssd.conf.5.xml:2203 msgid "" "A non-existing rule name is considered an error. If as a result no rule is " "selected all certificates will be ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2205 +#: sssd.conf.5.xml:2208 msgid "" "Default: not set, equivalent to 'all_rules', all found rules or the default " "rule are used" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2211 +#: sssd.conf.5.xml:2214 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2214 +#: sssd.conf.5.xml:2217 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2234 +#: sssd.conf.5.xml:2237 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2239 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2708,7 +2715,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2245 +#: sssd.conf.5.xml:2248 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2719,24 +2726,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2253 +#: sssd.conf.5.xml:2256 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2259 +#: sssd.conf.5.xml:2262 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2263 sssd-ifp.5.xml:66 +#: sssd.conf.5.xml:2266 sssd-ifp.5.xml:66 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2266 +#: sssd.conf.5.xml:2269 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2744,19 +2751,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2272 +#: sssd.conf.5.xml:2275 msgid "" "Default: 0, &sssd_user_name; (only root and SSSD service users are allowed " "to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2279 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2280 +#: sssd.conf.5.xml:2283 msgid "" "Please note that defaults will be overwritten with this option. If you still " "want to allow the root and/or '&sssd_user_name;' user to access the PAC " @@ -2765,7 +2772,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2287 +#: sssd.conf.5.xml:2290 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2774,26 +2781,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2296 +#: sssd.conf.5.xml:2299 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2299 +#: sssd.conf.5.xml:2302 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2309 +#: sssd.conf.5.xml:2312 #, fuzzy #| msgid "krb5_rcache_dir (string)" msgid "pac_check (string)" msgstr "krb5_rcache_dir (řetězec)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2312 +#: sssd.conf.5.xml:2315 msgid "" "Apply additional checks on the PAC of the Kerberos ticket which is available " "in Active Directory and FreeIPA domains, if configured. Please note that " @@ -2804,24 +2811,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2326 +#: sssd.conf.5.xml:2329 msgid "no_check" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2328 +#: sssd.conf.5.xml:2331 msgid "" "The PAC must not be present and even if it is present no additional checks " "will be done." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2334 +#: sssd.conf.5.xml:2337 msgid "pac_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:2339 msgid "" "The PAC must be present in the service ticket which SSSD will request with " "the help of the user's TGT. If the PAC is not available the authentication " @@ -2829,24 +2836,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2344 +#: sssd.conf.5.xml:2347 msgid "check_upn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2346 +#: sssd.conf.5.xml:2349 msgid "" "If the PAC is present check if the user principal name (UPN) information is " "consistent." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2352 +#: sssd.conf.5.xml:2355 msgid "check_upn_allow_missing" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2357 msgid "" "This option should be used together with 'check_upn' and handles the case " "where a UPN is set on the server-side but is not read by SSSD. The typical " @@ -2858,7 +2865,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2366 +#: sssd.conf.5.xml:2369 msgid "" "Currently this option is set by default to avoid regressions in such " "environments. A log message will be added to the system log and SSSD's debug " @@ -2869,60 +2876,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2380 +#: sssd.conf.5.xml:2383 msgid "upn_dns_info_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2382 +#: sssd.conf.5.xml:2385 msgid "The PAC must contain the UPN-DNS-INFO buffer, implies 'check_upn'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2387 +#: sssd.conf.5.xml:2390 msgid "check_upn_dns_info_ex" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2389 +#: sssd.conf.5.xml:2392 msgid "" "If the PAC is present and the extension to the UPN-DNS-INFO buffer is " "available check if the information in the extension is consistent." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2396 +#: sssd.conf.5.xml:2399 msgid "upn_dns_info_ex_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2401 msgid "" "The PAC must contain the extension of the UPN-DNS-INFO buffer, implies " "'check_upn_dns_info_ex', 'upn_dns_info_present' and 'check_upn'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2325 msgid "" "The following options can be used alone or in a comma-separated list: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2408 +#: sssd.conf.5.xml:2411 msgid "" "Default: no_check (AD and IPA provider 'check_upn, check_upn_allow_missing, " "check_upn_dns_info_ex')" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2417 +#: sssd.conf.5.xml:2420 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2419 +#: sssd.conf.5.xml:2422 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2932,49 +2939,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2432 +#: sssd.conf.5.xml:2435 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2436 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:2439 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2443 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:2446 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2446 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:2449 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2451 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:2454 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2454 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:2457 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2463 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:2466 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "\"vše\"" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2466 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:2469 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "Všichni uživatelé jsou zaznamenáni." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2439 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:2442 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -2983,17 +2990,17 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:2476 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2478 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:2481 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2481 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:2484 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -3004,17 +3011,17 @@ msgstr "" "mezer, změně velikosti písmen, atd." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2487 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:2490 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2492 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:2495 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2495 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:2498 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -3025,7 +3032,7 @@ msgstr "" "nahrazení mezer, změn velikosti písmen, atd." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2501 sssd.conf.5.xml:2533 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:2504 sssd.conf.5.xml:2536 sssd-session-recording.5.xml:129 #: sssd-session-recording.5.xml:161 msgid "" "NOTE: using this option (having it set to anything) has a considerable " @@ -3034,61 +3041,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2508 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:2511 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2513 sssd-session-recording.5.xml:141 +#: sssd.conf.5.xml:2516 sssd-session-recording.5.xml:141 #, fuzzy #| msgid "simple_deny_users (string)" msgid "exclude_users (string)" msgstr "simple_deny_users (řetězec)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2516 sssd-session-recording.5.xml:144 +#: sssd.conf.5.xml:2519 sssd-session-recording.5.xml:144 msgid "" "A comma-separated list of users to be excluded from recording, only " "applicable with 'scope=all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2520 sssd-session-recording.5.xml:148 +#: sssd.conf.5.xml:2523 sssd-session-recording.5.xml:148 msgid "Default: Empty. No users excluded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2525 sssd-session-recording.5.xml:153 +#: sssd.conf.5.xml:2528 sssd-session-recording.5.xml:153 #, fuzzy #| msgid "simple_deny_groups (string)" msgid "exclude_groups (string)" msgstr "simple_deny_groups (řetězec)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2528 sssd-session-recording.5.xml:156 +#: sssd.conf.5.xml:2531 sssd-session-recording.5.xml:156 msgid "" "A comma-separated list of groups, members of which should be excluded from " "recording. Only applicable with 'scope=all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2540 sssd-session-recording.5.xml:168 +#: sssd.conf.5.xml:2543 sssd-session-recording.5.xml:168 msgid "Default: Empty. No groups excluded." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:2550 +#: sssd.conf.5.xml:2553 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para> -#: sssd.conf.5.xml:2557 sssd.conf.5.xml:4041 sssd.conf.5.xml:4042 -#: sssd.conf.5.xml:4045 +#: sssd.conf.5.xml:2560 sssd.conf.5.xml:4044 sssd.conf.5.xml:4045 +#: sssd.conf.5.xml:4048 msgid "enabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2560 +#: sssd.conf.5.xml:2563 msgid "" "Explicitly enable or disable the domain. If <quote>true</quote>, the domain " "is always <quote>enabled</quote>. If <quote>false</quote>, the domain is " @@ -3098,12 +3105,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2572 +#: sssd.conf.5.xml:2575 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2578 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -3112,14 +3119,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2583 +#: sssd.conf.5.xml:2586 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2587 +#: sssd.conf.5.xml:2590 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -3128,38 +3135,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2595 +#: sssd.conf.5.xml:2598 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2602 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2603 +#: sssd.conf.5.xml:2606 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2609 +#: sssd.conf.5.xml:2612 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2615 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2617 +#: sssd.conf.5.xml:2620 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -3168,24 +3175,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2627 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2631 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2637 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2637 +#: sssd.conf.5.xml:2640 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -3194,36 +3201,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:2648 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:2651 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2651 sssd.conf.5.xml:2942 sssd.conf.5.xml:3119 +#: sssd.conf.5.xml:2654 sssd.conf.5.xml:2945 sssd.conf.5.xml:3122 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2654 +#: sssd.conf.5.xml:2657 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2659 +#: sssd.conf.5.xml:2662 msgid "" "Feature is only supported for domains with id_provider = ldap or id_provider " "= proxy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2663 +#: sssd.conf.5.xml:2666 msgid "" "Note: Enabling enumeration has a severe performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -3237,14 +3244,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2678 +#: sssd.conf.5.xml:2681 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2683 +#: sssd.conf.5.xml:2686 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -3253,14 +3260,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2694 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2696 +#: sssd.conf.5.xml:2699 msgid "" "Note: the proxy provider is tested with open source modules like " "'libnss_files' and 'libnss_ldap'. 3rd party modules must follow the " @@ -3268,32 +3275,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2705 +#: sssd.conf.5.xml:2708 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2712 +#: sssd.conf.5.xml:2715 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2716 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2716 +#: sssd.conf.5.xml:2719 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2717 +#: sssd.conf.5.xml:2720 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2708 +#: sssd.conf.5.xml:2711 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -3302,19 +3309,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2731 +#: sssd.conf.5.xml:2734 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2734 +#: sssd.conf.5.xml:2737 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2738 +#: sssd.conf.5.xml:2741 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -3325,108 +3332,108 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2751 +#: sssd.conf.5.xml:2754 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2757 +#: sssd.conf.5.xml:2760 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2760 +#: sssd.conf.5.xml:2763 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2764 sssd.conf.5.xml:2777 sssd.conf.5.xml:2790 -#: sssd.conf.5.xml:2803 sssd.conf.5.xml:2817 sssd.conf.5.xml:2830 -#: sssd.conf.5.xml:2844 sssd.conf.5.xml:2858 sssd.conf.5.xml:2871 +#: sssd.conf.5.xml:2767 sssd.conf.5.xml:2780 sssd.conf.5.xml:2793 +#: sssd.conf.5.xml:2806 sssd.conf.5.xml:2820 sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2847 sssd.conf.5.xml:2861 sssd.conf.5.xml:2874 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2773 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2776 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2783 +#: sssd.conf.5.xml:2786 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2786 +#: sssd.conf.5.xml:2789 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2796 +#: sssd.conf.5.xml:2799 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2799 +#: sssd.conf.5.xml:2802 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2812 msgid "entry_cache_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2812 +#: sssd.conf.5.xml:2815 msgid "" "How many seconds should nss_sss consider hosts and networks entries valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:2826 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2826 +#: sssd.conf.5.xml:2829 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2836 +#: sssd.conf.5.xml:2839 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2839 +#: sssd.conf.5.xml:2842 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2850 +#: sssd.conf.5.xml:2853 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2853 +#: sssd.conf.5.xml:2856 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." @@ -3435,31 +3442,31 @@ msgstr "" "dlouhou dobu ponechávat klíč hostitel v mezipaměti." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2867 msgid "entry_cache_computer_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2867 +#: sssd.conf.5.xml:2870 msgid "" "How many seconds to keep the local computer entry before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2877 +#: sssd.conf.5.xml:2880 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2880 +#: sssd.conf.5.xml:2883 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2885 +#: sssd.conf.5.xml:2888 msgid "" "The background refresh will process users, groups and netgroups in the " "cache. For users who have performed the initgroups (get group membership for " @@ -3468,17 +3475,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2893 +#: sssd.conf.5.xml:2896 msgid "This option is automatically inherited for all trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2897 +#: sssd.conf.5.xml:2900 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2901 +#: sssd.conf.5.xml:2904 msgid "" "Cache entry will be refreshed by background task when 2/3 of cache timeout " "has already passed. If there are existing cached entries, the background " @@ -3490,18 +3497,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2914 sssd-ldap.5.xml:361 sssd-ldap.5.xml:1774 +#: sssd.conf.5.xml:2917 sssd-ldap.5.xml:372 sssd-ldap.5.xml:1785 #: sssd-ipa.5.xml:270 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2920 +#: sssd.conf.5.xml:2923 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:2926 msgid "" "Determines if user credentials are also cached in the local LDB cache. The " "cached credentials refer to passwords, which includes the first (long term) " @@ -3512,7 +3519,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2934 +#: sssd.conf.5.xml:2937 msgid "" "Take a note that while credentials are stored as a salted SHA512 hash, this " "still potentially poses some security risk in case an attacker manages to " @@ -3521,12 +3528,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:2951 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2951 +#: sssd.conf.5.xml:2954 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -3538,19 +3545,19 @@ msgstr "" "otisk do mezipaměti." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2958 +#: sssd.conf.5.xml:2961 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:2972 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:2975 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -3559,17 +3566,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2979 +#: sssd.conf.5.xml:2982 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:2987 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2995 +#: sssd.conf.5.xml:2998 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -3578,28 +3585,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3002 +#: sssd.conf.5.xml:3005 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3008 +#: sssd.conf.5.xml:3011 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3011 +#: sssd.conf.5.xml:3014 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3015 +#: sssd.conf.5.xml:3018 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3018 +#: sssd.conf.5.xml:3021 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3607,7 +3614,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3026 +#: sssd.conf.5.xml:3029 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3615,8 +3622,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3034 sssd.conf.5.xml:3145 sssd.conf.5.xml:3196 -#: sssd.conf.5.xml:3259 +#: sssd.conf.5.xml:3037 sssd.conf.5.xml:3148 sssd.conf.5.xml:3199 +#: sssd.conf.5.xml:3262 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Identity Management provider. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3624,8 +3631,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3043 sssd.conf.5.xml:3154 sssd.conf.5.xml:3205 -#: sssd.conf.5.xml:3268 +#: sssd.conf.5.xml:3046 sssd.conf.5.xml:3157 sssd.conf.5.xml:3208 +#: sssd.conf.5.xml:3271 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3633,19 +3640,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3054 +#: sssd.conf.5.xml:3057 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3057 +#: sssd.conf.5.xml:3060 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3062 +#: sssd.conf.5.xml:3065 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -3654,7 +3661,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3070 +#: sssd.conf.5.xml:3073 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -3662,24 +3669,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3077 +#: sssd.conf.5.xml:3080 msgid "" "Default: FALSE (TRUE for trusted domain/sub-domains or if " "default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3084 +#: sssd.conf.5.xml:3087 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3087 +#: sssd.conf.5.xml:3090 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3090 +#: sssd.conf.5.xml:3093 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -3691,7 +3698,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3111 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -3699,30 +3706,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3114 sssd.conf.5.xml:3835 sssd-ldap.5.xml:327 -#: sssd-ldap.5.xml:356 sssd-ldap.5.xml:409 sssd-ldap.5.xml:469 -#: sssd-ldap.5.xml:490 sssd-ldap.5.xml:521 sssd-ldap.5.xml:544 -#: sssd-ldap.5.xml:583 sssd-ldap.5.xml:602 sssd-ldap.5.xml:626 -#: sssd-ldap.5.xml:1054 sssd-ldap.5.xml:1087 +#: sssd.conf.5.xml:3117 sssd.conf.5.xml:3838 sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:367 sssd-ldap.5.xml:420 sssd-ldap.5.xml:480 +#: sssd-ldap.5.xml:501 sssd-ldap.5.xml:532 sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:594 sssd-ldap.5.xml:613 sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:1065 sssd-ldap.5.xml:1098 msgid "" "This option can be also set per subdomain or inherited via " "<emphasis>subdomain_inherit</emphasis>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3124 +#: sssd.conf.5.xml:3127 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3127 +#: sssd.conf.5.xml:3130 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3131 sssd.conf.5.xml:3189 +#: sssd.conf.5.xml:3134 sssd.conf.5.xml:3192 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3730,7 +3737,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3138 +#: sssd.conf.5.xml:3141 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3738,30 +3745,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3162 +#: sssd.conf.5.xml:3165 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3168 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3168 +#: sssd.conf.5.xml:3171 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3174 +#: sssd.conf.5.xml:3177 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3177 +#: sssd.conf.5.xml:3180 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3769,19 +3776,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3183 +#: sssd.conf.5.xml:3186 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3186 +#: sssd.conf.5.xml:3189 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3213 +#: sssd.conf.5.xml:3216 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3790,7 +3797,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3223 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3798,29 +3805,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3227 +#: sssd.conf.5.xml:3230 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3230 +#: sssd.conf.5.xml:3233 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3235 +#: sssd.conf.5.xml:3238 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3238 +#: sssd.conf.5.xml:3241 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3243 +#: sssd.conf.5.xml:3246 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3828,7 +3835,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3251 +#: sssd.conf.5.xml:3254 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3836,35 +3843,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3276 +#: sssd.conf.5.xml:3279 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3280 +#: sssd.conf.5.xml:3283 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3283 +#: sssd.conf.5.xml:3286 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3290 +#: sssd.conf.5.xml:3293 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3293 +#: sssd.conf.5.xml:3296 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3297 +#: sssd.conf.5.xml:3300 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3872,32 +3879,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3305 +#: sssd.conf.5.xml:3308 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3309 +#: sssd.conf.5.xml:3312 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3313 +#: sssd.conf.5.xml:3316 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3316 sssd.conf.5.xml:3402 sssd.conf.5.xml:3467 -#: sssd.conf.5.xml:3492 sssd.conf.5.xml:3528 +#: sssd.conf.5.xml:3319 sssd.conf.5.xml:3405 sssd.conf.5.xml:3470 +#: sssd.conf.5.xml:3495 sssd.conf.5.xml:3531 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3320 +#: sssd.conf.5.xml:3323 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3908,7 +3915,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3335 +#: sssd.conf.5.xml:3338 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3917,12 +3924,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3345 +#: sssd.conf.5.xml:3348 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3348 +#: sssd.conf.5.xml:3351 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3930,7 +3937,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3354 +#: sssd.conf.5.xml:3357 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3938,31 +3945,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3362 +#: sssd.conf.5.xml:3365 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3365 +#: sssd.conf.5.xml:3368 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3371 +#: sssd.conf.5.xml:3374 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3374 +#: sssd.conf.5.xml:3377 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3380 +#: sssd.conf.5.xml:3383 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3970,7 +3977,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3389 +#: sssd.conf.5.xml:3392 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3979,17 +3986,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3398 +#: sssd.conf.5.xml:3401 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3408 +#: sssd.conf.5.xml:3411 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3411 +#: sssd.conf.5.xml:3414 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3997,36 +4004,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3418 +#: sssd.conf.5.xml:3421 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3422 +#: sssd.conf.5.xml:3425 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3426 +#: sssd.conf.5.xml:3429 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3433 +#: sssd.conf.5.xml:3436 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3436 +#: sssd.conf.5.xml:3439 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3440 +#: sssd.conf.5.xml:3443 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4034,7 +4041,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3447 +#: sssd.conf.5.xml:3450 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4042,7 +4049,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3455 +#: sssd.conf.5.xml:3458 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4050,24 +4057,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3464 +#: sssd.conf.5.xml:3467 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3474 +#: sssd.conf.5.xml:3477 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3477 +#: sssd.conf.5.xml:3480 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3481 +#: sssd.conf.5.xml:3484 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -4075,31 +4082,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3492 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3499 +#: sssd.conf.5.xml:3502 msgid "resolver_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3502 +#: sssd.conf.5.xml:3505 msgid "" "The provider which should handle hosts and networks lookups. Supported " "resolver providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3506 +#: sssd.conf.5.xml:3509 msgid "" "<quote>proxy</quote> to forward lookups to another NSS library. See " "<quote>proxy_resolver_lib_name</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3510 +#: sssd.conf.5.xml:3513 msgid "" "<quote>ldap</quote> to fetch hosts and networks stored in LDAP. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -4107,7 +4114,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3517 +#: sssd.conf.5.xml:3520 msgid "" "<quote>ad</quote> to fetch hosts and networks stored in AD. See " "<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" @@ -4116,12 +4123,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3525 +#: sssd.conf.5.xml:3528 msgid "<quote>none</quote> disallows fetching hosts and networks explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3538 +#: sssd.conf.5.xml:3541 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -4131,7 +4138,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3547 +#: sssd.conf.5.xml:3550 msgid "" "Default: <quote>^((?P<name>.+)@(?P<domain>[^@]*)|(?P<name>" "[^@]+))$</quote> which allows two different styles for user names:" @@ -4140,17 +4147,17 @@ msgstr "" # auto translated by TM merge from project: Fedora Websites, version: # fedorahosted.org, DocId: po/fedorahosted #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3552 sssd.conf.5.xml:3566 +#: sssd.conf.5.xml:3555 sssd.conf.5.xml:3569 msgid "username" msgstr "username" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3555 sssd.conf.5.xml:3569 +#: sssd.conf.5.xml:3558 sssd.conf.5.xml:3572 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3560 +#: sssd.conf.5.xml:3563 msgid "" "Default for the AD and IPA provider: <quote>^(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+))|((?P<name>.+)@(?P<domain>[^@]+))|((?P<" @@ -4159,19 +4166,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3572 +#: sssd.conf.5.xml:3575 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3575 +#: sssd.conf.5.xml:3578 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3580 +#: sssd.conf.5.xml:3583 msgid "" "The default re_expression uses the <quote>@</quote> character as a separator " "between the name and the domain. As a result of this setting the default " @@ -4181,93 +4188,93 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3632 +#: sssd.conf.5.xml:3635 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3638 +#: sssd.conf.5.xml:3641 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3641 +#: sssd.conf.5.xml:3644 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3645 +#: sssd.conf.5.xml:3648 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3648 +#: sssd.conf.5.xml:3651 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3651 +#: sssd.conf.5.xml:3654 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3654 +#: sssd.conf.5.xml:3657 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3657 +#: sssd.conf.5.xml:3660 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3660 +#: sssd.conf.5.xml:3663 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3666 +#: sssd.conf.5.xml:3669 #, fuzzy #| msgid "dns_resolver_timeout" msgid "dns_resolver_server_timeout (integer)" msgstr "dns_resolver_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3669 +#: sssd.conf.5.xml:3672 msgid "" "Defines the amount of time (in milliseconds) SSSD would try to talk to DNS " "server before trying next DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3674 +#: sssd.conf.5.xml:3677 msgid "" "The AD provider will use this option for the CLDAP ping timeouts as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3678 sssd.conf.5.xml:3698 sssd.conf.5.xml:3719 +#: sssd.conf.5.xml:3681 sssd.conf.5.xml:3701 sssd.conf.5.xml:3722 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3683 sssd-ldap.5.xml:645 include/failover.xml:84 +#: sssd.conf.5.xml:3686 sssd-ldap.5.xml:656 include/failover.xml:84 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3689 +#: sssd.conf.5.xml:3692 #, fuzzy #| msgid "dns_resolver_op_timeout" msgid "dns_resolver_op_timeout (integer)" msgstr "dns_resolver_op_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3692 +#: sssd.conf.5.xml:3695 msgid "" "Defines the amount of time (in seconds) to wait to resolve single DNS query " "(e.g. resolution of a hostname or an SRV record) before trying the next " @@ -4275,17 +4282,17 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3703 include/failover.xml:100 +#: sssd.conf.5.xml:3706 include/failover.xml:100 msgid "Default: 3" msgstr "Výchozí: 3" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3709 +#: sssd.conf.5.xml:3712 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3712 +#: sssd.conf.5.xml:3715 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -4294,14 +4301,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3730 +#: sssd.conf.5.xml:3733 #, fuzzy #| msgid "dns_resolver_timeout" msgid "dns_resolver_use_search_list (bool)" msgstr "dns_resolver_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3733 +#: sssd.conf.5.xml:3736 msgid "" "Normally, the DNS resolver searches the domain list defined in the " "\"search\" directive from the resolv.conf file. This can lead to delays in " @@ -4309,7 +4316,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3739 +#: sssd.conf.5.xml:3742 msgid "" "If fully qualified domain names (or _srv_) are used in the SSSD " "configuration, setting this option to FALSE can prevent unnecessary DNS " @@ -4317,38 +4324,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3745 +#: sssd.conf.5.xml:3748 #, fuzzy #| msgid "Default: 3" msgid "Default: TRUE" msgstr "Výchozí: 3" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3751 +#: sssd.conf.5.xml:3754 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3754 +#: sssd.conf.5.xml:3757 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3758 +#: sssd.conf.5.xml:3761 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3764 +#: sssd.conf.5.xml:3767 #, fuzzy #| msgid "dns_resolver_op_timeout" msgid "failover_primary_timeout (integer)" msgstr "dns_resolver_op_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3767 +#: sssd.conf.5.xml:3770 msgid "" "When no primary server is available, SSSD fails over to a backup server. " "This option defines the number of seconds SSSD waits before attempting to " @@ -4356,59 +4363,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3774 +#: sssd.conf.5.xml:3777 msgid "Note: The minimum value is 31." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3777 +#: sssd.conf.5.xml:3780 #, fuzzy #| msgid "Default: 3" msgid "Default: 31" msgstr "Výchozí: 3" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3783 +#: sssd.conf.5.xml:3786 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3786 +#: sssd.conf.5.xml:3789 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3792 +#: sssd.conf.5.xml:3795 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3799 +#: sssd.conf.5.xml:3802 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3802 +#: sssd.conf.5.xml:3805 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3808 +#: sssd.conf.5.xml:3811 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3810 +#: sssd.conf.5.xml:3813 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3814 +#: sssd.conf.5.xml:3817 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3817 +#: sssd.conf.5.xml:3820 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -4416,31 +4423,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3825 +#: sssd.conf.5.xml:3828 msgid "" "If you want to set this value for trusted domain with IPA provider, you need " "to set it on both the client and SSSD on the server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3795 +#: sssd.conf.5.xml:3798 msgid "" "Treat user and group names as case sensitive. Possible option values are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3840 +#: sssd.conf.5.xml:3843 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3846 +#: sssd.conf.5.xml:3849 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3849 +#: sssd.conf.5.xml:3852 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -4448,120 +4455,120 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3855 +#: sssd.conf.5.xml:3858 #, fuzzy #| msgid "dns_resolver_timeout" msgid "ldap_search_timeout" msgstr "dns_resolver_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3858 +#: sssd.conf.5.xml:3861 #, fuzzy #| msgid "dns_resolver_timeout" msgid "ldap_network_timeout" msgstr "dns_resolver_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3861 +#: sssd.conf.5.xml:3864 #, fuzzy #| msgid "dns_resolver_op_timeout" msgid "ldap_opt_timeout" msgstr "dns_resolver_op_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3864 +#: sssd.conf.5.xml:3867 #, fuzzy #| msgid "dns_resolver_timeout" msgid "ldap_offline_timeout" msgstr "dns_resolver_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3867 +#: sssd.conf.5.xml:3870 #, fuzzy #| msgid "dns_resolver_op_timeout" msgid "ldap_enumeration_refresh_timeout" msgstr "dns_resolver_op_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3870 +#: sssd.conf.5.xml:3873 msgid "ldap_enumeration_refresh_offset" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3873 +#: sssd.conf.5.xml:3876 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3876 +#: sssd.conf.5.xml:3879 msgid "ldap_purge_cache_offset" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3879 +#: sssd.conf.5.xml:3882 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3883 +#: sssd.conf.5.xml:3886 msgid "ldap_krb5_ticket_lifetime" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3886 +#: sssd.conf.5.xml:3889 #, fuzzy #| msgid "dns_resolver_op_timeout" msgid "ldap_enumeration_search_timeout" msgstr "dns_resolver_op_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3889 +#: sssd.conf.5.xml:3892 #, fuzzy #| msgid "dns_resolver_op_timeout" msgid "ldap_connection_expire_timeout" msgstr "dns_resolver_op_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3892 +#: sssd.conf.5.xml:3895 #, fuzzy #| msgid "dns_resolver_op_timeout" msgid "ldap_connection_expire_offset" msgstr "dns_resolver_op_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3895 +#: sssd.conf.5.xml:3898 msgid "ldap_connection_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3898 sssd-ldap.5.xml:401 +#: sssd.conf.5.xml:3901 sssd-ldap.5.xml:412 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3901 +#: sssd.conf.5.xml:3904 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3904 +#: sssd.conf.5.xml:3907 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3907 +#: sssd.conf.5.xml:3910 msgid "auto_private_groups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3910 +#: sssd.conf.5.xml:3913 msgid "case_sensitive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3915 +#: sssd.conf.5.xml:3918 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -4569,27 +4576,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3922 +#: sssd.conf.5.xml:3925 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3929 +#: sssd.conf.5.xml:3932 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3940 +#: sssd.conf.5.xml:3943 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3941 +#: sssd.conf.5.xml:3944 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3932 +#: sssd.conf.5.xml:3935 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -4599,34 +4606,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3946 +#: sssd.conf.5.xml:3949 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3950 +#: sssd.conf.5.xml:3953 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3955 +#: sssd.conf.5.xml:3958 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3958 +#: sssd.conf.5.xml:3961 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "Různé štítky uložené službou nastavování realmd pro tuto doménu." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3964 +#: sssd.conf.5.xml:3967 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3967 +#: sssd.conf.5.xml:3970 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -4635,19 +4642,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3975 +#: sssd.conf.5.xml:3978 msgid "" "This option's value is inherited by all trusted domains. At the moment it is " "not possible to set a different value per trusted domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3980 +#: sssd.conf.5.xml:3983 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3984 +#: sssd.conf.5.xml:3987 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -4655,14 +4662,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3995 +#: sssd.conf.5.xml:3998 #, fuzzy #| msgid "simple_deny_users (string)" msgid "local_auth_policy (string)" msgstr "simple_deny_users (řetězec)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3998 +#: sssd.conf.5.xml:4001 msgid "" "Local authentication methods policy. Some backends (i.e. LDAP, proxy " "provider) only support a password based authentication, while others can " @@ -4674,7 +4681,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4010 +#: sssd.conf.5.xml:4013 msgid "" "There are three possible values for this option: match, only, enable. " "<quote>match</quote> is used to match offline and online states for Kerberos " @@ -4686,7 +4693,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4023 +#: sssd.conf.5.xml:4026 msgid "" "The following table shows which authentication methods, if configured " "properly, are currently enabled or disabled for each backend, with the " @@ -4694,44 +4701,44 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4036 +#: sssd.conf.5.xml:4039 #, fuzzy #| msgid "simple_deny_users (string)" msgid "local_auth_policy = match (default)" msgstr "simple_deny_users (řetězec)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4037 +#: sssd.conf.5.xml:4040 msgid "Passkey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4038 +#: sssd.conf.5.xml:4041 msgid "Smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4041 sssd-ldap.5.xml:189 +#: sssd.conf.5.xml:4044 sssd-ldap.5.xml:189 msgid "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4044 sssd-ldap.5.xml:194 +#: sssd.conf.5.xml:4047 sssd-ldap.5.xml:194 msgid "AD" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para> -#: sssd.conf.5.xml:4044 sssd.conf.5.xml:4047 sssd.conf.5.xml:4048 +#: sssd.conf.5.xml:4047 sssd.conf.5.xml:4050 sssd.conf.5.xml:4051 msgid "disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry> -#: sssd.conf.5.xml:4047 +#: sssd.conf.5.xml:4050 msgid "LDAP" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4052 +#: sssd.conf.5.xml:4055 msgid "" "Please note that if local Smartcard authentication is enabled and a " "Smartcard is present, Smartcard authentication will be preferred over the " @@ -4740,7 +4747,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4064 +#: sssd.conf.5.xml:4067 #, no-wrap msgid "" "[domain/shadowutils]\n" @@ -4751,7 +4758,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4060 +#: sssd.conf.5.xml:4063 msgid "" "The following configuration example allows local users to authenticate " "locally using any enabled method (i.e. smartcard, passkey). <placeholder " @@ -4759,38 +4766,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4072 +#: sssd.conf.5.xml:4075 msgid "" "It is expected that the <quote>files</quote> provider ignores the " "local_auth_policy option and supports Smartcard authentication by default." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4077 +#: sssd.conf.5.xml:4080 #, fuzzy #| msgid "Default: 3" msgid "Default: match" msgstr "Výchozí: 3" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4082 +#: sssd.conf.5.xml:4085 msgid "auto_private_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4088 +#: sssd.conf.5.xml:4091 msgid "true" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4091 +#: sssd.conf.5.xml:4094 msgid "" "Create user's private group unconditionally from user's UID number. The GID " "number is ignored in this case." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4095 +#: sssd.conf.5.xml:4098 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -4799,24 +4806,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4104 +#: sssd.conf.5.xml:4107 msgid "false" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4107 +#: sssd.conf.5.xml:4110 msgid "" "Always use the user's primary GID number. The GID number must refer to a " "group object in the LDAP database." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4113 +#: sssd.conf.5.xml:4116 msgid "hybrid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4116 +#: sssd.conf.5.xml:4119 msgid "" "A primary group is autogenerated for user entries whose UID and GID numbers " "have the same value and at the same time the GID number does not correspond " @@ -4826,14 +4833,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4129 +#: sssd.conf.5.xml:4132 msgid "" "If the UID and GID of a user are different, then the GID must correspond to " "a group entry, otherwise the GID is simply not resolvable." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4136 +#: sssd.conf.5.xml:4139 msgid "" "This feature is useful for environments that wish to stop maintaining a " "separate group objects for the user private groups, but also wish to retain " @@ -4841,21 +4848,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4085 +#: sssd.conf.5.xml:4088 msgid "" "This option takes any of three available values: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4148 +#: sssd.conf.5.xml:4151 msgid "" "For subdomains, the default value is False for subdomains that use assigned " "POSIX IDs and True for subdomains that use automatic ID-mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4156 +#: sssd.conf.5.xml:4159 #, no-wrap msgid "" "[domain/forest.domain/sub.domain]\n" @@ -4863,7 +4870,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4162 +#: sssd.conf.5.xml:4165 #, no-wrap msgid "" "[domain/forest.domain]\n" @@ -4872,7 +4879,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4153 +#: sssd.conf.5.xml:4156 msgid "" "The value of auto_private_groups can either be set per subdomains in a " "subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " @@ -4881,7 +4888,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2552 +#: sssd.conf.5.xml:2555 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -4889,17 +4896,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4177 +#: sssd.conf.5.xml:4180 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4180 +#: sssd.conf.5.xml:4183 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4183 +#: sssd.conf.5.xml:4186 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here. As an alternative you can " @@ -4907,12 +4914,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4193 +#: sssd.conf.5.xml:4196 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4196 +#: sssd.conf.5.xml:4199 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -4920,12 +4927,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4206 +#: sssd.conf.5.xml:4209 msgid "proxy_resolver_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4209 +#: sssd.conf.5.xml:4212 msgid "" "The name of the NSS library to use for hosts and networks lookups in proxy " "domains. The NSS functions searched for in the library are in the form of " @@ -4933,12 +4940,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4220 +#: sssd.conf.5.xml:4223 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4223 +#: sssd.conf.5.xml:4226 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -4947,12 +4954,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4237 +#: sssd.conf.5.xml:4240 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4240 +#: sssd.conf.5.xml:4243 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -4960,19 +4967,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4173 +#: sssd.conf.5.xml:4176 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" " "id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:4256 +#: sssd.conf.5.xml:4259 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4258 +#: sssd.conf.5.xml:4261 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -4989,7 +4996,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4278 +#: sssd.conf.5.xml:4281 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -4997,17 +5004,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:4284 +#: sssd.conf.5.xml:4287 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4286 +#: sssd.conf.5.xml:4289 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4289 +#: sssd.conf.5.xml:4292 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -5016,7 +5023,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4303 +#: sssd.conf.5.xml:4306 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -5026,7 +5033,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:4311 +#: sssd.conf.5.xml:4314 #, no-wrap msgid "" "[sssd]\n" @@ -5046,12 +5053,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4331 +#: sssd.conf.5.xml:4334 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4333 +#: sssd.conf.5.xml:4336 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -5062,69 +5069,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4340 +#: sssd.conf.5.xml:4343 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4341 +#: sssd.conf.5.xml:4344 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4342 +#: sssd.conf.5.xml:4345 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4343 +#: sssd.conf.5.xml:4346 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4344 +#: sssd.conf.5.xml:4347 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4345 +#: sssd.conf.5.xml:4348 msgid "ldap_sasl_mech," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4346 +#: sssd.conf.5.xml:4349 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4347 +#: sssd.conf.5.xml:4350 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4348 +#: sssd.conf.5.xml:4351 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4349 sssd-ipa.5.xml:884 +#: sssd.conf.5.xml:4352 sssd-ipa.5.xml:948 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4353 +#: sssd.conf.5.xml:4356 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4359 +#: sssd.conf.5.xml:4362 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4361 +#: sssd.conf.5.xml:4364 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -5137,7 +5144,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4375 +#: sssd.conf.5.xml:4378 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -5145,7 +5152,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4384 +#: sssd.conf.5.xml:4387 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -5154,55 +5161,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4391 +#: sssd.conf.5.xml:4394 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4394 +#: sssd.conf.5.xml:4397 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4398 +#: sssd.conf.5.xml:4401 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4405 +#: sssd.conf.5.xml:4408 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4408 +#: sssd.conf.5.xml:4411 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4414 +#: sssd.conf.5.xml:4417 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4420 +#: sssd.conf.5.xml:4423 msgid "" -"The RULE_NAME for the <quote>files</quote> provider which tries to find a " -"user with the same name." +"If maprule is not set and provider is <quote>proxy</quote><phrase " +"condition=\"with_files_provider\">  or <quote>files</quote></phrase>, " +"the RULE_NAME name is assumed to be the name of the matching user." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4429 +#: sssd.conf.5.xml:4434 msgid "domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4432 +#: sssd.conf.5.xml:4437 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -5211,17 +5219,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4439 +#: sssd.conf.5.xml:4444 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4444 +#: sssd.conf.5.xml:4449 msgid "priority (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4447 +#: sssd.conf.5.xml:4452 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -5229,26 +5237,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4453 +#: sssd.conf.5.xml:4458 msgid "Default: the lowest priority" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4459 +#: sssd.conf.5.xml:4464 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4465 +#: sssd.conf.5.xml:4470 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4471 +#: sssd.conf.5.xml:4476 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -5257,17 +5265,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4480 +#: sssd.conf.5.xml:4485 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4488 +#: sssd.conf.5.xml:4493 msgid "PROMPTING CONFIGURATION SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4490 +#: sssd.conf.5.xml:4495 msgid "" "If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" "filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " @@ -5277,7 +5285,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4498 +#: sssd.conf.5.xml:4503 msgid "" "With the growing number of authentication methods and the possibility that " "there are multiple ones for a single user the heuristic used by pam_sss to " @@ -5286,59 +5294,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4510 +#: sssd.conf.5.xml:4515 msgid "[prompting/password]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4513 +#: sssd.conf.5.xml:4518 msgid "password_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4514 +#: sssd.conf.5.xml:4519 msgid "to change the string of the password prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4512 +#: sssd.conf.5.xml:4517 msgid "" "to configure password prompting, allowed options are: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4522 +#: sssd.conf.5.xml:4527 msgid "[prompting/2fa]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4526 +#: sssd.conf.5.xml:4531 msgid "first_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4527 +#: sssd.conf.5.xml:4532 msgid "to change the string of the prompt for the first factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4530 +#: sssd.conf.5.xml:4535 msgid "second_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4531 +#: sssd.conf.5.xml:4536 msgid "to change the string of the prompt for the second factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4534 +#: sssd.conf.5.xml:4539 msgid "single_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4535 +#: sssd.conf.5.xml:4540 msgid "" "boolean value, if True there will be only a single prompt using the value of " "first_prompt where it is expected that both factors are entered as a single " @@ -5347,7 +5355,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4524 +#: sssd.conf.5.xml:4529 msgid "" "to configure two-factor authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/> If the second factor is " @@ -5356,7 +5364,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4548 +#: sssd.conf.5.xml:4553 msgid "" "Some clients, such as SSH with 'PasswordAuthentication yes', generate their " "own prompts and do not use prompts provided by SSSD or other PAM modules. " @@ -5367,17 +5375,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4563 +#: sssd.conf.5.xml:4568 msgid "[prompting/passkey]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4569 sssd-ad.5.xml:1022 +#: sssd.conf.5.xml:4574 sssd-ad.5.xml:1022 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4571 +#: sssd.conf.5.xml:4576 msgid "" "boolean value, if True prompt a message and wait before testing the presence " "of a passkey device. Recommended if your device doesn’t have a tactile " @@ -5385,46 +5393,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4579 +#: sssd.conf.5.xml:4584 msgid "interactive_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4581 +#: sssd.conf.5.xml:4586 msgid "to change the message of the interactive prompt." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4586 +#: sssd.conf.5.xml:4591 msgid "touch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4588 +#: sssd.conf.5.xml:4593 msgid "" "boolean value, if True prompt a message to remind the user to touch the " "device." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4594 +#: sssd.conf.5.xml:4599 msgid "touch_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4596 +#: sssd.conf.5.xml:4601 msgid "to change the message of the touch prompt." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4565 +#: sssd.conf.5.xml:4570 msgid "" "to configure passkey authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4505 +#: sssd.conf.5.xml:4510 msgid "" "Each supported authentication method has its own configuration subsection " "under <quote>[prompting/...]</quote>. Currently there are: <placeholder " @@ -5433,7 +5441,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4607 +#: sssd.conf.5.xml:4612 msgid "" "It is possible to add a subsection for specific PAM services, e.g. " "<quote>[prompting/password/sshd]</quote> to individual change the prompting " @@ -5441,12 +5449,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4614 pam_sss_gss.8.xml:157 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:4619 pam_sss_gss.8.xml:157 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4620 +#: sssd.conf.5.xml:4625 #, no-wrap msgid "" "[sssd]\n" @@ -5475,7 +5483,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4616 +#: sssd.conf.5.xml:4621 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -5484,7 +5492,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4652 +#: sssd.conf.5.xml:4657 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -5492,7 +5500,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4646 +#: sssd.conf.5.xml:4651 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -5503,7 +5511,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4663 +#: sssd.conf.5.xml:4668 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -5514,7 +5522,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4657 +#: sssd.conf.5.xml:4662 msgid "" "3. The following example shows the configuration of a certificate mapping " "rule. It is valid for the configured domain <quote>my.domain</quote> and " @@ -5784,8 +5792,17 @@ msgstr "" msgid "ldap_modify - Direct modification of userPassword (not recommended)." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:239 +msgid "" +"exop_force - Try Password Modify Extended Operation (RFC 3062) even if there " +"are no grace logins left. Depending on the type and configuration of the " +"LDAP server the password change might fail because an authenticated bind is " +"not possible." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:240 +#: sssd-ldap.5.xml:251 msgid "" "Note: First, a new connection is established to verify current password by " "binding as the user that requested password change. If successful, this " @@ -5794,76 +5811,76 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:248 +#: sssd-ldap.5.xml:259 msgid "Default: exop" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:265 msgid "ldap_default_bind_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:268 msgid "The default bind DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:264 +#: sssd-ldap.5.xml:275 msgid "ldap_default_authtok_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:267 +#: sssd-ldap.5.xml:278 msgid "The type of the authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:271 +#: sssd-ldap.5.xml:282 msgid "The two mechanisms currently supported are:" msgstr "" # auto translated by TM merge from project: FreeIPA, version: ipa-4-5, DocId: # po/ipa #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:274 +#: sssd-ldap.5.xml:285 msgid "password" msgstr "heslo" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:288 msgid "obfuscated_password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:291 msgid "Default: password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:283 +#: sssd-ldap.5.xml:294 msgid "" "See the <citerefentry> <refentrytitle>sss_obfuscate</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> manual page for more information." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:294 +#: sssd-ldap.5.xml:305 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 +#: sssd-ldap.5.xml:308 msgid "The authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:314 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:317 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -5872,24 +5889,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:319 +#: sssd-ldap.5.xml:330 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:322 +#: sssd-ldap.5.xml:333 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:349 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:341 +#: sssd-ldap.5.xml:352 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -5897,7 +5914,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:358 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -5906,12 +5923,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:367 +#: sssd-ldap.5.xml:378 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:370 +#: sssd-ldap.5.xml:381 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5919,7 +5936,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:377 +#: sssd-ldap.5.xml:388 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5929,7 +5946,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:397 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5939,67 +5956,67 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:395 +#: sssd-ldap.5.xml:406 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 +#: sssd-ldap.5.xml:415 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:414 +#: sssd-ldap.5.xml:425 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:420 +#: sssd-ldap.5.xml:431 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:423 +#: sssd-ldap.5.xml:434 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:427 sssd-ipa.5.xml:462 sssd-ipa.5.xml:481 sssd-ipa.5.xml:500 -#: sssd-ipa.5.xml:519 +#: sssd-ldap.5.xml:438 sssd-ipa.5.xml:526 sssd-ipa.5.xml:545 sssd-ipa.5.xml:564 +#: sssd-ipa.5.xml:583 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " "multiple search bases." msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:432 sssd-ipa.5.xml:467 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:443 sssd-ipa.5.xml:531 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:450 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:444 +#: sssd-ldap.5.xml:455 msgid "ldap_iphost_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:449 +#: sssd-ldap.5.xml:460 msgid "ldap_ipnetwork_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:465 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:468 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -6007,7 +6024,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:463 +#: sssd-ldap.5.xml:474 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -6015,12 +6032,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:480 +#: sssd-ldap.5.xml:491 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:483 +#: sssd-ldap.5.xml:494 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -6028,12 +6045,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:501 +#: sssd-ldap.5.xml:512 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:504 +#: sssd-ldap.5.xml:515 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -6044,12 +6061,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:532 +#: sssd-ldap.5.xml:543 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:546 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -6058,12 +6075,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:566 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:569 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -6072,7 +6089,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:577 msgid "" "If the connection is idle (not actively running an operation) within " "<emphasis>ldap_opt_timeout</emphasis> seconds of expiration, then it will be " @@ -6083,38 +6100,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:578 +#: sssd-ldap.5.xml:589 msgid "" "This timeout can be extended of a random value specified by " "<emphasis>ldap_connection_expire_offset</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:588 sssd-ldap.5.xml:631 sssd-ldap.5.xml:1749 +#: sssd-ldap.5.xml:599 sssd-ldap.5.xml:642 sssd-ldap.5.xml:1760 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:594 +#: sssd-ldap.5.xml:605 msgid "ldap_connection_expire_offset (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:597 +#: sssd-ldap.5.xml:608 msgid "" "Random offset between 0 and configured value is added to " "<emphasis>ldap_connection_expire_timeout</emphasis>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:624 #, fuzzy #| msgid "dns_resolver_op_timeout" msgid "ldap_connection_idle_timeout (integer)" msgstr "dns_resolver_op_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 +#: sssd-ldap.5.xml:627 msgid "" "Specifies a timeout (in seconds) that an idle connection to an LDAP server " "will be maintained. If the connection is idle for more than this time then " @@ -6122,29 +6139,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:622 +#: sssd-ldap.5.xml:633 msgid "You can disable this timeout by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:648 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:651 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:662 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:654 +#: sssd-ldap.5.xml:665 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -6152,14 +6169,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:660 +#: sssd-ldap.5.xml:671 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:666 +#: sssd-ldap.5.xml:677 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -6167,17 +6184,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:678 +#: sssd-ldap.5.xml:689 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:681 +#: sssd-ldap.5.xml:692 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:684 +#: sssd-ldap.5.xml:695 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -6187,12 +6204,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:699 +#: sssd-ldap.5.xml:710 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 +#: sssd-ldap.5.xml:713 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -6200,17 +6217,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:708 sssd-ldap.5.xml:724 +#: sssd-ldap.5.xml:719 sssd-ldap.5.xml:735 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:715 +#: sssd-ldap.5.xml:726 msgid "ldap_sasl_maxssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:718 +#: sssd-ldap.5.xml:729 msgid "" "When communicating with an LDAP server using SASL, specify the maximal " "security level necessary to establish the connection. The values of this " @@ -6218,12 +6235,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:742 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:734 +#: sssd-ldap.5.xml:745 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -6231,7 +6248,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:740 +#: sssd-ldap.5.xml:751 msgid "" "You can turn off dereference lookups completely by setting the value to 0. " "Please note that there are some codepaths in SSSD, like the IPA HBAC " @@ -6242,7 +6259,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:751 +#: sssd-ldap.5.xml:762 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -6251,7 +6268,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 +#: sssd-ldap.5.xml:770 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -6259,12 +6276,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:783 msgid "ldap_ignore_unreadable_references (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 +#: sssd-ldap.5.xml:786 msgid "" "Ignore unreadable LDAP entries referenced in group's member attribute. If " "this parameter is set to false an error will be returned and the operation " @@ -6272,7 +6289,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:782 +#: sssd-ldap.5.xml:793 msgid "" "This parameter may be useful when using the AD provider and the computer " "account that sssd uses to connect to AD does not have access to a particular " @@ -6280,26 +6297,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:795 +#: sssd-ldap.5.xml:806 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:798 +#: sssd-ldap.5.xml:809 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 +#: sssd-ldap.5.xml:815 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:808 +#: sssd-ldap.5.xml:819 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6307,7 +6324,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:826 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6315,7 +6332,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:821 +#: sssd-ldap.5.xml:832 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -6323,41 +6340,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:838 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:831 +#: sssd-ldap.5.xml:842 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:837 +#: sssd-ldap.5.xml:848 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:840 +#: sssd-ldap.5.xml:851 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 sssd-ldap.5.xml:864 sssd-ldap.5.xml:905 +#: sssd-ldap.5.xml:856 sssd-ldap.5.xml:875 sssd-ldap.5.xml:916 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:852 +#: sssd-ldap.5.xml:863 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:866 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -6367,32 +6384,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:871 +#: sssd-ldap.5.xml:882 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:885 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 +#: sssd-ldap.5.xml:895 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:898 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:907 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:910 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -6400,12 +6417,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 +#: sssd-ldap.5.xml:923 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:926 msgid "" "Specifies that the id_provider connection must also use <systemitem " "class=\"protocol\">tls</systemitem> to protect the channel. <emphasis>true</" @@ -6413,12 +6430,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:937 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:940 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -6426,17 +6443,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:946 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:945 +#: sssd-ldap.5.xml:956 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:959 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -6447,24 +6464,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:960 +#: sssd-ldap.5.xml:971 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:966 +#: sssd-ldap.5.xml:977 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:969 +#: sssd-ldap.5.xml:980 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " "tested and supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 +#: sssd-ldap.5.xml:984 msgid "" "If the backend supports sub-domains the value of ldap_sasl_mech is " "automatically inherited to the sub-domains. If a different value is needed " @@ -6475,12 +6492,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:989 +#: sssd-ldap.5.xml:1000 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1001 +#: sssd-ldap.5.xml:1012 #, no-wrap msgid "" "hostname@REALM\n" @@ -6493,7 +6510,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:992 +#: sssd-ldap.5.xml:1003 msgid "" "Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " "this represents the Kerberos principal used for authentication to the " @@ -6505,17 +6522,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1012 +#: sssd-ldap.5.xml:1023 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1018 +#: sssd-ldap.5.xml:1029 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1032 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6523,49 +6540,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1038 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 +#: sssd-ldap.5.xml:1044 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 +#: sssd-ldap.5.xml:1047 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1041 +#: sssd-ldap.5.xml:1052 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1047 +#: sssd-ldap.5.xml:1058 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1050 +#: sssd-ldap.5.xml:1061 msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 sssd-krb5.5.xml:247 +#: sssd-ldap.5.xml:1070 sssd-krb5.5.xml:247 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 +#: sssd-ldap.5.xml:1076 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 +#: sssd-ldap.5.xml:1079 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -6573,28 +6590,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1080 +#: sssd-ldap.5.xml:1091 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1094 msgid "" "Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1092 sssd-ad.5.xml:1253 +#: sssd-ldap.5.xml:1103 sssd-ad.5.xml:1256 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1098 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1109 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1101 +#: sssd-ldap.5.xml:1112 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6606,7 +6623,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1113 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1124 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6614,7 +6631,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1118 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1129 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -6622,39 +6639,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1127 sssd-ipa.5.xml:531 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1138 sssd-ipa.5.xml:595 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1130 +#: sssd-ldap.5.xml:1141 msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1134 +#: sssd-ldap.5.xml:1145 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1140 include/krb5_options.xml:154 +#: sssd-ldap.5.xml:1151 include/krb5_options.xml:154 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1143 +#: sssd-ldap.5.xml:1154 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1155 sssd-krb5.5.xml:336 +#: sssd-ldap.5.xml:1166 sssd-krb5.5.xml:336 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1158 sssd-krb5.5.xml:339 +#: sssd-ldap.5.xml:1169 sssd-krb5.5.xml:339 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -6664,7 +6681,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 sssd-krb5.5.xml:350 +#: sssd-ldap.5.xml:1180 sssd-krb5.5.xml:350 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -6672,26 +6689,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1183 +#: sssd-ldap.5.xml:1194 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1186 +#: sssd-ldap.5.xml:1197 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1202 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1196 +#: sssd-ldap.5.xml:1207 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -6700,7 +6717,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1204 +#: sssd-ldap.5.xml:1215 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -6708,31 +6725,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1213 +#: sssd-ldap.5.xml:1224 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1232 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1235 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 +#: sssd-ldap.5.xml:1239 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1233 +#: sssd-ldap.5.xml:1244 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6745,51 +6762,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1263 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1255 +#: sssd-ldap.5.xml:1266 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1259 +#: sssd-ldap.5.xml:1270 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1265 +#: sssd-ldap.5.xml:1276 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1279 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 +#: sssd-ldap.5.xml:1284 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1290 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 +#: sssd-ldap.5.xml:1293 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1288 +#: sssd-ldap.5.xml:1299 msgid "" "It is recommend to set this option explicitly if \"ldap_pwd_policy = " "shadow\" is used to let SSSD know if the LDAP server will update " @@ -6798,12 +6815,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1313 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1305 +#: sssd-ldap.5.xml:1316 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6819,12 +6836,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1336 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1328 +#: sssd-ldap.5.xml:1339 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6833,14 +6850,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1332 +#: sssd-ldap.5.xml:1343 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 +#: sssd-ldap.5.xml:1348 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6849,24 +6866,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1345 sssd-ldap.5.xml:1401 +#: sssd-ldap.5.xml:1356 sssd-ldap.5.xml:1412 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1351 +#: sssd-ldap.5.xml:1362 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1354 +#: sssd-ldap.5.xml:1365 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1358 +#: sssd-ldap.5.xml:1369 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6874,19 +6891,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1365 +#: sssd-ldap.5.xml:1376 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1368 +#: sssd-ldap.5.xml:1379 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1373 +#: sssd-ldap.5.xml:1384 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6895,7 +6912,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1380 +#: sssd-ldap.5.xml:1391 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6903,7 +6920,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1386 +#: sssd-ldap.5.xml:1397 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6912,7 +6929,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1394 +#: sssd-ldap.5.xml:1405 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6920,22 +6937,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1407 +#: sssd-ldap.5.xml:1418 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1410 sssd-ipa.5.xml:356 +#: sssd-ldap.5.xml:1421 sssd-ipa.5.xml:420 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 +#: sssd-ldap.5.xml:1425 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1417 +#: sssd-ldap.5.xml:1428 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6945,14 +6962,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1427 +#: sssd-ldap.5.xml:1438 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1434 +#: sssd-ldap.5.xml:1445 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6965,12 +6982,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1451 +#: sssd-ldap.5.xml:1462 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 sssd-ipa.5.xml:364 +#: sssd-ldap.5.xml:1466 sssd-ipa.5.xml:428 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6980,31 +6997,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1465 sssd-ipa.5.xml:374 +#: sssd-ldap.5.xml:1476 sssd-ipa.5.xml:438 msgid "" "The difference between these options is the action taken if user password is " "expired:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1470 sssd-ipa.5.xml:379 +#: sssd-ldap.5.xml:1481 sssd-ipa.5.xml:443 msgid "pwd_expire_policy_reject - user is denied to log in," msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1476 sssd-ipa.5.xml:385 +#: sssd-ldap.5.xml:1487 sssd-ipa.5.xml:449 msgid "pwd_expire_policy_warn - user is still able to log in," msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1482 sssd-ipa.5.xml:391 +#: sssd-ldap.5.xml:1493 sssd-ipa.5.xml:455 msgid "" "pwd_expire_policy_renew - user is prompted to change their password " "immediately." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1490 +#: sssd-ldap.5.xml:1501 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to shadow or mit_kerberos, these " @@ -7012,50 +7029,50 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1507 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1501 +#: sssd-ldap.5.xml:1512 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1505 +#: sssd-ldap.5.xml:1516 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1520 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1514 +#: sssd-ldap.5.xml:1525 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1528 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1524 +#: sssd-ldap.5.xml:1535 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 +#: sssd-ldap.5.xml:1538 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -7064,67 +7081,67 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:1546 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1538 +#: sssd-ldap.5.xml:1549 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1555 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1558 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1563 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1556 +#: sssd-ldap.5.xml:1567 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1561 +#: sssd-ldap.5.xml:1572 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1566 +#: sssd-ldap.5.xml:1577 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 +#: sssd-ldap.5.xml:1582 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1579 +#: sssd-ldap.5.xml:1590 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1593 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." @@ -7133,7 +7150,7 @@ msgstr "" "používají schéma dle normy RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1586 +#: sssd-ldap.5.xml:1597 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -7144,7 +7161,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1597 +#: sssd-ldap.5.xml:1608 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -7152,60 +7169,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1609 sssd-ifp.5.xml:152 +#: sssd-ldap.5.xml:1620 sssd-ifp.5.xml:152 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1612 +#: sssd-ldap.5.xml:1623 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1616 +#: sssd-ldap.5.xml:1627 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1631 msgid "Default: 1000 (often the size of one page)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1626 +#: sssd-ldap.5.xml:1637 #, fuzzy #| msgid "ldap_idmap_range_size (integer)" msgid "ldap_library_debug_level (integer)" msgstr "ldap_idmap_range_size (celé číslo)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1629 +#: sssd-ldap.5.xml:1640 msgid "" "Switches on libldap debugging with the given level. The libldap debug " "messages will be written independent of the general debug_level." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1634 +#: sssd-ldap.5.xml:1645 msgid "" "OpenLDAP uses a bitmap to enable debugging for specific components, -1 will " "enable full debug output." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1639 +#: sssd-ldap.5.xml:1650 msgid "Default: 0 (libldap debugging disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1645 +#: sssd-ldap.5.xml:1656 msgid "ldap_use_ppolicy (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1659 msgid "" "Turns on requesting and relying on the server-side password policy controls. " "Disabling this allows interacting with services which send back invalid " @@ -7213,14 +7230,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1671 #, fuzzy #| msgid "ldap_idmap_range_size (integer)" msgid "ldap_ppolicy_pwd_change_threshold (integer)" msgstr "ldap_idmap_range_size (celé číslo)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1663 +#: sssd-ldap.5.xml:1674 msgid "" "Forces a password change when server side password policy controls are " "enabled and remaining grace logins returned by the server after the " @@ -7243,12 +7260,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1683 +#: sssd-ldap.5.xml:1694 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1685 +#: sssd-ldap.5.xml:1696 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -7256,43 +7273,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 +#: sssd-ldap.5.xml:1707 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 +#: sssd-ldap.5.xml:1710 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1715 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1709 +#: sssd-ldap.5.xml:1720 msgid "" "You can disable full refresh by setting this option to 0. However, either " "smart or full refresh must be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1725 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1720 +#: sssd-ldap.5.xml:1731 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1734 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest " @@ -7300,14 +7317,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1740 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1733 +#: sssd-ldap.5.xml:1744 msgid "" "<emphasis>Note:</emphasis> the highest USN value can be updated by three " "tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " @@ -7317,21 +7334,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1744 +#: sssd-ldap.5.xml:1755 msgid "" "You can disable smart refresh by setting this option to 0. However, either " "smart or full refresh must be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1755 +#: sssd-ldap.5.xml:1766 #, fuzzy #| msgid "ldap_idmap_range_size (integer)" msgid "ldap_sudo_random_offset (integer)" msgstr "ldap_idmap_range_size (celé číslo)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1758 +#: sssd-ldap.5.xml:1769 msgid "" "Random offset between 0 and configured value is added to smart and full " "refresh periods each time the periodic task is scheduled. The value is in " @@ -7339,7 +7356,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 +#: sssd-ldap.5.xml:1775 msgid "" "Note that this random offset is also applied on the first SSSD start which " "delays the first sudo rules refresh. This prolongs the time when the sudo " @@ -7347,106 +7364,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1770 +#: sssd-ldap.5.xml:1781 msgid "You can disable this offset by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1780 +#: sssd-ldap.5.xml:1791 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1794 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1794 +#: sssd-ldap.5.xml:1805 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1797 +#: sssd-ldap.5.xml:1808 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1813 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1807 sssd-ldap.5.xml:1830 sssd-ldap.5.xml:1848 -#: sssd-ldap.5.xml:1866 +#: sssd-ldap.5.xml:1818 sssd-ldap.5.xml:1841 sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1877 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1812 sssd-ldap.5.xml:1835 +#: sssd-ldap.5.xml:1823 sssd-ldap.5.xml:1846 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1818 +#: sssd-ldap.5.xml:1829 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1821 +#: sssd-ldap.5.xml:1832 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1826 +#: sssd-ldap.5.xml:1837 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1841 +#: sssd-ldap.5.xml:1852 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1855 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1870 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1862 +#: sssd-ldap.5.xml:1873 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:1872 +#: sssd-ldap.5.xml:1883 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1884 +#: sssd-ldap.5.xml:1895 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7455,59 +7472,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1894 +#: sssd-ldap.5.xml:1905 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1896 +#: sssd-ldap.5.xml:1907 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1913 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1905 +#: sssd-ldap.5.xml:1916 msgid "The name of the automount master map in LDAP." msgstr "Název v LDAP hlavní mapy pro automatické připojování." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1919 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1919 +#: sssd-ldap.5.xml:1930 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1926 +#: sssd-ldap.5.xml:1937 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1931 +#: sssd-ldap.5.xml:1942 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1936 +#: sssd-ldap.5.xml:1947 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:1941 +#: sssd-ldap.5.xml:1952 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:1943 +#: sssd-ldap.5.xml:1954 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -7516,22 +7533,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:1950 +#: sssd-ldap.5.xml:1961 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:1963 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1968 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1921 +#: sssd-ldap.5.xml:1932 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -7540,14 +7557,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1972 sssd-simple.5.xml:131 sssd-ipa.5.xml:930 -#: sssd-ad.5.xml:1392 sssd-krb5.5.xml:483 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:1983 sssd-simple.5.xml:131 sssd-ipa.5.xml:994 +#: sssd-ad.5.xml:1459 sssd-krb5.5.xml:483 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:155 sssd-session-recording.5.xml:176 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1974 +#: sssd-ldap.5.xml:1985 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -7555,7 +7572,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1980 +#: sssd-ldap.5.xml:1991 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7568,27 +7585,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:1979 sssd-ldap.5.xml:1997 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:938 sssd-ad.5.xml:1400 sssd-sudo.5.xml:56 sssd-krb5.5.xml:492 -#: sssd-files.5.xml:162 sssd-files.5.xml:173 sssd-session-recording.5.xml:182 -#: include/ldap_id_mapping.xml:105 +#: sssd-ldap.5.xml:1990 sssd-ldap.5.xml:2008 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:1002 sssd-ad.5.xml:1467 sssd-sudo.5.xml:56 +#: sssd-krb5.5.xml:492 sssd-files.5.xml:162 sssd-files.5.xml:173 +#: sssd-session-recording.5.xml:182 include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1991 +#: sssd-ldap.5.xml:2002 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1993 +#: sssd-ldap.5.xml:2004 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1998 +#: sssd-ldap.5.xml:2009 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7604,13 +7621,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2013 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1415 sssd.8.xml:270 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2024 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1482 sssd.8.xml:270 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2015 +#: sssd-ldap.5.xml:2026 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -9882,7 +9899,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 sssd-ad.5.xml:1182 +#: sssd-ipa.5.xml:129 sssd-ad.5.xml:1185 msgid "dyndns_update (boolean)" msgstr "" @@ -9897,7 +9914,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:141 sssd-ad.5.xml:1196 +#: sssd-ipa.5.xml:141 sssd-ad.5.xml:1199 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -9912,12 +9929,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:158 sssd-ad.5.xml:1207 +#: sssd-ipa.5.xml:158 sssd-ad.5.xml:1210 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:161 sssd-ad.5.xml:1210 +#: sssd-ipa.5.xml:161 sssd-ad.5.xml:1213 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -9938,12 +9955,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:178 sssd-ad.5.xml:1221 +#: sssd-ipa.5.xml:178 sssd-ad.5.xml:1224 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:181 sssd-ad.5.xml:1224 +#: sssd-ipa.5.xml:181 sssd-ad.5.xml:1227 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -9967,17 +9984,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:198 sssd-ad.5.xml:1235 +#: sssd-ipa.5.xml:198 sssd-ad.5.xml:1238 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:204 sssd-ad.5.xml:1291 +#: sssd-ipa.5.xml:204 sssd-ad.5.xml:1294 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:207 sssd-ad.5.xml:1294 +#: sssd-ipa.5.xml:207 sssd-ad.5.xml:1297 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -9985,17 +10002,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:213 sssd-ad.5.xml:1300 +#: sssd-ipa.5.xml:213 sssd-ad.5.xml:1303 msgid "Default: GSS-TSIG" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:219 sssd-ad.5.xml:1306 +#: sssd-ipa.5.xml:219 sssd-ad.5.xml:1309 msgid "dyndns_auth_ptr (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:222 sssd-ad.5.xml:1309 +#: sssd-ipa.5.xml:222 sssd-ad.5.xml:1312 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "PTR updates with the DNS server, insecure updates can be sent by setting " @@ -10003,7 +10020,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:228 sssd-ad.5.xml:1315 +#: sssd-ipa.5.xml:228 sssd-ad.5.xml:1318 msgid "Default: Same as dyndns_auth" msgstr "" @@ -10030,7 +10047,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1241 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1244 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -10043,12 +10060,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:276 sssd-ad.5.xml:1259 +#: sssd-ipa.5.xml:276 sssd-ad.5.xml:1262 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 sssd-ad.5.xml:1262 +#: sssd-ipa.5.xml:279 sssd-ad.5.xml:1265 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -10062,7 +10079,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:290 sssd-ad.5.xml:1267 +#: sssd-ipa.5.xml:290 sssd-ad.5.xml:1270 msgid "" "Note that <emphasis>dyndns_update_per_family</emphasis> parameter does not " "apply for PTR record updates. Those updates are always sent separately." @@ -10074,60 +10091,77 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1278 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1281 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:304 sssd-ad.5.xml:1281 +#: sssd-ipa.5.xml:304 sssd-ad.5.xml:1284 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:308 sssd-ad.5.xml:1285 +#: sssd-ipa.5.xml:308 sssd-ad.5.xml:1288 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:314 sssd-ad.5.xml:1321 +#: sssd-ipa.5.xml:314 sssd-ad.5.xml:1324 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1324 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1327 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 sssd-ad.5.xml:1329 +#: sssd-ipa.5.xml:322 sssd-ad.5.xml:1332 msgid "" "Setting this option makes sense for environments where the DNS server is " -"different from the identity server." +"different from the identity server or when we use encrypted DNS." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:327 sssd-ad.5.xml:1337 +msgid "" +"The parameter can be a simple string containing DNS name or IP address. It " +"can also be an URI. The URI can look like <emphasis>dns://servername/</" +"emphasis> or <emphasis>dns+tls://1.2.3.4:853#servername/</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:334 sssd-ad.5.xml:1344 +msgid "" +"The second example enables DNS-over-TLS protocol for DNS updates. The " +"nsupdate utility must support DoT - check the <emphasis>man nsupdate</" +"emphasis> before enabling it in SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:327 sssd-ad.5.xml:1334 +#: sssd-ipa.5.xml:340 sssd-ad.5.xml:1350 msgid "" "Please note that this option will be only used in fallback attempt when " -"previous attempt using autodetected settings failed." +"previous attempt using autodetected settings failed or when DNS-over-TLS is " +"enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:332 sssd-ad.5.xml:1339 +#: sssd-ipa.5.xml:346 sssd-ad.5.xml:1356 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:338 sssd-ad.5.xml:1345 +#: sssd-ipa.5.xml:352 sssd-ad.5.xml:1362 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:341 sssd-ad.5.xml:1348 +#: sssd-ipa.5.xml:355 sssd-ad.5.xml:1365 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -10135,181 +10169,243 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:353 +#: sssd-ipa.5.xml:367 sssd-ad.5.xml:1377 +#, fuzzy +#| msgid "krb5_rcache_dir (string)" +msgid "dyndns_dot_cacert (string)" +msgstr "krb5_rcache_dir (řetězec)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:370 sssd-ad.5.xml:1380 +msgid "" +"This option specifies the file of the certificate authorities certificates " +"(in PEM format) in order to verify the remote server TLS certificate when " +"using DoT." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:376 sssd-ad.5.xml:1386 +msgid "Default: None (use global certificate store)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:382 sssd-ad.5.xml:1392 +#, fuzzy +#| msgid "simple_deny_users (string)" +msgid "dyndns_dot_cert (string)" +msgstr "simple_deny_users (řetězec)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:385 sssd-ad.5.xml:1395 +msgid "" +"This option sets the certificate(s) file for authentication for the DoT " +"transport to the remote server. The certificate chain file is expected to be " +"in PEM format." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:391 sssd-ad.5.xml:1401 +msgid "" +"The <emphasis>dyndns_dot_cert</emphasis> and <emphasis>dyndns_dot_key</" +"emphasis> options must be both set to achieve mutual TLS authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:396 sssd-ipa.5.xml:411 sssd-ad.5.xml:1406 sssd-ad.5.xml:1421 +msgid "Default: None (Do not use TLS authentication)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:402 sssd-ad.5.xml:1412 +#, fuzzy +#| msgid "simple_deny_users (string)" +msgid "dyndns_dot_key (string)" +msgstr "simple_deny_users (řetězec)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:405 sssd-ad.5.xml:1415 +msgid "" +"This option sets the key file for authenticated encryption for the DoT " +"transport to the remote server. The private key file is expected to be in " +"PEM format." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:417 #, fuzzy #| msgid "krb5_rcache_dir (string)" msgid "ipa_access_order (string)" msgstr "krb5_rcache_dir (řetězec)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:360 +#: sssd-ipa.5.xml:424 msgid "<emphasis>expire</emphasis>: use IPA's account expiration policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:399 +#: sssd-ipa.5.xml:463 msgid "" "Please note that 'access_provider = ipa' must be set for this feature to " "work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:406 +#: sssd-ipa.5.xml:470 msgid "ipa_deskprofile_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:409 +#: sssd-ipa.5.xml:473 msgid "" "Optional. Use the given string as search base for Desktop Profile related " "objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:413 sssd-ipa.5.xml:440 +#: sssd-ipa.5.xml:477 sssd-ipa.5.xml:504 msgid "Default: Use base DN" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:419 +#: sssd-ipa.5.xml:483 #, fuzzy #| msgid "simple_deny_users (string)" msgid "ipa_subid_ranges_search_base (string)" msgstr "simple_deny_users (řetězec)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:422 +#: sssd-ipa.5.xml:486 msgid "" "Optional. Use the given string as search base for subordinate ranges related " "objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:426 +#: sssd-ipa.5.xml:490 msgid "Default: the value of <emphasis>cn=subids,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:433 +#: sssd-ipa.5.xml:497 msgid "ipa_hbac_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:436 +#: sssd-ipa.5.xml:500 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:446 +#: sssd-ipa.5.xml:510 msgid "ipa_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:449 +#: sssd-ipa.5.xml:513 msgid "Deprecated. Use ldap_host_search_base instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:455 +#: sssd-ipa.5.xml:519 msgid "ipa_selinux_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:458 +#: sssd-ipa.5.xml:522 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:474 +#: sssd-ipa.5.xml:538 msgid "ipa_subdomains_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:477 +#: sssd-ipa.5.xml:541 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 +#: sssd-ipa.5.xml:550 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:493 +#: sssd-ipa.5.xml:557 msgid "ipa_master_domain_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:496 +#: sssd-ipa.5.xml:560 msgid "Optional. Use the given string as search base for master domain object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:505 +#: sssd-ipa.5.xml:569 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 +#: sssd-ipa.5.xml:576 msgid "ipa_views_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 +#: sssd-ipa.5.xml:579 msgid "Optional. Use the given string as search base for views containers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:524 +#: sssd-ipa.5.xml:588 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:534 +#: sssd-ipa.5.xml:598 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:538 +#: sssd-ipa.5.xml:602 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:546 sssd-ad.5.xml:1363 +#: sssd-ipa.5.xml:610 sssd-ad.5.xml:1430 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:549 sssd-ad.5.xml:1366 +#: sssd-ipa.5.xml:613 sssd-ad.5.xml:1433 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:553 sssd-ad.5.xml:1370 +#: sssd-ipa.5.xml:617 sssd-ad.5.xml:1437 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:557 sssd-ad.5.xml:1374 +#: sssd-ipa.5.xml:621 sssd-ad.5.xml:1441 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:564 +#: sssd-ipa.5.xml:628 msgid "ipa_deskprofile_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:567 +#: sssd-ipa.5.xml:631 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server. This will reduce the latency and load on the IPA server if there " @@ -10317,34 +10413,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:574 sssd-ipa.5.xml:604 sssd-ipa.5.xml:620 sssd-ad.5.xml:600 +#: sssd-ipa.5.xml:638 sssd-ipa.5.xml:668 sssd-ipa.5.xml:684 sssd-ad.5.xml:600 msgid "Default: 5 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:580 +#: sssd-ipa.5.xml:644 msgid "ipa_deskprofile_request_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:583 +#: sssd-ipa.5.xml:647 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server in case the last request did not return any rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:588 +#: sssd-ipa.5.xml:652 msgid "Default: 60 (minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:594 +#: sssd-ipa.5.xml:658 msgid "ipa_hbac_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:597 +#: sssd-ipa.5.xml:661 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -10352,12 +10448,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:610 +#: sssd-ipa.5.xml:674 msgid "ipa_hbac_selinux (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:613 +#: sssd-ipa.5.xml:677 msgid "" "The amount of time between lookups of the SELinux maps against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -10365,33 +10461,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:626 +#: sssd-ipa.5.xml:690 msgid "ipa_server_mode (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:629 +#: sssd-ipa.5.xml:693 msgid "" "This option will be set by the IPA installer (ipa-server-install) " "automatically and denotes if SSSD is running on an IPA server or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:634 +#: sssd-ipa.5.xml:698 msgid "" "On an IPA server SSSD will lookup users and groups from trusted domains " "directly while on a client it will ask an IPA server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:639 +#: sssd-ipa.5.xml:703 msgid "" "NOTE: There are currently some assumptions that must be met when SSSD is " "running on an IPA server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:644 +#: sssd-ipa.5.xml:708 msgid "" "The <quote>ipa_server</quote> option must be configured to point to the IPA " "server itself. This is already the default set by the IPA installer, so no " @@ -10399,59 +10495,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:653 +#: sssd-ipa.5.xml:717 msgid "" "The <quote>full_name_format</quote> option must not be tweaked to only print " "short names for users from trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:668 +#: sssd-ipa.5.xml:732 msgid "ipa_automount_location (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:671 +#: sssd-ipa.5.xml:735 msgid "The automounter location this IPA client will be using" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:674 +#: sssd-ipa.5.xml:738 msgid "Default: The location named \"default\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:682 +#: sssd-ipa.5.xml:746 msgid "VIEWS AND OVERRIDES" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:691 +#: sssd-ipa.5.xml:755 msgid "ipa_view_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:694 +#: sssd-ipa.5.xml:758 msgid "Objectclass of the view container." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:697 +#: sssd-ipa.5.xml:761 msgid "Default: nsContainer" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:703 +#: sssd-ipa.5.xml:767 msgid "ipa_view_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:706 +#: sssd-ipa.5.xml:770 msgid "Name of the attribute holding the name of the view." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:710 sssd-ldap-attributes.5.xml:496 +#: sssd-ipa.5.xml:774 sssd-ldap-attributes.5.xml:496 #: sssd-ldap-attributes.5.xml:832 sssd-ldap-attributes.5.xml:913 #: sssd-ldap-attributes.5.xml:1010 sssd-ldap-attributes.5.xml:1068 #: sssd-ldap-attributes.5.xml:1226 sssd-ldap-attributes.5.xml:1271 @@ -10459,128 +10555,128 @@ msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:716 +#: sssd-ipa.5.xml:780 msgid "ipa_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:719 +#: sssd-ipa.5.xml:783 msgid "Objectclass of the override objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:722 +#: sssd-ipa.5.xml:786 msgid "Default: ipaOverrideAnchor" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:728 +#: sssd-ipa.5.xml:792 msgid "ipa_anchor_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:731 +#: sssd-ipa.5.xml:795 msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:735 +#: sssd-ipa.5.xml:799 msgid "Default: ipaAnchorUUID" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:741 +#: sssd-ipa.5.xml:805 msgid "ipa_user_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:744 +#: sssd-ipa.5.xml:808 msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:749 +#: sssd-ipa.5.xml:813 msgid "User overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:752 +#: sssd-ipa.5.xml:816 msgid "ldap_user_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:755 +#: sssd-ipa.5.xml:819 msgid "ldap_user_uid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:758 +#: sssd-ipa.5.xml:822 msgid "ldap_user_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:761 +#: sssd-ipa.5.xml:825 msgid "ldap_user_gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:764 +#: sssd-ipa.5.xml:828 msgid "ldap_user_home_directory" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:767 +#: sssd-ipa.5.xml:831 msgid "ldap_user_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:770 +#: sssd-ipa.5.xml:834 msgid "ldap_user_ssh_public_key" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:775 +#: sssd-ipa.5.xml:839 msgid "Default: ipaUserOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:781 +#: sssd-ipa.5.xml:845 msgid "ipa_group_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:784 +#: sssd-ipa.5.xml:848 msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:789 +#: sssd-ipa.5.xml:853 msgid "Group overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:792 +#: sssd-ipa.5.xml:856 msgid "ldap_group_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:795 +#: sssd-ipa.5.xml:859 msgid "ldap_group_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:800 +#: sssd-ipa.5.xml:864 msgid "Default: ipaGroupOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:684 +#: sssd-ipa.5.xml:748 msgid "" "SSSD can handle views and overrides which are offered by FreeIPA 4.1 and " "later version. Since all paths and objectclasses are fixed on the server " @@ -10590,19 +10686,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:812 +#: sssd-ipa.5.xml:876 msgid "SUBDOMAINS PROVIDER" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:814 +#: sssd-ipa.5.xml:878 msgid "" "The IPA subdomains provider behaves slightly differently if it is configured " "explicitly or implicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:818 +#: sssd-ipa.5.xml:882 msgid "" "If the option 'subdomains_provider = ipa' is found in the domain section of " "sssd.conf, the IPA subdomains provider is configured explicitly, and all " @@ -10610,7 +10706,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:824 +#: sssd-ipa.5.xml:888 msgid "" "If the option 'subdomains_provider' is not set in the domain section of sssd." "conf but there is the option 'id_provider = ipa', the IPA subdomains " @@ -10622,12 +10718,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:835 +#: sssd-ipa.5.xml:899 msgid "TRUSTED DOMAINS CONFIGURATION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:843 +#: sssd-ipa.5.xml:907 #, no-wrap msgid "" "[domain/ipa.domain.com/ad.domain.com]\n" @@ -10635,7 +10731,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:837 +#: sssd-ipa.5.xml:901 msgid "" "Some configuration options can also be set for a trusted domain. A trusted " "domain configuration can be set using the trusted domain subsection as shown " @@ -10645,80 +10741,80 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:848 +#: sssd-ipa.5.xml:912 msgid "" "For more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:855 +#: sssd-ipa.5.xml:919 msgid "" "Different configuration options are tunable for a trusted domain depending " "on whether you are configuring SSSD on an IPA server or an IPA client." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:860 +#: sssd-ipa.5.xml:924 msgid "OPTIONS TUNABLE ON IPA MASTERS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:862 +#: sssd-ipa.5.xml:926 msgid "" "The following options can be set in a subdomain section on an IPA master:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:866 sssd-ipa.5.xml:896 +#: sssd-ipa.5.xml:930 sssd-ipa.5.xml:960 msgid "ad_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:869 +#: sssd-ipa.5.xml:933 msgid "ad_backup_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:872 sssd-ipa.5.xml:899 +#: sssd-ipa.5.xml:936 sssd-ipa.5.xml:963 msgid "ad_site" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:875 +#: sssd-ipa.5.xml:939 msgid "ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:878 +#: sssd-ipa.5.xml:942 msgid "ldap_user_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:881 +#: sssd-ipa.5.xml:945 msgid "ldap_group_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:890 +#: sssd-ipa.5.xml:954 msgid "OPTIONS TUNABLE ON IPA CLIENTS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:892 +#: sssd-ipa.5.xml:956 msgid "" "The following options can be set in a subdomain section on an IPA client:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:904 +#: sssd-ipa.5.xml:968 msgid "" "Note that if both options are set, only <quote>ad_server</quote> is " "evaluated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:908 +#: sssd-ipa.5.xml:972 msgid "" "Since any request for a user or a group identity from a trusted domain " "triggered from an IPA client is resolved by the IPA server, the " @@ -10732,7 +10828,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:932 +#: sssd-ipa.5.xml:996 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10740,7 +10836,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:939 +#: sssd-ipa.5.xml:1003 #, no-wrap msgid "" "[domain/example.com]\n" @@ -11866,6 +11962,11 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:1136 +msgid "This option is deprecated." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1139 msgid "" "If this option is set to <quote>true</quote> SSSD will not filter out Domain " "Local groups from remote domains in the AD forest. By default they are " @@ -11876,7 +11977,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1146 +#: sssd-ad.5.xml:1149 msgid "" "Please note that setting this option to <quote>true</quote> will be against " "the intention of Domain Local group in Active Directory and <emphasis>SHOULD " @@ -11891,7 +11992,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1162 +#: sssd-ad.5.xml:1165 msgid "" "Given the comments above, if this option is set to <quote>true</quote> the " "tokenGroups request must be disabled by setting <quote>ldap_use_tokengroups</" @@ -11903,7 +12004,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1185 +#: sssd-ad.5.xml:1188 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -11914,19 +12015,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1215 +#: sssd-ad.5.xml:1218 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1231 +#: sssd-ad.5.xml:1234 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1244 +#: sssd-ad.5.xml:1247 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -11936,7 +12037,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1394 +#: sssd-ad.5.xml:1461 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -11944,7 +12045,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1401 +#: sssd-ad.5.xml:1468 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -11959,7 +12060,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1421 +#: sssd-ad.5.xml:1488 #, no-wrap msgid "" "access_provider = ldap\n" @@ -11968,7 +12069,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1417 +#: sssd-ad.5.xml:1484 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -11976,7 +12077,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1427 +#: sssd-ad.5.xml:1494 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -11986,7 +12087,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1435 +#: sssd-ad.5.xml:1502 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -17564,7 +17665,7 @@ msgstr "" #: include/ldap_id_mapping.xml:67 msgid "" "The SSSD ID-mapping algorithm takes a range of available UIDs and divides it " -"into equally-sized component sections - called \"slices\"-. Each slice " +"into equally-sized component sections - called \"slices\". Each slice " "represents the space available to an Active Directory domain." msgstr "" @@ -17711,7 +17812,7 @@ msgid "" "For example, if your most recently-added Active Directory user has " "objectSid=S-1-5-21-2153326666-2176343378-3404031434-1107, " "<quote>ldap_idmap_range_size</quote> must be at least 1108 as range size is " -"equal to maximal SID minus minimal SID plus one (e.g. 1108 = 1107 - 0 + 1)." +"equal to maximal RID minus minimal RID plus one (e.g. 1108 = 1107 - 0 + 1)." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> diff --git a/src/man/po/de.po b/src/man/po/de.po index 98c7372e419..6d55376432e 100644 --- a/src/man/po/de.po +++ b/src/man/po/de.po @@ -10,7 +10,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 2.3.0\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2024-10-15 11:44+0200\n" +"POT-Creation-Date: 2024-12-10 14:33+0100\n" "PO-Revision-Date: 2021-02-02 14:40+0000\n" "Last-Translator: Sumit Bose <sbose@redhat.com>\n" "Language-Team: German <https://translate.fedoraproject.org/projects/sssd/" @@ -138,19 +138,19 @@ msgstr "" #| "<filename>sssd.conf</filename> must be a regular file, owned by root and " #| "only root may read from or write to the file." msgid "" -"<filename>sssd.conf</filename> must be a regular file that is owned, " -"readable, and writeable by the same user as configured to run SSSD service." +"<filename>sssd.conf</filename> must be a regular file that is accessible " +"only by the user used to run SSSD service or root." msgstr "" "<filename>sssd.conf</filename> muss eine normale Datei sein, die Root gehört " "und die nur von Root gelesen oder geschrieben werden darf." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:67 +#: sssd.conf.5.xml:66 msgid "CONFIGURATION SNIPPETS FROM INCLUDE DIRECTORY" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:70 +#: sssd.conf.5.xml:69 msgid "" "The configuration file <filename>sssd.conf</filename> will include " "configuration snippets using the include directory <filename>conf.d</" @@ -158,7 +158,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:76 +#: sssd.conf.5.xml:75 msgid "" "Any file placed in <filename>conf.d</filename> that ends in " "<quote><filename>.conf</filename></quote> and does not begin with a dot " @@ -167,7 +167,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:84 +#: sssd.conf.5.xml:83 msgid "" "The configuration snippets from <filename>conf.d</filename> have higher " "priority than <filename>sssd.conf</filename> and will override " @@ -180,40 +180,40 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:98 +#: sssd.conf.5.xml:97 msgid "" "The snippet files require the same owner and permissions as <filename>sssd." "conf</filename>." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:104 +#: sssd.conf.5.xml:103 msgid "GENERAL OPTIONS" msgstr "ALLGEMEINE OPTIONEN" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:106 +#: sssd.conf.5.xml:105 msgid "Following options are usable in more than one configuration sections." msgstr "" "Die folgenden Optionen sind in mehreren Konfigurationsabschnitten verfügbar." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:110 +#: sssd.conf.5.xml:109 msgid "Options usable in all sections" msgstr "In allen Abschnitten verfügbare Optionen" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:114 +#: sssd.conf.5.xml:113 msgid "debug_level (integer)" msgstr "debug_level (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:118 +#: sssd.conf.5.xml:117 msgid "debug (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:121 +#: sssd.conf.5.xml:120 msgid "" "SSSD 1.14 and later also includes the <replaceable>debug</replaceable> alias " "for <replaceable>debug_level</replaceable> as a convenience feature. If both " @@ -222,64 +222,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:131 +#: sssd.conf.5.xml:130 msgid "debug_timestamps (bool)" msgstr "debug_timestamps (Boolesch)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:134 +#: sssd.conf.5.xml:133 msgid "" "Add a timestamp to the debug messages. If journald is enabled for SSSD " "debug logging this option is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 sssd.conf.5.xml:176 sssd.conf.5.xml:338 -#: sssd.conf.5.xml:698 sssd.conf.5.xml:713 sssd.conf.5.xml:923 -#: sssd.conf.5.xml:1041 sssd.conf.5.xml:2169 sssd-ldap.5.xml:920 -#: sssd-ldap.5.xml:1074 sssd-ldap.5.xml:1177 sssd-ldap.5.xml:1246 -#: sssd-ldap.5.xml:1654 sssd-ldap.5.xml:1788 sssd-ldap.5.xml:1853 -#: sssd-ipa.5.xml:347 sssd-ad.5.xml:252 sssd-ad.5.xml:367 sssd-ad.5.xml:1201 -#: sssd-ad.5.xml:1354 sssd-krb5.5.xml:358 +#: sssd.conf.5.xml:138 sssd.conf.5.xml:175 sssd.conf.5.xml:337 +#: sssd.conf.5.xml:701 sssd.conf.5.xml:716 sssd.conf.5.xml:926 +#: sssd.conf.5.xml:1044 sssd.conf.5.xml:2172 sssd-ldap.5.xml:931 +#: sssd-ldap.5.xml:1085 sssd-ldap.5.xml:1188 sssd-ldap.5.xml:1257 +#: sssd-ldap.5.xml:1665 sssd-ldap.5.xml:1799 sssd-ldap.5.xml:1864 +#: sssd-ipa.5.xml:361 sssd-ad.5.xml:252 sssd-ad.5.xml:367 sssd-ad.5.xml:1204 +#: sssd-ad.5.xml:1371 sssd-krb5.5.xml:358 msgid "Default: true" msgstr "Voreinstellung: »true«" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:144 +#: sssd.conf.5.xml:143 msgid "debug_microseconds (bool)" msgstr "debug_microseconds (Boolesch)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:147 +#: sssd.conf.5.xml:146 msgid "" "Add microseconds to the timestamp in debug messages. If journald is enabled " "for SSSD debug logging this option is ignored." msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:152 sssd.conf.5.xml:636 sssd.conf.5.xml:920 -#: sssd.conf.5.xml:2072 sssd.conf.5.xml:2139 sssd.conf.5.xml:4231 -#: sssd-ldap.5.xml:313 sssd-ldap.5.xml:939 sssd-ldap.5.xml:1149 -#: sssd-ldap.5.xml:1603 sssd-ldap.5.xml:1877 sssd-ipa.5.xml:152 -#: sssd-ipa.5.xml:254 sssd-ipa.5.xml:662 sssd-ad.5.xml:1107 sssd-krb5.5.xml:268 +#: sssd.conf.5.xml:151 sssd.conf.5.xml:639 sssd.conf.5.xml:923 +#: sssd.conf.5.xml:2075 sssd.conf.5.xml:2142 sssd.conf.5.xml:4234 +#: sssd-ldap.5.xml:324 sssd-ldap.5.xml:950 sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1888 sssd-ipa.5.xml:152 +#: sssd-ipa.5.xml:254 sssd-ipa.5.xml:726 sssd-ad.5.xml:1107 sssd-krb5.5.xml:268 #: sssd-krb5.5.xml:330 sssd-krb5.5.xml:432 include/krb5_options.xml:163 msgid "Default: false" msgstr "Voreinstellung: »false«" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:157 +#: sssd.conf.5.xml:156 #, fuzzy #| msgid "debug_microseconds (bool)" msgid "debug_backtrace_enabled (bool)" msgstr "debug_microseconds (Boolesch)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:160 +#: sssd.conf.5.xml:159 msgid "Enable debug backtrace." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:163 +#: sssd.conf.5.xml:162 msgid "" "In case SSSD is run with debug_level less than 9, everything is logged to a " "ring buffer in memory and flushed to a log file on any error up to and " @@ -289,15 +289,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:172 +#: sssd.conf.5.xml:171 msgid "" "Feature is only supported for `logger == files` (i.e. setting doesn't have " "effect for other logger types)." msgstr "" #. type: Content of: outside any tag (error?) -#: sssd.conf.5.xml:112 sssd.conf.5.xml:187 sssd-ldap.5.xml:1694 -#: sssd-ldap.5.xml:1900 sss-certmap.5.xml:645 sssd-systemtap.5.xml:82 +#: sssd.conf.5.xml:111 sssd.conf.5.xml:186 sssd-ldap.5.xml:1705 +#: sssd-ldap.5.xml:1911 sss-certmap.5.xml:645 sssd-systemtap.5.xml:82 #: sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 #: sssd-systemtap.5.xml:330 sssd-ldap-attributes.5.xml:40 #: sssd-ldap-attributes.5.xml:661 sssd-ldap-attributes.5.xml:803 @@ -309,17 +309,17 @@ msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:185 +#: sssd.conf.5.xml:184 msgid "Options usable in SERVICE and DOMAIN sections" msgstr "In den Abschnitten SERVICE und DOMAIN verwendbare Optionen" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:189 +#: sssd.conf.5.xml:188 msgid "timeout (integer)" msgstr "timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:192 +#: sssd.conf.5.xml:191 msgid "" "Timeout in seconds between heartbeats for this service. This is used to " "ensure that the process is alive and capable of answering requests. Note " @@ -327,33 +327,33 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:199 sssd.conf.5.xml:1261 sssd.conf.5.xml:1738 -#: sssd.conf.5.xml:4247 sssd-ldap.5.xml:766 include/ldap_id_mapping.xml:270 +#: sssd.conf.5.xml:198 sssd.conf.5.xml:1264 sssd.conf.5.xml:1741 +#: sssd.conf.5.xml:4250 sssd-ldap.5.xml:777 include/ldap_id_mapping.xml:270 msgid "Default: 10" msgstr "Voreinstellung: 10" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:209 +#: sssd.conf.5.xml:208 msgid "SPECIAL SECTIONS" msgstr "BESONDERE ABSCHNITTE" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:212 +#: sssd.conf.5.xml:211 msgid "The [sssd] section" msgstr "Der Abschnitt [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><title> -#: sssd.conf.5.xml:221 +#: sssd.conf.5.xml:220 msgid "Section parameters" msgstr "Abschnittsparameter" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:223 +#: sssd.conf.5.xml:222 msgid "services" msgstr "Dienste" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:226 +#: sssd.conf.5.xml:225 msgid "" "Comma separated list of services that are started when sssd itself starts. " "<phrase condition=\"have_systemd\"> The services' list is optional on " @@ -362,7 +362,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:235 +#: sssd.conf.5.xml:234 #, fuzzy #| msgid "" #| "Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</" @@ -383,7 +383,7 @@ msgstr "" "condition=\"with_ifp\">, ifp</phrase>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:242 +#: sssd.conf.5.xml:241 msgid "" "<phrase condition=\"have_systemd\"> By default, all services are disabled " "and the administrator must enable the ones allowed to be used by executing: " @@ -391,12 +391,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:251 +#: sssd.conf.5.xml:250 msgid "domains" msgstr "Domains" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:254 +#: sssd.conf.5.xml:253 msgid "" "A domain is a database containing user information. SSSD can use more " "domains at the same time, but at least one must be configured or SSSD won't " @@ -407,12 +407,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:267 sssd.conf.5.xml:3535 +#: sssd.conf.5.xml:266 sssd.conf.5.xml:3538 msgid "re_expression (string)" msgstr "re_expression (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:270 +#: sssd.conf.5.xml:269 msgid "" "Default regular expression that describes how to parse the string containing " "user name and domain into these components." @@ -422,7 +422,7 @@ msgstr "" "werden sollen." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:275 +#: sssd.conf.5.xml:274 msgid "" "Each domain can have an individual regular expression configured. For some " "ID providers there are also default regular expressions. See DOMAIN SECTIONS " @@ -430,12 +430,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:284 sssd.conf.5.xml:3592 +#: sssd.conf.5.xml:283 sssd.conf.5.xml:3595 msgid "full_name_format (string)" msgstr "full_name_format (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:3595 +#: sssd.conf.5.xml:286 sssd.conf.5.xml:3598 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -447,32 +447,32 @@ msgstr "" "zusammengestellt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:298 sssd.conf.5.xml:3606 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:3609 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 sssd.conf.5.xml:3607 +#: sssd.conf.5.xml:298 sssd.conf.5.xml:3610 msgid "user name" msgstr "Benutzername" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:302 sssd.conf.5.xml:3610 +#: sssd.conf.5.xml:301 sssd.conf.5.xml:3613 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:305 sssd.conf.5.xml:3613 +#: sssd.conf.5.xml:304 sssd.conf.5.xml:3616 msgid "domain name as specified in the SSSD config file." msgstr "Domain-Name, wie er durch die SSSD-Konfigurationsdatei angegeben wird" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:311 sssd.conf.5.xml:3619 +#: sssd.conf.5.xml:310 sssd.conf.5.xml:3622 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:314 sssd.conf.5.xml:3622 +#: sssd.conf.5.xml:313 sssd.conf.5.xml:3625 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." @@ -481,7 +481,7 @@ msgstr "" "direkt konfiguriert als auch über IPA-Trust" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:295 sssd.conf.5.xml:3603 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:3606 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -490,31 +490,31 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:324 +#: sssd.conf.5.xml:323 msgid "" "Each domain can have an individual format string configured. See DOMAIN " "SECTIONS for more info on this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:330 +#: sssd.conf.5.xml:329 msgid "monitor_resolv_conf (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:333 +#: sssd.conf.5.xml:332 msgid "" "Controls if SSSD should monitor the state of resolv.conf to identify when it " "needs to update its internal DNS resolver." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:343 +#: sssd.conf.5.xml:342 msgid "try_inotify (boolean)" msgstr "try_inotify (Boolesch)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:346 +#: sssd.conf.5.xml:345 msgid "" "By default, SSSD will attempt to use inotify to monitor configuration files " "changes and will fall back to polling every five seconds if inotify cannot " @@ -522,7 +522,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:352 +#: sssd.conf.5.xml:351 msgid "" "There are some limited situations where it is preferred that we should skip " "even trying to use inotify. In these rare cases, this option should be set " @@ -533,7 +533,7 @@ msgstr "" "sollte diese Option auf »false« gesetzt werden." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:358 +#: sssd.conf.5.xml:357 msgid "" "Default: true on platforms where inotify is supported. False on other " "platforms." @@ -542,7 +542,7 @@ msgstr "" "»false« auf anderen Plattformen." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:362 +#: sssd.conf.5.xml:361 msgid "" "Note: this option will have no effect on platforms where inotify is " "unavailable. On these platforms, polling will always be used." @@ -551,12 +551,12 @@ msgstr "" "verfügbar ist, keine Auswirkungen haben." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 +#: sssd.conf.5.xml:368 msgid "krb5_rcache_dir (string)" msgstr "krb5_rcache_dir (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 +#: sssd.conf.5.xml:371 msgid "" "Directory on the filesystem where SSSD should store Kerberos replay cache " "files." @@ -564,7 +564,7 @@ msgstr "" "Verzeichnis im Dateisystem, in welchem SSSD den Kerberos Replay-Cache ablegt." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:376 +#: sssd.conf.5.xml:375 msgid "" "This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " "SSSD to let libkrb5 decide the appropriate location for the replay cache." @@ -574,7 +574,7 @@ msgstr "" "Ort für den Replay-Zwischenspeicher ist." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:382 +#: sssd.conf.5.xml:381 msgid "" "Default: Distribution-specific and specified at build-time. " "(__LIBKRB5_DEFAULTS__ if not configured)" @@ -583,12 +583,12 @@ msgstr "" "(__LIBKRB5_DEFAULTS__, falls nicht konfiguriert)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:389 +#: sssd.conf.5.xml:388 msgid "user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:392 +#: sssd.conf.5.xml:391 msgid "" "A legacy (deprecated) method to configure the user to drop the privileges to " "where appropriate to avoid running as the root user. The only supported " @@ -596,14 +596,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 +#: sssd.conf.5.xml:398 msgid "" "This option is ignored if main SSSD process is started under non-root user " "initially (preferred method)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:404 +#: sssd.conf.5.xml:403 msgid "" "This option doesn't apply to socket activated services, as in this case the " "user to run the processes is configured in systemd service files. Keep in " @@ -613,17 +613,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:415 +#: sssd.conf.5.xml:414 msgid "Default: not set, process will run as root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:420 +#: sssd.conf.5.xml:419 msgid "default_domain_suffix (string)" msgstr "default_domain_suffix (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:423 +#: sssd.conf.5.xml:422 +msgid "" +"Please note that this option is deprecated and domain_resolution_order " +"should be used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:426 msgid "" "This string will be used as a default domain name for all names without a " "domain name component. The main use case is environments where the primary " @@ -639,7 +646,7 @@ msgstr "" "ihrem Benutzernamen ohne auch eine Domain anzugeben." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 +#: sssd.conf.5.xml:436 msgid "" "Please note that if this option is set all users from the primary domain " "have to use their fully qualified name, e.g. user@domain.name, to log in. " @@ -652,8 +659,8 @@ msgid "" msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:450 sssd-ldap.5.xml:878 sssd-ldap.5.xml:890 -#: sssd-ldap.5.xml:983 sssd-ad.5.xml:921 sssd-ad.5.xml:996 sssd-krb5.5.xml:468 +#: sssd.conf.5.xml:453 sssd-ldap.5.xml:889 sssd-ldap.5.xml:901 +#: sssd-ldap.5.xml:994 sssd-ad.5.xml:921 sssd-ad.5.xml:996 sssd-krb5.5.xml:468 #: sssd-ldap-attributes.5.xml:470 sssd-ldap-attributes.5.xml:978 #: include/ldap_id_mapping.xml:211 include/ldap_id_mapping.xml:222 #: include/krb5_options.xml:148 @@ -661,12 +668,12 @@ msgid "Default: not set" msgstr "Voreinstellung: nicht gesetzt" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:455 +#: sssd.conf.5.xml:458 msgid "override_space (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:458 +#: sssd.conf.5.xml:461 msgid "" "This parameter will replace spaces (space bar) with the given character for " "user and group names. e.g. (_). User name "john doe" will be " @@ -676,7 +683,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:467 +#: sssd.conf.5.xml:470 msgid "" "Please note it is a configuration error to use a replacement character that " "might be used in user or group names. If a name contains the replacement " @@ -685,22 +692,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:475 +#: sssd.conf.5.xml:478 msgid "Default: not set (spaces will not be replaced)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:480 +#: sssd.conf.5.xml:483 msgid "certificate_verification (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:488 +#: sssd.conf.5.xml:491 msgid "no_ocsp" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:490 +#: sssd.conf.5.xml:493 msgid "" "Disables Online Certificate Status Protocol (OCSP) checks. This might be " "needed if the OCSP servers defined in the certificate are not reachable from " @@ -708,12 +715,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:498 +#: sssd.conf.5.xml:501 msgid "soft_ocsp" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:500 +#: sssd.conf.5.xml:503 msgid "" "If a connection cannot be established to an OCSP responder the OCSP check is " "skipped. This option should be used to allow authentication when the system " @@ -721,61 +728,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:510 +#: sssd.conf.5.xml:513 msgid "ocsp_dgst" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:512 +#: sssd.conf.5.xml:515 msgid "" "Digest (hash) function used to create the certificate ID for the OCSP " "request. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:516 +#: sssd.conf.5.xml:519 msgid "sha1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:517 +#: sssd.conf.5.xml:520 msgid "sha256" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:518 +#: sssd.conf.5.xml:521 msgid "sha384" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:519 +#: sssd.conf.5.xml:522 msgid "sha512" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:522 +#: sssd.conf.5.xml:525 msgid "Default: sha1 (to allow compatibility with RFC5019-compliant responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:528 +#: sssd.conf.5.xml:531 msgid "no_verification" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:530 +#: sssd.conf.5.xml:533 msgid "" "Disables verification completely. This option should only be used for " "testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:536 +#: sssd.conf.5.xml:539 msgid "partial_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:538 +#: sssd.conf.5.xml:541 msgid "" "Allow verification to succeed even if a <replaceable>complete</replaceable> " "chain cannot be built to a self-signed trust-anchor, provided it is possible " @@ -783,12 +790,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:547 +#: sssd.conf.5.xml:550 msgid "ocsp_default_responder=URL" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:549 +#: sssd.conf.5.xml:552 msgid "" "Sets the OCSP default responder which should be used instead of the one " "mentioned in the certificate. URL must be replaced with the URL of the OCSP " @@ -796,24 +803,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:559 +#: sssd.conf.5.xml:562 msgid "ocsp_default_responder_signing_cert=NAME" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:561 +#: sssd.conf.5.xml:564 msgid "" "This option is currently ignored. All needed certificates must be available " "in the PEM file given by pam_cert_db_path." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:569 +#: sssd.conf.5.xml:572 msgid "crl_file=/PATH/TO/CRL/FILE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:571 +#: sssd.conf.5.xml:574 #, fuzzy #| msgid "" #| "Please refer to the <quote>dns_discovery_domain</quote> parameter in the " @@ -830,12 +837,12 @@ msgstr "" "citerefentry> beim Parameter »dns_discovery_domain«." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:584 +#: sssd.conf.5.xml:587 msgid "soft_crl" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:587 +#: sssd.conf.5.xml:590 msgid "" "If a Certificate Revocation List (CRL) is expired ignore the expiration " "time of the CRL and check the related certificates with the expired CRL. " @@ -844,7 +851,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:483 +#: sssd.conf.5.xml:486 msgid "" "With this parameter the certificate verification can be tuned with a comma " "separated list of options. Supported options are: <placeholder " @@ -852,58 +859,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 +#: sssd.conf.5.xml:603 msgid "Unknown options are reported but ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:603 +#: sssd.conf.5.xml:606 msgid "Default: not set, i.e. do not restrict certificate verification" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:609 +#: sssd.conf.5.xml:612 msgid "disable_netlink (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:612 +#: sssd.conf.5.xml:615 msgid "" "SSSD hooks into the netlink interface to monitor changes to routes, " "addresses, links and trigger certain actions." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 +#: sssd.conf.5.xml:620 msgid "" "The SSSD state changes caused by netlink events may be undesirable and can " "be disabled by setting this option to 'true'" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:622 +#: sssd.conf.5.xml:625 msgid "Default: false (netlink changes are detected)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:627 +#: sssd.conf.5.xml:630 msgid "enable_files_domain (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:630 +#: sssd.conf.5.xml:633 msgid "" "When this option is enabled, SSSD prepends an implicit domain with " "<quote>id_provider=files</quote> before any explicitly configured domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:641 +#: sssd.conf.5.xml:644 msgid "domain_resolution_order" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:644 +#: sssd.conf.5.xml:647 msgid "" "Comma separated list of domains and subdomains representing the lookup order " "that will be followed. The list doesn't have to include all possible " @@ -914,7 +921,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:656 +#: sssd.conf.5.xml:659 msgid "" "Please, note that when this option is set the output format of all commands " "is always fully-qualified even when using short names for input <phrase " @@ -932,20 +939,20 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:684 sssd.conf.5.xml:1762 sssd.conf.5.xml:4297 +#: sssd.conf.5.xml:687 sssd.conf.5.xml:1765 sssd.conf.5.xml:4300 #: sssd-ad.5.xml:187 sssd-ad.5.xml:328 sssd-ad.5.xml:342 msgid "Default: Not set" msgstr "Voreinstellung: Nicht gesetzt" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:692 #, fuzzy #| msgid "ipa_server_mode (boolean)" msgid "implicit_pac_responder (boolean)" msgstr "ipa_server_mode (Boolesch)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 +#: sssd.conf.5.xml:695 msgid "" "The PAC responder is enabled automatically for the IPA and AD provider to " "evaluate and check the PAC. If it has to be disabled set this option to " @@ -953,14 +960,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:703 +#: sssd.conf.5.xml:706 #, fuzzy #| msgid "ad_enable_gc (boolean)" msgid "core_dumpable (boolean)" msgstr "ad_enable_gc (Boolesch)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:706 +#: sssd.conf.5.xml:709 msgid "" "This option can be used for general system hardening: setting it to 'false' " "forbids core dumps for all SSSD processes to avoid leaking plain text " @@ -968,28 +975,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:718 +#: sssd.conf.5.xml:721 #, fuzzy #| msgid "ipa_automount_location (string)" msgid "passkey_verification (string)" msgstr "ipa_automount_location (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:726 +#: sssd.conf.5.xml:729 #, fuzzy #| msgid "ipa_automount_location (string)" msgid "user_verification (boolean)" msgstr "ipa_automount_location (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 +#: sssd.conf.5.xml:731 msgid "" "Enable or disable the user verification (i.e. PIN, fingerprint) during " "authentication. If enabled, the PIN will always be requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 +#: sssd.conf.5.xml:737 msgid "" "The default is that the key settings decide what to do. In the IPA or " "kerberos pre-authentication case, this value will be overwritten by the " @@ -997,7 +1004,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:721 +#: sssd.conf.5.xml:724 #, fuzzy #| msgid "" #| "The following expansions are supported: <placeholder " @@ -1011,7 +1018,7 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:214 +#: sssd.conf.5.xml:213 msgid "" "Individual pieces of SSSD functionality are provided by special SSSD " "services that are started and stopped together with SSSD. The services are " @@ -1028,12 +1035,12 @@ msgstr "" "verwendet. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:753 +#: sssd.conf.5.xml:756 msgid "SERVICES SECTIONS" msgstr "DIENSTABSCHNITTE" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:755 +#: sssd.conf.5.xml:758 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -1046,22 +1053,22 @@ msgstr "" "Abschnitt zum Beispiel <quote>[nss]</quote>." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:762 +#: sssd.conf.5.xml:765 msgid "General service configuration options" msgstr "Allgemeine Optionen zum Konfigurieren von Diensten" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:764 +#: sssd.conf.5.xml:767 msgid "These options can be used to configure any service." msgstr "Diese Optionen können zur Konfiguration jedes Dienstes benutzt werden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:768 +#: sssd.conf.5.xml:771 msgid "fd_limit" msgstr "fd_limit" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:771 +#: sssd.conf.5.xml:774 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -1077,17 +1084,17 @@ msgstr "" "Begrenzung in der »limit.conf« sein." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:780 +#: sssd.conf.5.xml:783 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "Voreinstellung: 8192 (oder die »harte« Begrenzung der »limit.conf«)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:785 +#: sssd.conf.5.xml:788 msgid "client_idle_timeout" msgstr "client_idle_timeout" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:788 +#: sssd.conf.5.xml:791 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " @@ -1097,19 +1104,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:797 +#: sssd.conf.5.xml:800 #, fuzzy #| msgid "Default: 300" msgid "Default: 60, KCM: 300" msgstr "Voreinstellung: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 +#: sssd.conf.5.xml:805 msgid "offline_timeout (integer)" msgstr "offline_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 +#: sssd.conf.5.xml:808 msgid "" "When SSSD switches to offline mode the amount of time before it tries to go " "back online will increase based upon the time spent disconnected. By " @@ -1120,14 +1127,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:816 sssd.conf.5.xml:872 +#: sssd.conf.5.xml:819 sssd.conf.5.xml:875 msgid "" "new_delay = Minimum(old_delay * 2, offline_timeout_max) + random[0..." "offline_timeout_random_offset]" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:822 msgid "" "The offline_timeout default value is 60. The offline_timeout_max default " "value is 3600. The offline_timeout_random_offset default value is 30. The " @@ -1135,46 +1142,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:825 +#: sssd.conf.5.xml:828 msgid "" "Note that the maximum length of each interval is defined by " "offline_timeout_max (apart of random part)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:829 sssd.conf.5.xml:1172 sssd.conf.5.xml:1555 -#: sssd.conf.5.xml:1851 sssd-ldap.5.xml:495 +#: sssd.conf.5.xml:832 sssd.conf.5.xml:1175 sssd.conf.5.xml:1558 +#: sssd.conf.5.xml:1854 sssd-ldap.5.xml:506 msgid "Default: 60" msgstr "Voreinstellung: 60" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:834 +#: sssd.conf.5.xml:837 #, fuzzy #| msgid "offline_timeout (integer)" msgid "offline_timeout_max (integer)" msgstr "offline_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:837 +#: sssd.conf.5.xml:840 msgid "" "Controls by how much the time between attempts to go online can be " "incremented following unsuccessful attempts to go online." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:842 +#: sssd.conf.5.xml:845 msgid "A value of 0 disables the incrementing behaviour." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:845 +#: sssd.conf.5.xml:848 msgid "" "The value of this parameter should be set in correlation to offline_timeout " "parameter value." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:849 +#: sssd.conf.5.xml:852 msgid "" "With offline_timeout set to 60 (default value) there is no point in setting " "offlinet_timeout_max to less than 120 as it will saturate instantly. General " @@ -1183,64 +1190,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:858 msgid "" "Although a value between 0 and offline_timeout may be specified, it has the " "effect of overriding the offline_timeout value so is of little use." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:863 #, fuzzy #| msgid "Default: 300" msgid "Default: 3600" msgstr "Voreinstellung: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:865 +#: sssd.conf.5.xml:868 #, fuzzy #| msgid "offline_timeout (integer)" msgid "offline_timeout_random_offset (integer)" msgstr "offline_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:868 +#: sssd.conf.5.xml:871 msgid "" "When SSSD is in offline mode it keeps probing backend servers in specified " "time intervals:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:875 +#: sssd.conf.5.xml:878 msgid "" "This parameter controls the value of the random offset used for the above " "equation. Final random_offset value will be random number in range:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:880 +#: sssd.conf.5.xml:883 msgid "[0 - offline_timeout_random_offset]" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:883 +#: sssd.conf.5.xml:886 msgid "A value of 0 disables the random offset addition." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:886 +#: sssd.conf.5.xml:889 #, fuzzy #| msgid "Default: 300" msgid "Default: 30" msgstr "Voreinstellung: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:894 msgid "responder_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:894 +#: sssd.conf.5.xml:897 msgid "" "This option specifies the number of seconds that an SSSD responder process " "can be up without being used. This value is limited in order to avoid " @@ -1252,30 +1259,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:908 sssd.conf.5.xml:1185 sssd.conf.5.xml:2304 -#: sssd-ldap.5.xml:332 +#: sssd.conf.5.xml:911 sssd.conf.5.xml:1188 sssd.conf.5.xml:2307 +#: sssd-ldap.5.xml:343 msgid "Default: 300" msgstr "Voreinstellung: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:913 +#: sssd.conf.5.xml:916 msgid "cache_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:916 +#: sssd.conf.5.xml:919 msgid "" "This option specifies whether the responder should query all caches before " "querying the Data Providers." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:934 msgid "NSS configuration options" msgstr "NSS-Konfigurationsoptionen" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:933 +#: sssd.conf.5.xml:936 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" @@ -1283,12 +1290,12 @@ msgstr "" "benutzt werden" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:938 +#: sssd.conf.5.xml:941 msgid "enum_cache_timeout (integer)" msgstr "enum_cache_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:941 +#: sssd.conf.5.xml:944 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" @@ -1297,17 +1304,17 @@ msgstr "" "über alle Nutzer) zwischenspeichern?" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:945 +#: sssd.conf.5.xml:948 msgid "Default: 120" msgstr "Voreinstellung: 120" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:950 +#: sssd.conf.5.xml:953 msgid "entry_cache_nowait_percentage (integer)" msgstr "entry_cache_nowait_percentage (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:956 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -1319,7 +1326,7 @@ msgstr "" "werden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:959 +#: sssd.conf.5.xml:962 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -1336,7 +1343,7 @@ msgstr "" "Zwischenspeicheraktualisierung zu warten." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:969 +#: sssd.conf.5.xml:972 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -1349,17 +1356,17 @@ msgstr "" "Sekunden senken. (0 schaltet diese Funktionalität aus.)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:977 sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:980 sssd.conf.5.xml:2096 msgid "Default: 50" msgstr "Voreinstellung: 50" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:985 msgid "entry_negative_timeout (integer)" msgstr "entry_negative_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:985 +#: sssd.conf.5.xml:988 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -1371,17 +1378,17 @@ msgstr "" "Backend erneut gefragt wird)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:991 sssd.conf.5.xml:1750 sssd.conf.5.xml:2117 +#: sssd.conf.5.xml:994 sssd.conf.5.xml:1753 sssd.conf.5.xml:2120 msgid "Default: 15" msgstr "Voreinstellung: 15" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:996 +#: sssd.conf.5.xml:999 msgid "local_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:999 +#: sssd.conf.5.xml:1002 msgid "" "Specifies for how many seconds nss_sss should keep local users and groups in " "negative cache before trying to look it up in the back end again. Setting " @@ -1389,17 +1396,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1005 +#: sssd.conf.5.xml:1008 msgid "Default: 14400 (4 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1013 msgid "filter_users, filter_groups (string)" msgstr "filter_users, filter_groups (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1013 +#: sssd.conf.5.xml:1016 msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " @@ -1408,7 +1415,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1024 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1417,17 +1424,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1029 +#: sssd.conf.5.xml:1032 msgid "Default: root" msgstr "Voreinstellung: root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1037 msgid "filter_users_in_groups (bool)" msgstr "filter_users_in_groups (Boolesch)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1037 +#: sssd.conf.5.xml:1040 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" @@ -1435,12 +1442,12 @@ msgstr "" "setzen Sie diese Option auf »false«." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1048 +#: sssd.conf.5.xml:1051 msgid "fallback_homedir (string)" msgstr "fallback_homedir (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 +#: sssd.conf.5.xml:1054 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." @@ -1449,7 +1456,7 @@ msgstr "" "es nicht explizit durch den Datenanbieter der Domain angegeben wurde." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1056 +#: sssd.conf.5.xml:1059 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" @@ -1457,7 +1464,7 @@ msgstr "" "»override_homedir«." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1062 +#: sssd.conf.5.xml:1065 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1467,25 +1474,25 @@ msgstr "" " " #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 sssd.conf.5.xml:1622 sssd.conf.5.xml:1641 -#: sssd.conf.5.xml:1718 sssd-krb5.5.xml:451 include/override_homedir.xml:66 +#: sssd.conf.5.xml:1063 sssd.conf.5.xml:1625 sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1721 sssd-krb5.5.xml:451 include/override_homedir.xml:66 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "Beispiel: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1069 msgid "Default: not set (no substitution for unset home directories)" msgstr "" "Voreinstellung: nicht gesetzt (kein Ersetzen nicht gesetzter Home-" "Verzeichnisse)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1072 +#: sssd.conf.5.xml:1075 msgid "override_shell (string)" msgstr "override_shell (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 +#: sssd.conf.5.xml:1078 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1496,19 +1503,19 @@ msgstr "" "entweder im Abschnitt [nss] oder für jede Domain gesetzt werden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1084 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" "Voreinstellung: nicht gesetzt (SSSD wird den von LDAP erhaltenen Wert " "benutzen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1090 msgid "allowed_shells (string)" msgstr "allowed_shells (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1093 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" @@ -1516,12 +1523,12 @@ msgstr "" "Reihenfolge der Auswertung ist:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:1096 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "1. Falls die Shell in »/etc/shells« vorhanden ist, wird sie benutzt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1097 +#: sssd.conf.5.xml:1100 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." @@ -1530,7 +1537,7 @@ msgstr "" "shells« steht, wird der Wert des Parameters »shell_fallback« verwendet." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1105 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." @@ -1539,12 +1546,12 @@ msgstr "" "steht, wird eine Nicht-Login-Shell benutzt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 +#: sssd.conf.5.xml:1110 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1110 +#: sssd.conf.5.xml:1113 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1552,13 +1559,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1117 +#: sssd.conf.5.xml:1120 msgid "An empty string for shell is passed as-is to libc." msgstr "" "Eine leere Zeichenkette als Shell wird, so wie sie ist, an Libc übergeben." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1123 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." @@ -1567,28 +1574,28 @@ msgstr "" "Fall einer neu installierten Shell ein Neustart von SSSD nötig ist." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1127 msgid "Default: Not set. The user shell is automatically used." msgstr "" "Voreinstellung: nicht gesetzt. Die Benutzer-Shell wird automatisch verwendet." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1132 msgid "vetoed_shells (string)" msgstr "vetoed_shells (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1132 +#: sssd.conf.5.xml:1135 msgid "Replace any instance of these shells with the shell_fallback" msgstr "ersetzt jedwede Instanz dieser Shells durch die aus »shell_fallback«." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1140 msgid "shell_fallback (string)" msgstr "shell_fallback (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1143 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" @@ -1596,17 +1603,17 @@ msgstr "" "auf dem Rechner installiert ist." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1147 msgid "Default: /bin/sh" msgstr "Voreinstellung: /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1152 msgid "default_shell" msgstr "default_shell" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1155 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." @@ -1616,7 +1623,7 @@ msgstr "" "jede Domain gesetzt werden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1161 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" @@ -1626,12 +1633,12 @@ msgstr "" "Vernünftiges, üblicherweise /bin/sh, ersetzt.)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 sssd.conf.5.xml:1548 +#: sssd.conf.5.xml:1168 sssd.conf.5.xml:1551 msgid "get_domains_timeout (int)" msgstr "get_domains_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 sssd.conf.5.xml:1551 +#: sssd.conf.5.xml:1171 sssd.conf.5.xml:1554 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." @@ -1640,43 +1647,43 @@ msgstr "" "gültig erachtet wird." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1180 #, fuzzy #| msgid "enum_cache_timeout (integer)" msgid "memcache_timeout (integer)" msgstr "enum_cache_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1180 +#: sssd.conf.5.xml:1183 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1191 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 sssd.conf.5.xml:1219 sssd.conf.5.xml:1244 -#: sssd.conf.5.xml:1269 sssd.conf.5.xml:1296 +#: sssd.conf.5.xml:1197 sssd.conf.5.xml:1222 sssd.conf.5.xml:1247 +#: sssd.conf.5.xml:1272 sssd.conf.5.xml:1299 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1202 +#: sssd.conf.5.xml:1205 #, fuzzy #| msgid "enum_cache_timeout (integer)" msgid "memcache_size_passwd (integer)" msgstr "enum_cache_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1205 +#: sssd.conf.5.xml:1208 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for passwd requests. Setting the size to 0 will disable the passwd in-" @@ -1684,27 +1691,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:2963 sssd-ldap.5.xml:549 +#: sssd.conf.5.xml:1214 sssd.conf.5.xml:2966 sssd-ldap.5.xml:560 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1214 sssd.conf.5.xml:1239 sssd.conf.5.xml:1264 -#: sssd.conf.5.xml:1291 +#: sssd.conf.5.xml:1217 sssd.conf.5.xml:1242 sssd.conf.5.xml:1267 +#: sssd.conf.5.xml:1294 msgid "" "WARNING: Disabled or too small in-memory cache can have significant negative " "impact on SSSD's performance." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1230 #, fuzzy #| msgid "enum_cache_timeout (integer)" msgid "memcache_size_group (integer)" msgstr "enum_cache_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1233 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for group requests. Setting the size to 0 will disable the group in-memory " @@ -1712,21 +1719,21 @@ msgid "" msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1236 sssd.conf.5.xml:1288 sssd.conf.5.xml:3724 -#: sssd-ldap.5.xml:474 sssd-ldap.5.xml:526 include/failover.xml:116 +#: sssd.conf.5.xml:1239 sssd.conf.5.xml:1291 sssd.conf.5.xml:3727 +#: sssd-ldap.5.xml:485 sssd-ldap.5.xml:537 include/failover.xml:116 #: include/krb5_options.xml:11 msgid "Default: 6" msgstr "Voreinstellung: 6" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1252 +#: sssd.conf.5.xml:1255 #, fuzzy #| msgid "enum_cache_timeout (integer)" msgid "memcache_size_initgroups (integer)" msgstr "enum_cache_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1255 +#: sssd.conf.5.xml:1258 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for initgroups requests. Setting the size to 0 will disable the initgroups " @@ -1734,14 +1741,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 +#: sssd.conf.5.xml:1280 #, fuzzy #| msgid "enum_cache_timeout (integer)" msgid "memcache_size_sid (integer)" msgstr "enum_cache_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 +#: sssd.conf.5.xml:1283 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for SID related requests. Only SID-by-ID and ID-by-SID requests are " @@ -1750,12 +1757,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1304 sssd-ifp.5.xml:90 +#: sssd.conf.5.xml:1307 sssd-ifp.5.xml:90 msgid "user_attributes (string)" msgstr "user_attributes (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1307 +#: sssd.conf.5.xml:1310 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1766,38 +1773,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1320 +#: sssd.conf.5.xml:1323 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1325 +#: sssd.conf.5.xml:1328 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1330 +#: sssd.conf.5.xml:1333 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1336 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1341 #, fuzzy #| msgid "Default: <quote>permit</quote>" msgid "Default: <quote>*</quote>" msgstr "Voreinstellung: »permit«" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1341 +#: sssd.conf.5.xml:1344 #, fuzzy #| msgid "This option can also be set per-domain." msgid "" @@ -1806,7 +1813,7 @@ msgid "" msgstr "Diese Option kann auch pro Domain gesetzt werden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1348 msgid "" "Default: <quote>not set</quote> (remote domains), <phrase " "condition=\"with_files_provider\"> <quote>x</quote> (the files domain), </" @@ -1815,12 +1822,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1360 msgid "PAM configuration options" msgstr "PAM-Konfigurationsoptionen" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1359 +#: sssd.conf.5.xml:1362 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." @@ -1829,12 +1836,12 @@ msgstr "" "Authentication Module« (PAM) einzurichten." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1364 +#: sssd.conf.5.xml:1367 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1367 +#: sssd.conf.5.xml:1370 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." @@ -1844,17 +1851,17 @@ msgstr "" "erfolgreichen Anmeldung)?" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1372 sssd.conf.5.xml:1385 +#: sssd.conf.5.xml:1375 sssd.conf.5.xml:1388 msgid "Default: 0 (No limit)" msgstr "Voreinstellung: 0 (unbegrenzt)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1381 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1384 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." @@ -1863,12 +1870,12 @@ msgstr "" "Authentifizierungsanbieter offline ist?" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1391 +#: sssd.conf.5.xml:1394 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1394 +#: sssd.conf.5.xml:1397 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." @@ -1878,7 +1885,7 @@ msgstr "" "Anmeldeversuch möglich ist." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1399 +#: sssd.conf.5.xml:1402 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1890,17 +1897,17 @@ msgstr "" "Authentifizierung reaktivieren." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1405 sssd.conf.5.xml:1515 +#: sssd.conf.5.xml:1408 sssd.conf.5.xml:1518 msgid "Default: 5" msgstr "Voreinstellung: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1411 +#: sssd.conf.5.xml:1414 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1414 +#: sssd.conf.5.xml:1417 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." @@ -1909,45 +1916,45 @@ msgstr "" "angezeigt werden. Je höher die Zahl, desto mehr Nachrichten werden angezeigt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1422 msgid "Currently sssd supports the following values:" msgstr "Derzeit unterstützt SSSD folgende Werte:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1422 +#: sssd.conf.5.xml:1425 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis>: keine Nachricht anzeigen" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1425 +#: sssd.conf.5.xml:1428 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis>: nur wichtige Nachrichten anzeigen" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1432 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis>: nur informative Nachrichten anzeigen" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1435 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" "<emphasis>3</emphasis>: alle Nachrichten und Debug-Informationen anzeigen" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1436 sssd.8.xml:63 +#: sssd.conf.5.xml:1439 sssd.8.xml:63 msgid "Default: 1" msgstr "Voreinstellung: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1442 +#: sssd.conf.5.xml:1445 #, fuzzy #| msgid "ad_access_filter (string)" msgid "pam_response_filter (string)" msgstr "ad_access_filter (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:1448 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1956,51 +1963,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1453 +#: sssd.conf.5.xml:1456 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1463 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1461 +#: sssd.conf.5.xml:1464 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1464 +#: sssd.conf.5.xml:1467 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1465 +#: sssd.conf.5.xml:1468 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:1472 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1470 +#: sssd.conf.5.xml:1473 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1458 +#: sssd.conf.5.xml:1461 msgid "" "Currently the following filters are supported: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1477 +#: sssd.conf.5.xml:1480 msgid "" "The list of strings can either be the list of filters which would set this " "list of filters and overwrite the defaults. Or each element of the list can " @@ -2011,23 +2018,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1488 +#: sssd.conf.5.xml:1491 msgid "Default: ENV:KRB5CCNAME:sudo, ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1491 +#: sssd.conf.5.xml:1494 msgid "" "Example: -ENV:KRB5CCNAME:sudo-i will remove the filter from the default list" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1498 +#: sssd.conf.5.xml:1501 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1501 +#: sssd.conf.5.xml:1504 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -2039,7 +2046,7 @@ msgstr "" "den neusten Informationen erfolgt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1507 +#: sssd.conf.5.xml:1510 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -2053,17 +2060,17 @@ msgstr "" "viele Abfragen der Identitätsanbieter zu vermeiden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1521 +#: sssd.conf.5.xml:1524 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1524 sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:1527 sssd.conf.5.xml:2990 msgid "Display a warning N days before the password expires." msgstr "zeigt N Tage vor Ablauf des Passworts eine Warnung an." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1527 +#: sssd.conf.5.xml:1530 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2074,7 +2081,7 @@ msgstr "" "SSSD keine Warnung anzeigen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1533 sssd.conf.5.xml:2990 +#: sssd.conf.5.xml:1536 sssd.conf.5.xml:2993 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -2084,7 +2091,7 @@ msgstr "" "automatisch angezeigt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1541 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." @@ -2093,18 +2100,18 @@ msgstr "" "emphasis> für eine bestimmte Domain außer Kraft gesetzt werden." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1543 sssd.conf.5.xml:3990 sssd-ldap.5.xml:607 -#: sssd-ldap.5.xml:1673 sssd.8.xml:79 +#: sssd.conf.5.xml:1546 sssd.conf.5.xml:3993 sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:1684 sssd.8.xml:79 msgid "Default: 0" msgstr "Voreinstellung: 0" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1560 +#: sssd.conf.5.xml:1563 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1563 +#: sssd.conf.5.xml:1566 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -2114,75 +2121,75 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1573 +#: sssd.conf.5.xml:1576 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1577 +#: sssd.conf.5.xml:1580 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1584 +#: sssd.conf.5.xml:1587 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1587 +#: sssd.conf.5.xml:1590 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1591 +#: sssd.conf.5.xml:1594 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1595 +#: sssd.conf.5.xml:1598 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1602 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1603 sssd.conf.5.xml:1628 sssd.conf.5.xml:1647 -#: sssd.conf.5.xml:1884 sssd.conf.5.xml:2725 sssd.conf.5.xml:3919 -#: sssd-ldap.5.xml:1210 +#: sssd.conf.5.xml:1606 sssd.conf.5.xml:1631 sssd.conf.5.xml:1650 +#: sssd.conf.5.xml:1887 sssd.conf.5.xml:2728 sssd.conf.5.xml:3922 +#: sssd-ldap.5.xml:1221 msgid "Default: none" msgstr "Voreinstellung: none" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1611 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1611 +#: sssd.conf.5.xml:1614 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1616 +#: sssd.conf.5.xml:1619 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1627 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -2190,19 +2197,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1633 +#: sssd.conf.5.xml:1636 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1639 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1643 +#: sssd.conf.5.xml:1646 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -2210,48 +2217,48 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1652 +#: sssd.conf.5.xml:1655 #, fuzzy #| msgid "ldap_chpass_update_last_change (bool)" msgid "pam_passkey_auth (bool)" msgstr "ldap_chpass_update_last_change (Boolesch)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1655 +#: sssd.conf.5.xml:1658 msgid "Enable passkey device based authentication." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1658 sssd.conf.5.xml:1970 sssd-ad.5.xml:1272 +#: sssd.conf.5.xml:1661 sssd.conf.5.xml:1973 sssd-ad.5.xml:1275 #: sss_rpcidmapd.5.xml:76 sssd-files.5.xml:145 msgid "Default: True" msgstr "Voreinstellung: True" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1663 +#: sssd.conf.5.xml:1666 msgid "passkey_debug_libfido2 (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1666 +#: sssd.conf.5.xml:1669 msgid "Enable libfido2 library debug messages." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1669 sssd.conf.5.xml:1683 sssd-ldap.5.xml:672 -#: sssd-ldap.5.xml:693 sssd-ldap.5.xml:789 sssd-ldap.5.xml:1296 -#: sssd-ad.5.xml:506 sssd-ad.5.xml:582 sssd-ad.5.xml:1127 sssd-ad.5.xml:1176 +#: sssd.conf.5.xml:1672 sssd.conf.5.xml:1686 sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:704 sssd-ldap.5.xml:800 sssd-ldap.5.xml:1307 +#: sssd-ad.5.xml:506 sssd-ad.5.xml:582 sssd-ad.5.xml:1127 sssd-ad.5.xml:1179 #: include/ldap_id_mapping.xml:250 msgid "Default: False" msgstr "Voreinstellung: False" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1674 +#: sssd.conf.5.xml:1677 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1677 +#: sssd.conf.5.xml:1680 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -2259,36 +2266,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1688 +#: sssd.conf.5.xml:1691 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1691 +#: sssd.conf.5.xml:1694 msgid "The path to the certificate database." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1694 sssd.conf.5.xml:2219 sssd.conf.5.xml:4411 +#: sssd.conf.5.xml:1697 sssd.conf.5.xml:2222 sssd.conf.5.xml:4414 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1696 sssd.conf.5.xml:2221 +#: sssd.conf.5.xml:1699 sssd.conf.5.xml:2224 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (path to a file with trusted CA " "certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:1709 #, fuzzy #| msgid "ipa_automount_location (string)" msgid "pam_cert_verification (string)" msgstr "ipa_automount_location (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:1712 msgid "" "With this parameter the PAM certificate verification can be tuned with a " "comma separated list of options that override the " @@ -2298,7 +2305,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:1723 #, fuzzy, no-wrap #| msgid "" #| "fallback_homedir = /home/%u\n" @@ -2311,63 +2318,63 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:1727 msgid "" "Default: not set, i.e. use default <quote>certificate_verification</quote> " "option defined in <quote>[sssd]</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1731 +#: sssd.conf.5.xml:1734 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1734 +#: sssd.conf.5.xml:1737 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1743 +#: sssd.conf.5.xml:1746 #, fuzzy #| msgid "pam_id_timeout (integer)" msgid "passkey_child_timeout (integer)" msgstr "pam_id_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 +#: sssd.conf.5.xml:1749 msgid "" "How many seconds will the PAM responder wait for passkey_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1758 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1761 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1767 +#: sssd.conf.5.xml:1770 #, fuzzy #| msgid "simple_allow_users (string)" msgid "pam_p11_allowed_services (string)" msgstr "simple_allow_users (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1770 +#: sssd.conf.5.xml:1773 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1785 +#: sssd.conf.5.xml:1788 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -2375,7 +2382,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1774 +#: sssd.conf.5.xml:1777 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -2387,63 +2394,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1789 sssd-ad.5.xml:645 sssd-ad.5.xml:754 sssd-ad.5.xml:812 +#: sssd.conf.5.xml:1792 sssd-ad.5.xml:645 sssd-ad.5.xml:754 sssd-ad.5.xml:812 #: sssd-ad.5.xml:870 sssd-ad.5.xml:948 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1794 sssd-ad.5.xml:649 +#: sssd.conf.5.xml:1797 sssd-ad.5.xml:649 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1799 sssd-ad.5.xml:654 +#: sssd.conf.5.xml:1802 sssd-ad.5.xml:654 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1804 sssd-ad.5.xml:659 +#: sssd.conf.5.xml:1807 sssd-ad.5.xml:659 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1809 sssd-ad.5.xml:674 +#: sssd.conf.5.xml:1812 sssd-ad.5.xml:674 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1814 sssd-ad.5.xml:669 +#: sssd.conf.5.xml:1817 sssd-ad.5.xml:669 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1819 sssd-ad.5.xml:679 +#: sssd.conf.5.xml:1822 sssd-ad.5.xml:679 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1824 sssd-ad.5.xml:957 +#: sssd.conf.5.xml:1827 sssd-ad.5.xml:957 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1829 sssd-ad.5.xml:962 +#: sssd.conf.5.xml:1832 sssd-ad.5.xml:962 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1837 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1845 msgid "p11_wait_for_card_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1845 +#: sssd.conf.5.xml:1848 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2451,12 +2458,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1856 +#: sssd.conf.5.xml:1859 msgid "p11_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1859 +#: sssd.conf.5.xml:1862 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " @@ -2467,7 +2474,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1872 +#: sssd.conf.5.xml:1875 #, no-wrap msgid "" "p11_uri = pkcs11:slot-description=My%20Smartcard%20Reader\n" @@ -2475,7 +2482,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1876 +#: sssd.conf.5.xml:1879 #, no-wrap msgid "" "p11_uri = pkcs11:library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2483,7 +2490,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1870 +#: sssd.conf.5.xml:1873 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2492,47 +2499,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1892 msgid "pam_initgroups_scheme" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1897 +#: sssd.conf.5.xml:1900 msgid "always" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1898 +#: sssd.conf.5.xml:1901 msgid "" "Always do an online lookup, please note that pam_id_timeout still applies" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1902 +#: sssd.conf.5.xml:1905 msgid "no_session" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1903 +#: sssd.conf.5.xml:1906 msgid "" "Only do an online lookup if there is no active session of the user, i.e. if " "the user is currently not logged in" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1908 +#: sssd.conf.5.xml:1911 msgid "never" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1909 +#: sssd.conf.5.xml:1912 msgid "" "Never force an online lookup, use the data from the cache as long as they " "are not expired" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1892 +#: sssd.conf.5.xml:1895 msgid "" "The PAM responder can force an online lookup to get the current group " "memberships of the user trying to log in. This option controls when this " @@ -2541,17 +2548,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1916 +#: sssd.conf.5.xml:1919 msgid "Default: no_session" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1921 sssd.conf.5.xml:4350 +#: sssd.conf.5.xml:1924 sssd.conf.5.xml:4353 msgid "pam_gssapi_services" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1924 +#: sssd.conf.5.xml:1927 #, fuzzy #| msgid "Comma separated list of users who are allowed to log in." msgid "" @@ -2560,13 +2567,13 @@ msgid "" msgstr "Durch Kommata getrennte Liste von Benutzern, die sich anmelden dürfen." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:1932 msgid "" "To disable GSSAPI authentication, set this option to <quote>-</quote> (dash)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1933 sssd.conf.5.xml:1964 sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:1936 sssd.conf.5.xml:1967 sssd.conf.5.xml:2005 msgid "" "Note: This option can also be set per-domain which overwrites the value in " "[pam] section. It can also be set for trusted domain which overwrites the " @@ -2574,7 +2581,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1941 +#: sssd.conf.5.xml:1944 #, fuzzy, no-wrap #| msgid "" #| "fallback_homedir = /home/%u\n" @@ -2587,22 +2594,22 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1939 sssd.conf.5.xml:3913 +#: sssd.conf.5.xml:1942 sssd.conf.5.xml:3916 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1945 +#: sssd.conf.5.xml:1948 msgid "Default: - (GSSAPI authentication is disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1950 sssd.conf.5.xml:4351 +#: sssd.conf.5.xml:1953 sssd.conf.5.xml:4354 msgid "pam_gssapi_check_upn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1953 +#: sssd.conf.5.xml:1956 msgid "" "If True, SSSD will require that the Kerberos user principal that " "successfully authenticated through GSSAPI can be associated with the user " @@ -2610,19 +2617,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1960 +#: sssd.conf.5.xml:1963 msgid "" "If False, every user that is able to obtained required service ticket will " "be authenticated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:1978 msgid "pam_gssapi_indicators_map" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1978 +#: sssd.conf.5.xml:1981 msgid "" "Comma separated list of authentication indicators required to be present in " "a Kerberos ticket to access a PAM service that is allowed to try GSSAPI " @@ -2630,7 +2637,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1984 +#: sssd.conf.5.xml:1987 msgid "" "Each element of the list can be either an authentication indicator name or a " "pair <quote>service:indicator</quote>. Indicators not prefixed with the PAM " @@ -2645,7 +2652,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1997 +#: sssd.conf.5.xml:2000 msgid "" "To disable GSSAPI authentication indicator check, set this option to <quote>-" "</quote> (dash). To disable the check for a specific PAM service, add " @@ -2653,45 +2660,45 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2008 +#: sssd.conf.5.xml:2011 msgid "" "Following authentication indicators are supported by IPA Kerberos " "deployments:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2011 +#: sssd.conf.5.xml:2014 msgid "" "pkinit -- pre-authentication using X.509 certificates -- whether stored in " "files or on smart cards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2014 +#: sssd.conf.5.xml:2017 msgid "" "hardened -- SPAKE pre-authentication or any pre-authentication wrapped in a " "FAST channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2017 +#: sssd.conf.5.xml:2020 msgid "radius -- pre-authentication with the help of a RADIUS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2020 +#: sssd.conf.5.xml:2023 msgid "" "otp -- pre-authentication using integrated two-factor authentication (2FA or " "one-time password, OTP) in IPA." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2023 +#: sssd.conf.5.xml:2026 msgid "idp -- pre-authentication using external identity provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2033 +#: sssd.conf.5.xml:2036 #, no-wrap msgid "" "pam_gssapi_indicators_map = sudo:pkinit, sudo-i:pkinit\n" @@ -2699,7 +2706,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2028 +#: sssd.conf.5.xml:2031 msgid "" "Example: to require access to SUDO services only for users which obtained " "their Kerberos tickets with a X.509 certificate pre-authentication (PKINIT), " @@ -2707,7 +2714,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2037 +#: sssd.conf.5.xml:2040 #, fuzzy #| msgid "Default: not set (no substitution for unset home directories)" msgid "Default: not set (use of authentication indicators is not required)" @@ -2716,12 +2723,12 @@ msgstr "" "Verzeichnisse)" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2048 msgid "SUDO configuration options" msgstr "Sudo-Konfigurationsoptionen" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2047 +#: sssd.conf.5.xml:2050 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2739,12 +2746,12 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2064 +#: sssd.conf.5.xml:2067 msgid "sudo_timed (bool)" msgstr "sudo_timed (Boolesch)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2067 +#: sssd.conf.5.xml:2070 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." @@ -2754,12 +2761,12 @@ msgstr "" "nicht." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2079 +#: sssd.conf.5.xml:2082 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2082 +#: sssd.conf.5.xml:2085 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2769,23 +2776,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2101 +#: sssd.conf.5.xml:2104 msgid "AUTOFS configuration options" msgstr "AUTOFS-Konfigurationsoptionen" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2103 +#: sssd.conf.5.xml:2106 msgid "These options can be used to configure the autofs service." msgstr "" "Diese Optionen können zum Konfigurieren des Dienstes »autofs« benutzt werden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2107 +#: sssd.conf.5.xml:2110 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2110 +#: sssd.conf.5.xml:2113 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2796,23 +2803,23 @@ msgstr "" "nicht existierende), bevor das Backend erneut befragt wird." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2126 +#: sssd.conf.5.xml:2129 msgid "SSH configuration options" msgstr "SSH-Konfigurationsoptionen" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2128 +#: sssd.conf.5.xml:2131 msgid "These options can be used to configure the SSH service." msgstr "" "Diese Optionen können zum Konfigurieren des SSH-Dienstes benutzt werden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:2135 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (Boolesch)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2135 +#: sssd.conf.5.xml:2138 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." @@ -2821,12 +2828,12 @@ msgstr "" "»known_hosts« zusammengemischt werden oder nicht." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2144 +#: sssd.conf.5.xml:2147 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2147 +#: sssd.conf.5.xml:2150 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." @@ -2835,17 +2842,17 @@ msgstr "" "»known_hosts« behalten wird, bevor seine Rechnerschlüssel abgefragt werden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2154 msgid "Default: 180" msgstr "Voreinstellung: 180" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2156 +#: sssd.conf.5.xml:2159 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2159 +#: sssd.conf.5.xml:2162 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2854,12 +2861,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2174 +#: sssd.conf.5.xml:2177 msgid "ssh_use_certificate_matching_rules (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2177 +#: sssd.conf.5.xml:2180 msgid "" "By default the ssh responder will use all available certificate matching " "rules to filter the certificates so that ssh keys are only derived from the " @@ -2869,7 +2876,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2186 +#: sssd.conf.5.xml:2189 msgid "" "There are two special key words 'all_rules' and 'no_rules' which will enable " "all or no rules, respectively. The latter means that no certificates will be " @@ -2877,7 +2884,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2193 +#: sssd.conf.5.xml:2196 msgid "" "If no rules are configured using 'all_rules' will enable a default rule " "which enables all certificates suitable for client authentication. This is " @@ -2886,38 +2893,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2200 +#: sssd.conf.5.xml:2203 msgid "" "A non-existing rule name is considered an error. If as a result no rule is " "selected all certificates will be ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2205 +#: sssd.conf.5.xml:2208 msgid "" "Default: not set, equivalent to 'all_rules', all found rules or the default " "rule are used" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2211 +#: sssd.conf.5.xml:2214 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2214 +#: sssd.conf.5.xml:2217 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2234 +#: sssd.conf.5.xml:2237 msgid "PAC responder configuration options" msgstr "PAC-Responder-Konfigurationsoptionen" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2239 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2928,7 +2935,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2245 +#: sssd.conf.5.xml:2248 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2939,7 +2946,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2253 +#: sssd.conf.5.xml:2256 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." @@ -2948,18 +2955,18 @@ msgstr "" "diesen Gruppen hinzugefügt." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2259 +#: sssd.conf.5.xml:2262 msgid "These options can be used to configure the PAC responder." msgstr "" "Diese Optionen können zur Konfiguration des PAC-Responders verwendet werden." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2263 sssd-ifp.5.xml:66 +#: sssd.conf.5.xml:2266 sssd-ifp.5.xml:66 msgid "allowed_uids (string)" msgstr "allowed_uids (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2266 +#: sssd.conf.5.xml:2269 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2970,7 +2977,7 @@ msgstr "" "beim Starten zu UIDs aufgelöst." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2272 +#: sssd.conf.5.xml:2275 #, fuzzy #| msgid "" #| "Default: 0 (only the root user is allowed to access the PAC responder)" @@ -2982,14 +2989,14 @@ msgstr "" "Responder gestattet.)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2279 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" "Voreinstellung: 0 (Nur dem Benutzer Root ist der Zugriff auf den PAC-" "Responder gestattet.)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2280 +#: sssd.conf.5.xml:2283 #, fuzzy #| msgid "" #| "Please note that although the UID 0 is used as the default it will be " @@ -3008,7 +3015,7 @@ msgstr "" "der Liste der erlaubten UIDs auch die 0 hinzufügen." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2287 +#: sssd.conf.5.xml:2290 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -3021,26 +3028,26 @@ msgstr "" "der Liste der erlaubten UIDs auch die 0 hinzufügen." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2296 +#: sssd.conf.5.xml:2299 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2299 +#: sssd.conf.5.xml:2302 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2309 +#: sssd.conf.5.xml:2312 #, fuzzy #| msgid "ldap_schema (string)" msgid "pac_check (string)" msgstr "ldap_schema (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2312 +#: sssd.conf.5.xml:2315 msgid "" "Apply additional checks on the PAC of the Kerberos ticket which is available " "in Active Directory and FreeIPA domains, if configured. Please note that " @@ -3051,24 +3058,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2326 +#: sssd.conf.5.xml:2329 msgid "no_check" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2328 +#: sssd.conf.5.xml:2331 msgid "" "The PAC must not be present and even if it is present no additional checks " "will be done." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2334 +#: sssd.conf.5.xml:2337 msgid "pac_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:2339 msgid "" "The PAC must be present in the service ticket which SSSD will request with " "the help of the user's TGT. If the PAC is not available the authentication " @@ -3076,24 +3083,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2344 +#: sssd.conf.5.xml:2347 msgid "check_upn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2346 +#: sssd.conf.5.xml:2349 msgid "" "If the PAC is present check if the user principal name (UPN) information is " "consistent." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2352 +#: sssd.conf.5.xml:2355 msgid "check_upn_allow_missing" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2357 msgid "" "This option should be used together with 'check_upn' and handles the case " "where a UPN is set on the server-side but is not read by SSSD. The typical " @@ -3105,7 +3112,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2366 +#: sssd.conf.5.xml:2369 msgid "" "Currently this option is set by default to avoid regressions in such " "environments. A log message will be added to the system log and SSSD's debug " @@ -3116,41 +3123,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2380 +#: sssd.conf.5.xml:2383 msgid "upn_dns_info_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2382 +#: sssd.conf.5.xml:2385 msgid "The PAC must contain the UPN-DNS-INFO buffer, implies 'check_upn'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2387 +#: sssd.conf.5.xml:2390 msgid "check_upn_dns_info_ex" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2389 +#: sssd.conf.5.xml:2392 msgid "" "If the PAC is present and the extension to the UPN-DNS-INFO buffer is " "available check if the information in the extension is consistent." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2396 +#: sssd.conf.5.xml:2399 msgid "upn_dns_info_ex_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2401 msgid "" "The PAC must contain the extension of the UPN-DNS-INFO buffer, implies " "'check_upn_dns_info_ex', 'upn_dns_info_present' and 'check_upn'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2325 #, fuzzy #| msgid "" #| "The following expansions are supported: <placeholder " @@ -3163,19 +3170,19 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2408 +#: sssd.conf.5.xml:2411 msgid "" "Default: no_check (AD and IPA provider 'check_upn, check_upn_allow_missing, " "check_upn_dns_info_ex')" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2417 +#: sssd.conf.5.xml:2420 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2419 +#: sssd.conf.5.xml:2422 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -3185,66 +3192,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2432 +#: sssd.conf.5.xml:2435 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2436 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:2439 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2443 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:2446 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2446 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:2449 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2451 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:2454 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2454 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:2457 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2463 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:2466 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2466 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:2469 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2439 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:2442 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:2476 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2478 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:2481 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2481 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:2484 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -3252,17 +3259,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2487 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:2490 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2492 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:2495 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2495 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:2498 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -3270,7 +3277,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2501 sssd.conf.5.xml:2533 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:2504 sssd.conf.5.xml:2536 sssd-session-recording.5.xml:129 #: sssd-session-recording.5.xml:161 msgid "" "NOTE: using this option (having it set to anything) has a considerable " @@ -3279,65 +3286,65 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2508 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:2511 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2513 sssd-session-recording.5.xml:141 +#: sssd.conf.5.xml:2516 sssd-session-recording.5.xml:141 #, fuzzy #| msgid "simple_deny_users (string)" msgid "exclude_users (string)" msgstr "simple_deny_users (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2516 sssd-session-recording.5.xml:144 +#: sssd.conf.5.xml:2519 sssd-session-recording.5.xml:144 msgid "" "A comma-separated list of users to be excluded from recording, only " "applicable with 'scope=all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2520 sssd-session-recording.5.xml:148 +#: sssd.conf.5.xml:2523 sssd-session-recording.5.xml:148 #, fuzzy #| msgid "Default: empty, i.e. ldap_uri is used." msgid "Default: Empty. No users excluded." msgstr "Voreinstellung: leer, d.h., dass »ldap_uri« benutzt wird" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2525 sssd-session-recording.5.xml:153 +#: sssd.conf.5.xml:2528 sssd-session-recording.5.xml:153 #, fuzzy #| msgid "simple_deny_groups (string)" msgid "exclude_groups (string)" msgstr "simple_deny_groups (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2528 sssd-session-recording.5.xml:156 +#: sssd.conf.5.xml:2531 sssd-session-recording.5.xml:156 msgid "" "A comma-separated list of groups, members of which should be excluded from " "recording. Only applicable with 'scope=all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2540 sssd-session-recording.5.xml:168 +#: sssd.conf.5.xml:2543 sssd-session-recording.5.xml:168 #, fuzzy #| msgid "Default: empty, i.e. ldap_uri is used." msgid "Default: Empty. No groups excluded." msgstr "Voreinstellung: leer, d.h., dass »ldap_uri« benutzt wird" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:2550 +#: sssd.conf.5.xml:2553 msgid "DOMAIN SECTIONS" msgstr "DOMAIN-ABSCHNITTE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para> -#: sssd.conf.5.xml:2557 sssd.conf.5.xml:4041 sssd.conf.5.xml:4042 -#: sssd.conf.5.xml:4045 +#: sssd.conf.5.xml:2560 sssd.conf.5.xml:4044 sssd.conf.5.xml:4045 +#: sssd.conf.5.xml:4048 msgid "enabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2560 +#: sssd.conf.5.xml:2563 msgid "" "Explicitly enable or disable the domain. If <quote>true</quote>, the domain " "is always <quote>enabled</quote>. If <quote>false</quote>, the domain is " @@ -3347,12 +3354,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2572 +#: sssd.conf.5.xml:2575 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2578 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -3361,14 +3368,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2583 +#: sssd.conf.5.xml:2586 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2587 +#: sssd.conf.5.xml:2590 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -3377,31 +3384,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2595 +#: sssd.conf.5.xml:2598 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2602 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2603 +#: sssd.conf.5.xml:2606 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2609 +#: sssd.conf.5.xml:2612 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2615 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -3410,7 +3417,7 @@ msgstr "" "enthält, der jenseits dieser Beschränkungen liegt, wird er ignoriert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2617 +#: sssd.conf.5.xml:2620 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -3423,7 +3430,7 @@ msgstr "" "werden jene, die im Bereich liegen, wie erwartet gemeldet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2627 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." @@ -3432,17 +3439,17 @@ msgstr "" "den Zwischenspeicher und nicht nur ihre Rückgabe über Name oder ID." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2631 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Voreinstellung: 1 für »min_id«, 0 (keine Beschränkung) für »max_id«" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2637 msgid "enumerate (bool)" msgstr "enumerate (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2637 +#: sssd.conf.5.xml:2640 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -3451,36 +3458,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:2648 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = Benutzer und Gruppen werden aufgezählt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:2651 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = keine Aufzählungen für diese Domain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2651 sssd.conf.5.xml:2942 sssd.conf.5.xml:3119 +#: sssd.conf.5.xml:2654 sssd.conf.5.xml:2945 sssd.conf.5.xml:3122 msgid "Default: FALSE" msgstr "Voreinstellung: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2654 +#: sssd.conf.5.xml:2657 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2659 +#: sssd.conf.5.xml:2662 msgid "" "Feature is only supported for domains with id_provider = ldap or id_provider " "= proxy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2663 +#: sssd.conf.5.xml:2666 msgid "" "Note: Enabling enumeration has a severe performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -3494,7 +3501,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2678 +#: sssd.conf.5.xml:2681 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -3504,7 +3511,7 @@ msgstr "" "Ergebnisse zurück." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2683 +#: sssd.conf.5.xml:2686 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -3519,7 +3526,7 @@ msgstr "" "benutzten »id_provider«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2694 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." @@ -3528,7 +3535,7 @@ msgstr "" "insbesondere in großen Umgebungen, nicht empfohlen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2696 +#: sssd.conf.5.xml:2699 msgid "" "Note: the proxy provider is tested with open source modules like " "'libnss_files' and 'libnss_ldap'. 3rd party modules must follow the " @@ -3536,32 +3543,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2705 +#: sssd.conf.5.xml:2708 msgid "subdomain_enumerate (string)" msgstr "subdomain_enumerate (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2712 +#: sssd.conf.5.xml:2715 msgid "all" msgstr "all" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2716 msgid "All discovered trusted domains will be enumerated" msgstr "Alle entdeckten vertrauenswürdigen Domains werden aufgezählt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2716 +#: sssd.conf.5.xml:2719 msgid "none" msgstr "none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2717 +#: sssd.conf.5.xml:2720 msgid "No discovered trusted domains will be enumerated" msgstr "Keine der entdeckten vertrauenswürdigen Domains wird aufgezählt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2708 +#: sssd.conf.5.xml:2711 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -3575,12 +3582,12 @@ msgstr "" "Domains aktivieren." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2731 +#: sssd.conf.5.xml:2734 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2734 +#: sssd.conf.5.xml:2737 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -3589,7 +3596,7 @@ msgstr "" "soll, bevor das Backend erneut abgefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2738 +#: sssd.conf.5.xml:2741 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -3607,17 +3614,17 @@ msgstr "" "wurden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2751 +#: sssd.conf.5.xml:2754 msgid "Default: 5400" msgstr "Voreinstellung: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2757 +#: sssd.conf.5.xml:2760 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2760 +#: sssd.conf.5.xml:2763 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" @@ -3626,19 +3633,19 @@ msgstr "" "betrachten soll, bevor das Backend erneut abgefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2764 sssd.conf.5.xml:2777 sssd.conf.5.xml:2790 -#: sssd.conf.5.xml:2803 sssd.conf.5.xml:2817 sssd.conf.5.xml:2830 -#: sssd.conf.5.xml:2844 sssd.conf.5.xml:2858 sssd.conf.5.xml:2871 +#: sssd.conf.5.xml:2767 sssd.conf.5.xml:2780 sssd.conf.5.xml:2793 +#: sssd.conf.5.xml:2806 sssd.conf.5.xml:2820 sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2847 sssd.conf.5.xml:2861 sssd.conf.5.xml:2874 msgid "Default: entry_cache_timeout" msgstr "Voreinstellung: entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2773 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2776 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" @@ -3647,12 +3654,12 @@ msgstr "" "betrachten soll, bevor das Backend erneut abgefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2783 +#: sssd.conf.5.xml:2786 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2786 +#: sssd.conf.5.xml:2789 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" @@ -3661,12 +3668,12 @@ msgstr "" "betrachten soll, bevor das Backend erneut abgefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2796 +#: sssd.conf.5.xml:2799 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2799 +#: sssd.conf.5.xml:2802 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" @@ -3675,24 +3682,24 @@ msgstr "" "betrachten soll, bevor das Backend erneut abgefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2812 msgid "entry_cache_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2812 +#: sssd.conf.5.xml:2815 msgid "" "How many seconds should nss_sss consider hosts and networks entries valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:2826 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2826 +#: sssd.conf.5.xml:2829 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" @@ -3701,12 +3708,12 @@ msgstr "" "bevor das Backend erneut abgefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2836 +#: sssd.conf.5.xml:2839 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2839 +#: sssd.conf.5.xml:2842 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" @@ -3716,36 +3723,36 @@ msgstr "" "wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2850 +#: sssd.conf.5.xml:2853 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2853 +#: sssd.conf.5.xml:2856 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2867 msgid "entry_cache_computer_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2867 +#: sssd.conf.5.xml:2870 msgid "" "How many seconds to keep the local computer entry before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2877 +#: sssd.conf.5.xml:2880 msgid "refresh_expired_interval (integer)" msgstr "refresh_expired_interval (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2880 +#: sssd.conf.5.xml:2883 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." @@ -3755,7 +3762,7 @@ msgstr "" "abgelaufenen oder beinahe abgelaufenen Daten aktualisiert werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2885 +#: sssd.conf.5.xml:2888 msgid "" "The background refresh will process users, groups and netgroups in the " "cache. For users who have performed the initgroups (get group membership for " @@ -3764,19 +3771,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2893 +#: sssd.conf.5.xml:2896 msgid "This option is automatically inherited for all trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2897 +#: sssd.conf.5.xml:2900 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" "Sie können in Betracht ziehen, diesen Wert auf 3/4 * entry_cache_timeout zu " "setzen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2901 +#: sssd.conf.5.xml:2904 msgid "" "Cache entry will be refreshed by background task when 2/3 of cache timeout " "has already passed. If there are existing cached entries, the background " @@ -3788,18 +3795,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2914 sssd-ldap.5.xml:361 sssd-ldap.5.xml:1774 +#: sssd.conf.5.xml:2917 sssd-ldap.5.xml:372 sssd-ldap.5.xml:1785 #: sssd-ipa.5.xml:270 msgid "Default: 0 (disabled)" msgstr "Voreinstellung: 0 (deaktiviert)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2920 +#: sssd.conf.5.xml:2923 msgid "cache_credentials (bool)" msgstr "cache_credentials (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:2926 msgid "" "Determines if user credentials are also cached in the local LDB cache. The " "cached credentials refer to passwords, which includes the first (long term) " @@ -3810,7 +3817,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2934 +#: sssd.conf.5.xml:2937 msgid "" "Take a note that while credentials are stored as a salted SHA512 hash, this " "still potentially poses some security risk in case an attacker manages to " @@ -3819,12 +3826,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:2951 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2951 +#: sssd.conf.5.xml:2954 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -3836,19 +3843,19 @@ msgstr "" "gespeichert zu werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2958 +#: sssd.conf.5.xml:2961 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:2972 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:2975 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -3861,17 +3868,17 @@ msgstr "" "Parameters muss größer oder gleich »offline_credentials_expiration« sein." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2979 +#: sssd.conf.5.xml:2982 msgid "Default: 0 (unlimited)" msgstr "Voreinstellung: 0 (unbegrenzt)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:2987 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2995 +#: sssd.conf.5.xml:2998 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -3884,17 +3891,17 @@ msgstr "" "Authentifizierungsanbieter konfiguriert werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3002 +#: sssd.conf.5.xml:3005 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "Voreinstellung: 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3008 +#: sssd.conf.5.xml:3011 msgid "id_provider (string)" msgstr "id_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3011 +#: sssd.conf.5.xml:3014 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" @@ -3902,12 +3909,12 @@ msgstr "" "werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3015 +#: sssd.conf.5.xml:3018 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3018 +#: sssd.conf.5.xml:3021 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3915,7 +3922,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3026 +#: sssd.conf.5.xml:3029 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3926,8 +3933,8 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3034 sssd.conf.5.xml:3145 sssd.conf.5.xml:3196 -#: sssd.conf.5.xml:3259 +#: sssd.conf.5.xml:3037 sssd.conf.5.xml:3148 sssd.conf.5.xml:3199 +#: sssd.conf.5.xml:3262 #, fuzzy #| msgid "" #| "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " @@ -3945,8 +3952,8 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3043 sssd.conf.5.xml:3154 sssd.conf.5.xml:3205 -#: sssd.conf.5.xml:3268 +#: sssd.conf.5.xml:3046 sssd.conf.5.xml:3157 sssd.conf.5.xml:3208 +#: sssd.conf.5.xml:3271 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3958,12 +3965,12 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3054 +#: sssd.conf.5.xml:3057 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3057 +#: sssd.conf.5.xml:3060 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." @@ -3973,7 +3980,7 @@ msgstr "" "Benutzers, der an NSS gemeldet wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3062 +#: sssd.conf.5.xml:3065 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -3987,7 +3994,7 @@ msgstr "" "test@LOCAL</command> würde ihn hingegen finden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3070 +#: sssd.conf.5.xml:3073 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -3999,24 +4006,24 @@ msgstr "" "nicht voll qualifizierter Name angefragt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3077 +#: sssd.conf.5.xml:3080 msgid "" "Default: FALSE (TRUE for trusted domain/sub-domains or if " "default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3084 +#: sssd.conf.5.xml:3087 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3087 +#: sssd.conf.5.xml:3090 msgid "Do not return group members for group lookups." msgstr "gibt beim Nachschlagen der Gruppe nicht die Gruppenmitglieder zurück." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3090 +#: sssd.conf.5.xml:3093 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -4028,7 +4035,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3111 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -4036,23 +4043,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3114 sssd.conf.5.xml:3835 sssd-ldap.5.xml:327 -#: sssd-ldap.5.xml:356 sssd-ldap.5.xml:409 sssd-ldap.5.xml:469 -#: sssd-ldap.5.xml:490 sssd-ldap.5.xml:521 sssd-ldap.5.xml:544 -#: sssd-ldap.5.xml:583 sssd-ldap.5.xml:602 sssd-ldap.5.xml:626 -#: sssd-ldap.5.xml:1054 sssd-ldap.5.xml:1087 +#: sssd.conf.5.xml:3117 sssd.conf.5.xml:3838 sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:367 sssd-ldap.5.xml:420 sssd-ldap.5.xml:480 +#: sssd-ldap.5.xml:501 sssd-ldap.5.xml:532 sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:594 sssd-ldap.5.xml:613 sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:1065 sssd-ldap.5.xml:1098 msgid "" "This option can be also set per subdomain or inherited via " "<emphasis>subdomain_inherit</emphasis>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3124 +#: sssd.conf.5.xml:3127 msgid "auth_provider (string)" msgstr "auth_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3127 +#: sssd.conf.5.xml:3130 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -4061,7 +4068,7 @@ msgstr "" "Authentifizierungsanbieter werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3131 sssd.conf.5.xml:3189 +#: sssd.conf.5.xml:3134 sssd.conf.5.xml:3192 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4072,7 +4079,7 @@ msgstr "" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3138 +#: sssd.conf.5.xml:3141 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4084,19 +4091,19 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3162 +#: sssd.conf.5.xml:3165 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" "»proxy« zur Weitergabe der Authentifizierung an irgendein anderes PAM-Ziel" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3168 msgid "<quote>none</quote> disables authentication explicitly." msgstr "»none« deaktiviert explizit die Authentifizierung." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3168 +#: sssd.conf.5.xml:3171 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -4105,12 +4112,12 @@ msgstr "" "mit Authentifizierungsanfragen umgehen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3174 +#: sssd.conf.5.xml:3177 msgid "access_provider (string)" msgstr "access_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3177 +#: sssd.conf.5.xml:3180 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -4121,7 +4128,7 @@ msgstr "" "Backends enthalten sind). Interne Spezialanbieter sind:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3183 +#: sssd.conf.5.xml:3186 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." @@ -4130,12 +4137,12 @@ msgstr "" "für eine lokale Domain." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3186 +#: sssd.conf.5.xml:3189 msgid "<quote>deny</quote> always deny access." msgstr "»deny« verweigert dem Zugriff immer." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3213 +#: sssd.conf.5.xml:3216 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -4148,7 +4155,7 @@ msgstr "" "simple</refentrytitle> <manvolnum>5</manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3223 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -4156,22 +4163,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3227 +#: sssd.conf.5.xml:3230 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3230 +#: sssd.conf.5.xml:3233 msgid "Default: <quote>permit</quote>" msgstr "Voreinstellung: »permit«" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3235 +#: sssd.conf.5.xml:3238 msgid "chpass_provider (string)" msgstr "chpass_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3238 +#: sssd.conf.5.xml:3241 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -4180,7 +4187,7 @@ msgstr "" "Folgende Anbieter von Passwortänderungen werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3243 +#: sssd.conf.5.xml:3246 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -4188,7 +4195,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3251 +#: sssd.conf.5.xml:3254 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4200,19 +4207,19 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3276 +#: sssd.conf.5.xml:3279 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" "»proxy« zur Weitergabe der Passwortänderung an irgendein anderes PAM-Ziel" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3280 +#: sssd.conf.5.xml:3283 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "»none« verbietet explizit Passwortänderungen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3283 +#: sssd.conf.5.xml:3286 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -4221,19 +4228,19 @@ msgstr "" "kann mit Passwortänderungsanfragen umgehen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3290 +#: sssd.conf.5.xml:3293 msgid "sudo_provider (string)" msgstr "sudo_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3293 +#: sssd.conf.5.xml:3296 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" "der für diese Domain benutzte Sudo-Anbieter. Folgende Sudo-Anbieter werden " "unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3297 +#: sssd.conf.5.xml:3300 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4244,7 +4251,7 @@ msgstr "" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3305 +#: sssd.conf.5.xml:3308 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." @@ -4253,7 +4260,7 @@ msgstr "" "Vorgabeeinstellungen für IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3309 +#: sssd.conf.5.xml:3312 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." @@ -4262,19 +4269,19 @@ msgstr "" "Vorgabeeinstellungen für AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3313 +#: sssd.conf.5.xml:3316 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "»none« deaktiviert explizit Sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3316 sssd.conf.5.xml:3402 sssd.conf.5.xml:3467 -#: sssd.conf.5.xml:3492 sssd.conf.5.xml:3528 +#: sssd.conf.5.xml:3319 sssd.conf.5.xml:3405 sssd.conf.5.xml:3470 +#: sssd.conf.5.xml:3495 sssd.conf.5.xml:3531 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" "Voreinstellung: Falls gesetzt, wird der Wert von »id_provider« benutzt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3320 +#: sssd.conf.5.xml:3323 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -4291,7 +4298,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3335 +#: sssd.conf.5.xml:3338 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -4300,12 +4307,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3345 +#: sssd.conf.5.xml:3348 msgid "selinux_provider (string)" msgstr "selinux_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3348 +#: sssd.conf.5.xml:3351 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -4316,7 +4323,7 @@ msgstr "" "Zugriffsanbieter beendet hat. Folgende SELinux-Anbieter werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3354 +#: sssd.conf.5.xml:3357 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -4328,12 +4335,12 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3362 +#: sssd.conf.5.xml:3365 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "»none« verbietet explizit das Abholen von SELinux-Einstellungen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3365 +#: sssd.conf.5.xml:3368 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." @@ -4342,12 +4349,12 @@ msgstr "" "kann SELinux-Ladeanfragen handhaben." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3371 +#: sssd.conf.5.xml:3374 msgid "subdomains_provider (string)" msgstr "subdomains_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3374 +#: sssd.conf.5.xml:3377 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" @@ -4357,7 +4364,7 @@ msgstr "" "werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3380 +#: sssd.conf.5.xml:3383 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -4369,7 +4376,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3389 +#: sssd.conf.5.xml:3392 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -4378,17 +4385,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3398 +#: sssd.conf.5.xml:3401 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "»none« deaktiviert explizit das Abholen von Subdomains." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3408 +#: sssd.conf.5.xml:3411 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3411 +#: sssd.conf.5.xml:3414 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -4396,30 +4403,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3418 +#: sssd.conf.5.xml:3421 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3422 +#: sssd.conf.5.xml:3425 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3426 +#: sssd.conf.5.xml:3429 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3433 +#: sssd.conf.5.xml:3436 msgid "autofs_provider (string)" msgstr "autofs_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3436 +#: sssd.conf.5.xml:3439 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" @@ -4427,7 +4434,7 @@ msgstr "" "»autofs« werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3440 +#: sssd.conf.5.xml:3443 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4439,7 +4446,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3447 +#: sssd.conf.5.xml:3450 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4451,7 +4458,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3455 +#: sssd.conf.5.xml:3458 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4459,17 +4466,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3464 +#: sssd.conf.5.xml:3467 msgid "<quote>none</quote> disables autofs explicitly." msgstr "»none« deaktiviert explizit »autofs«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3474 +#: sssd.conf.5.xml:3477 msgid "hostid_provider (string)" msgstr "hostid_provider (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3477 +#: sssd.conf.5.xml:3480 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" @@ -4478,7 +4485,7 @@ msgstr "" "wird. Folgende Anbieter von »hostid« werden unterstützt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3481 +#: sssd.conf.5.xml:3484 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -4490,31 +4497,31 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3492 msgid "<quote>none</quote> disables hostid explicitly." msgstr "»none« deaktiviert explizit »hostid«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3499 +#: sssd.conf.5.xml:3502 msgid "resolver_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3502 +#: sssd.conf.5.xml:3505 msgid "" "The provider which should handle hosts and networks lookups. Supported " "resolver providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3506 +#: sssd.conf.5.xml:3509 msgid "" "<quote>proxy</quote> to forward lookups to another NSS library. See " "<quote>proxy_resolver_lib_name</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3510 +#: sssd.conf.5.xml:3513 msgid "" "<quote>ldap</quote> to fetch hosts and networks stored in LDAP. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -4522,7 +4529,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3517 +#: sssd.conf.5.xml:3520 msgid "" "<quote>ad</quote> to fetch hosts and networks stored in AD. See " "<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" @@ -4531,12 +4538,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3525 +#: sssd.conf.5.xml:3528 msgid "<quote>none</quote> disallows fetching hosts and networks explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3538 +#: sssd.conf.5.xml:3541 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -4551,7 +4558,7 @@ msgstr "" "(NetBIOS-) Namen der Domain entsprechen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3547 +#: sssd.conf.5.xml:3550 #, fuzzy #| msgid "" #| "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" @@ -4567,17 +4574,17 @@ msgstr "" "P<Name>[^@\\\\]+)$))« " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3552 sssd.conf.5.xml:3566 +#: sssd.conf.5.xml:3555 sssd.conf.5.xml:3569 msgid "username" msgstr "Benutzername" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3555 sssd.conf.5.xml:3569 +#: sssd.conf.5.xml:3558 sssd.conf.5.xml:3572 msgid "username@domain.name" msgstr "Benutzername@Domain.Name" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3560 +#: sssd.conf.5.xml:3563 #, fuzzy #| msgid "" #| "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" @@ -4595,12 +4602,12 @@ msgstr "" "P<Name>[^@\\\\]+)$))« " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3572 +#: sssd.conf.5.xml:3575 msgid "domain\\username" msgstr "Domain\\Benutzername" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3575 +#: sssd.conf.5.xml:3578 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." @@ -4610,7 +4617,7 @@ msgstr "" "Windows-Domains zu ermöglichen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3580 +#: sssd.conf.5.xml:3583 msgid "" "The default re_expression uses the <quote>@</quote> character as a separator " "between the name and the domain. As a result of this setting the default " @@ -4620,17 +4627,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3632 +#: sssd.conf.5.xml:3635 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Voreinstellung: »%1$s@%2$s«" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3638 +#: sssd.conf.5.xml:3641 msgid "lookup_family_order (string)" msgstr "lookup_family_order (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3641 +#: sssd.conf.5.xml:3644 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -4638,80 +4645,80 @@ msgstr "" "ermöglicht es, die bei DNS-Abfragen zu bevorzugende Adressfamilie zu wählen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3645 +#: sssd.conf.5.xml:3648 msgid "Supported values:" msgstr "unterstützte Werte:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3648 +#: sssd.conf.5.xml:3651 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" "ipv4_first: versucht die IPv4- und, falls dies fehlschlägt, die IPv6-Adresse " "nachzuschlagen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3651 +#: sssd.conf.5.xml:3654 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "ipv4_only: versucht, nur Rechnernamen zu IPv4-Adressen aufzulösen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3654 +#: sssd.conf.5.xml:3657 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" "ipv6_first: versucht die IPv6- und, falls dies fehlschlägt, die IPv4-Adresse " "nachzuschlagen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3657 +#: sssd.conf.5.xml:3660 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "ipv6_only: versucht, nur Rechnernamen zu IPv6-Adressen aufzulösen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3660 +#: sssd.conf.5.xml:3663 msgid "Default: ipv4_first" msgstr "Voreinstellung: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3666 +#: sssd.conf.5.xml:3669 #, fuzzy #| msgid "dns_resolver_timeout (integer)" msgid "dns_resolver_server_timeout (integer)" msgstr "dns_resolver_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3669 +#: sssd.conf.5.xml:3672 msgid "" "Defines the amount of time (in milliseconds) SSSD would try to talk to DNS " "server before trying next DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3674 +#: sssd.conf.5.xml:3677 msgid "" "The AD provider will use this option for the CLDAP ping timeouts as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3678 sssd.conf.5.xml:3698 sssd.conf.5.xml:3719 +#: sssd.conf.5.xml:3681 sssd.conf.5.xml:3701 sssd.conf.5.xml:3722 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3683 sssd-ldap.5.xml:645 include/failover.xml:84 +#: sssd.conf.5.xml:3686 sssd-ldap.5.xml:656 include/failover.xml:84 msgid "Default: 1000" msgstr "Voreinstellung: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3689 +#: sssd.conf.5.xml:3692 #, fuzzy #| msgid "dns_resolver_timeout (integer)" msgid "dns_resolver_op_timeout (integer)" msgstr "dns_resolver_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3692 +#: sssd.conf.5.xml:3695 msgid "" "Defines the amount of time (in seconds) to wait to resolve single DNS query " "(e.g. resolution of a hostname or an SRV record) before trying the next " @@ -4719,17 +4726,17 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3703 include/failover.xml:100 +#: sssd.conf.5.xml:3706 include/failover.xml:100 msgid "Default: 3" msgstr "Voreinstellung: 3" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3709 +#: sssd.conf.5.xml:3712 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3712 +#: sssd.conf.5.xml:3715 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -4738,14 +4745,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3730 +#: sssd.conf.5.xml:3733 #, fuzzy #| msgid "dns_resolver_timeout (integer)" msgid "dns_resolver_use_search_list (bool)" msgstr "dns_resolver_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3733 +#: sssd.conf.5.xml:3736 msgid "" "Normally, the DNS resolver searches the domain list defined in the " "\"search\" directive from the resolv.conf file. This can lead to delays in " @@ -4753,7 +4760,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3739 +#: sssd.conf.5.xml:3742 msgid "" "If fully qualified domain names (or _srv_) are used in the SSSD " "configuration, setting this option to FALSE can prevent unnecessary DNS " @@ -4761,17 +4768,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3745 +#: sssd.conf.5.xml:3748 msgid "Default: TRUE" msgstr "Voreinstellung: TRUE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3751 +#: sssd.conf.5.xml:3754 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3754 +#: sssd.conf.5.xml:3757 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -4780,19 +4787,19 @@ msgstr "" "DNS-Dienstabfrage an." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3758 +#: sssd.conf.5.xml:3761 msgid "Default: Use the domain part of machine's hostname" msgstr "Voreinstellung: Der Domain-Teil des Rechnernamens wird benutzt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3764 +#: sssd.conf.5.xml:3767 #, fuzzy #| msgid "pam_id_timeout (integer)" msgid "failover_primary_timeout (integer)" msgstr "pam_id_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3767 +#: sssd.conf.5.xml:3770 msgid "" "When no primary server is available, SSSD fails over to a backup server. " "This option defines the number of seconds SSSD waits before attempting to " @@ -4800,59 +4807,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3774 +#: sssd.conf.5.xml:3777 msgid "Note: The minimum value is 31." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3777 +#: sssd.conf.5.xml:3780 #, fuzzy #| msgid "Default: 3" msgid "Default: 31" msgstr "Voreinstellung: 3" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3783 +#: sssd.conf.5.xml:3786 msgid "override_gid (integer)" msgstr "override_gid (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3786 +#: sssd.conf.5.xml:3789 msgid "Override the primary GID value with the one specified." msgstr "überschreibt die Haupt-GID mit der angegebenen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3792 +#: sssd.conf.5.xml:3795 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3799 +#: sssd.conf.5.xml:3802 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3802 +#: sssd.conf.5.xml:3805 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3808 +#: sssd.conf.5.xml:3811 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3810 +#: sssd.conf.5.xml:3813 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3814 +#: sssd.conf.5.xml:3817 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3817 +#: sssd.conf.5.xml:3820 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -4860,14 +4867,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3825 +#: sssd.conf.5.xml:3828 msgid "" "If you want to set this value for trusted domain with IPA provider, you need " "to set it on both the client and SSSD on the server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3795 +#: sssd.conf.5.xml:3798 #, fuzzy #| msgid "" #| "The following expansions are supported: <placeholder " @@ -4880,17 +4887,17 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3840 +#: sssd.conf.5.xml:3843 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3846 +#: sssd.conf.5.xml:3849 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3849 +#: sssd.conf.5.xml:3852 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -4898,128 +4905,128 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3855 +#: sssd.conf.5.xml:3858 #, fuzzy #| msgid "ldap_search_timeout (integer)" msgid "ldap_search_timeout" msgstr "ldap_search_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3858 +#: sssd.conf.5.xml:3861 #, fuzzy #| msgid "ldap_network_timeout (integer)" msgid "ldap_network_timeout" msgstr "ldap_network_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3861 +#: sssd.conf.5.xml:3864 #, fuzzy #| msgid "ldap_opt_timeout (integer)" msgid "ldap_opt_timeout" msgstr "ldap_opt_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3864 +#: sssd.conf.5.xml:3867 #, fuzzy #| msgid "ldap_connection_expire_timeout (integer)" msgid "ldap_offline_timeout" msgstr "ldap_connection_expire_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3867 +#: sssd.conf.5.xml:3870 #, fuzzy #| msgid "ldap_enumeration_refresh_timeout (integer)" msgid "ldap_enumeration_refresh_timeout" msgstr "ldap_enumeration_refresh_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3870 +#: sssd.conf.5.xml:3873 #, fuzzy #| msgid "ldap_enumeration_refresh_timeout (integer)" msgid "ldap_enumeration_refresh_offset" msgstr "ldap_enumeration_refresh_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3873 +#: sssd.conf.5.xml:3876 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3876 +#: sssd.conf.5.xml:3879 #, fuzzy #| msgid "ldap_purge_cache_timeout (integer)" msgid "ldap_purge_cache_offset" msgstr "ldap_purge_cache_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3879 +#: sssd.conf.5.xml:3882 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3883 +#: sssd.conf.5.xml:3886 #, fuzzy #| msgid "ldap_krb5_ticket_lifetime (integer)" msgid "ldap_krb5_ticket_lifetime" msgstr "ldap_krb5_ticket_lifetime (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3886 +#: sssd.conf.5.xml:3889 #, fuzzy #| msgid "ldap_enumeration_search_timeout (integer)" msgid "ldap_enumeration_search_timeout" msgstr "ldap_enumeration_search_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3889 +#: sssd.conf.5.xml:3892 #, fuzzy #| msgid "ldap_connection_expire_timeout (integer)" msgid "ldap_connection_expire_timeout" msgstr "ldap_connection_expire_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3892 +#: sssd.conf.5.xml:3895 #, fuzzy #| msgid "ldap_connection_expire_timeout (integer)" msgid "ldap_connection_expire_offset" msgstr "ldap_connection_expire_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3895 +#: sssd.conf.5.xml:3898 #, fuzzy #| msgid "ldap_connection_expire_timeout (integer)" msgid "ldap_connection_idle_timeout" msgstr "ldap_connection_expire_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3898 sssd-ldap.5.xml:401 +#: sssd.conf.5.xml:3901 sssd-ldap.5.xml:412 msgid "ldap_use_tokengroups" msgstr "ldap_use_tokengroups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3901 +#: sssd.conf.5.xml:3904 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3904 +#: sssd.conf.5.xml:3907 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3907 +#: sssd.conf.5.xml:3910 msgid "auto_private_groups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3910 +#: sssd.conf.5.xml:3913 msgid "case_sensitive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3915 +#: sssd.conf.5.xml:3918 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -5027,27 +5034,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3922 +#: sssd.conf.5.xml:3925 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3929 +#: sssd.conf.5.xml:3932 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3940 +#: sssd.conf.5.xml:3943 msgid "%F" msgstr "%F" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3941 +#: sssd.conf.5.xml:3944 msgid "flat (NetBIOS) name of a subdomain." msgstr "flacher (NetBIOS-) Name einer Subdomain" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3932 +#: sssd.conf.5.xml:3935 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -5062,7 +5069,7 @@ msgstr "" "verwendet werden. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3946 +#: sssd.conf.5.xml:3949 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" @@ -5070,17 +5077,17 @@ msgstr "" "überschrieben werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3950 +#: sssd.conf.5.xml:3953 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "Voreinstellung: <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3955 +#: sssd.conf.5.xml:3958 msgid "realmd_tags (string)" msgstr "realmd_tags (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3958 +#: sssd.conf.5.xml:3961 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" @@ -5088,12 +5095,12 @@ msgstr "" "Kennzeichnungen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3964 +#: sssd.conf.5.xml:3967 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3967 +#: sssd.conf.5.xml:3970 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -5102,19 +5109,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3975 +#: sssd.conf.5.xml:3978 msgid "" "This option's value is inherited by all trusted domains. At the moment it is " "not possible to set a different value per trusted domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3980 +#: sssd.conf.5.xml:3983 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3984 +#: sssd.conf.5.xml:3987 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -5122,14 +5129,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3995 +#: sssd.conf.5.xml:3998 #, fuzzy #| msgid "ldap_pwd_policy (string)" msgid "local_auth_policy (string)" msgstr "ldap_pwd_policy (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3998 +#: sssd.conf.5.xml:4001 msgid "" "Local authentication methods policy. Some backends (i.e. LDAP, proxy " "provider) only support a password based authentication, while others can " @@ -5141,7 +5148,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4010 +#: sssd.conf.5.xml:4013 msgid "" "There are three possible values for this option: match, only, enable. " "<quote>match</quote> is used to match offline and online states for Kerberos " @@ -5153,7 +5160,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4023 +#: sssd.conf.5.xml:4026 msgid "" "The following table shows which authentication methods, if configured " "properly, are currently enabled or disabled for each backend, with the " @@ -5161,44 +5168,44 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4036 +#: sssd.conf.5.xml:4039 #, fuzzy #| msgid "ldap_pwd_policy (string)" msgid "local_auth_policy = match (default)" msgstr "ldap_pwd_policy (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4037 +#: sssd.conf.5.xml:4040 msgid "Passkey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4038 +#: sssd.conf.5.xml:4041 msgid "Smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4041 sssd-ldap.5.xml:189 +#: sssd.conf.5.xml:4044 sssd-ldap.5.xml:189 msgid "IPA" msgstr "IPA" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4044 sssd-ldap.5.xml:194 +#: sssd.conf.5.xml:4047 sssd-ldap.5.xml:194 msgid "AD" msgstr "AD" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para> -#: sssd.conf.5.xml:4044 sssd.conf.5.xml:4047 sssd.conf.5.xml:4048 +#: sssd.conf.5.xml:4047 sssd.conf.5.xml:4050 sssd.conf.5.xml:4051 msgid "disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry> -#: sssd.conf.5.xml:4047 +#: sssd.conf.5.xml:4050 msgid "LDAP" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4052 +#: sssd.conf.5.xml:4055 msgid "" "Please note that if local Smartcard authentication is enabled and a " "Smartcard is present, Smartcard authentication will be preferred over the " @@ -5207,7 +5214,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4064 +#: sssd.conf.5.xml:4067 #, no-wrap msgid "" "[domain/shadowutils]\n" @@ -5218,7 +5225,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4060 +#: sssd.conf.5.xml:4063 msgid "" "The following configuration example allows local users to authenticate " "locally using any enabled method (i.e. smartcard, passkey). <placeholder " @@ -5226,38 +5233,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4072 +#: sssd.conf.5.xml:4075 msgid "" "It is expected that the <quote>files</quote> provider ignores the " "local_auth_policy option and supports Smartcard authentication by default." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4077 +#: sssd.conf.5.xml:4080 #, fuzzy #| msgid "Default: cn" msgid "Default: match" msgstr "Voreinstellung: cn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4082 +#: sssd.conf.5.xml:4085 msgid "auto_private_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4088 +#: sssd.conf.5.xml:4091 msgid "true" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4091 +#: sssd.conf.5.xml:4094 msgid "" "Create user's private group unconditionally from user's UID number. The GID " "number is ignored in this case." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4095 +#: sssd.conf.5.xml:4098 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -5266,24 +5273,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4104 +#: sssd.conf.5.xml:4107 msgid "false" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4107 +#: sssd.conf.5.xml:4110 msgid "" "Always use the user's primary GID number. The GID number must refer to a " "group object in the LDAP database." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4113 +#: sssd.conf.5.xml:4116 msgid "hybrid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4116 +#: sssd.conf.5.xml:4119 msgid "" "A primary group is autogenerated for user entries whose UID and GID numbers " "have the same value and at the same time the GID number does not correspond " @@ -5293,14 +5300,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4129 +#: sssd.conf.5.xml:4132 msgid "" "If the UID and GID of a user are different, then the GID must correspond to " "a group entry, otherwise the GID is simply not resolvable." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4136 +#: sssd.conf.5.xml:4139 msgid "" "This feature is useful for environments that wish to stop maintaining a " "separate group objects for the user private groups, but also wish to retain " @@ -5308,21 +5315,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4085 +#: sssd.conf.5.xml:4088 msgid "" "This option takes any of three available values: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4148 +#: sssd.conf.5.xml:4151 msgid "" "For subdomains, the default value is False for subdomains that use assigned " "POSIX IDs and True for subdomains that use automatic ID-mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4156 +#: sssd.conf.5.xml:4159 #, no-wrap msgid "" "[domain/forest.domain/sub.domain]\n" @@ -5330,7 +5337,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4162 +#: sssd.conf.5.xml:4165 #, no-wrap msgid "" "[domain/forest.domain]\n" @@ -5339,7 +5346,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4153 +#: sssd.conf.5.xml:4156 msgid "" "The value of auto_private_groups can either be set per subdomains in a " "subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " @@ -5348,7 +5355,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2552 +#: sssd.conf.5.xml:2555 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -5360,17 +5367,17 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4177 +#: sssd.conf.5.xml:4180 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4180 +#: sssd.conf.5.xml:4183 msgid "The proxy target PAM proxies to." msgstr "das Proxy-Ziel, an das PAM weiterleitet" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4183 +#: sssd.conf.5.xml:4186 #, fuzzy #| msgid "" #| "Default: not set by default, you have to take an existing pam " @@ -5385,12 +5392,12 @@ msgstr "" "hinzufügen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4193 +#: sssd.conf.5.xml:4196 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4196 +#: sssd.conf.5.xml:4199 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -5401,12 +5408,12 @@ msgstr "" "»_nss_$(libName)_$(function)«, zum Beispiel »_nss_files_getpwent«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4206 +#: sssd.conf.5.xml:4209 msgid "proxy_resolver_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4209 +#: sssd.conf.5.xml:4212 msgid "" "The name of the NSS library to use for hosts and networks lookups in proxy " "domains. The NSS functions searched for in the library are in the form of " @@ -5414,12 +5421,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4220 +#: sssd.conf.5.xml:4223 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4223 +#: sssd.conf.5.xml:4226 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -5433,12 +5440,12 @@ msgstr "" "veranlassen, die ID im Zwischenspeicher nachzuschlagen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4237 +#: sssd.conf.5.xml:4240 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4240 +#: sssd.conf.5.xml:4243 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -5446,7 +5453,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4173 +#: sssd.conf.5.xml:4176 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -5455,12 +5462,12 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:4256 +#: sssd.conf.5.xml:4259 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4258 +#: sssd.conf.5.xml:4261 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -5477,7 +5484,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4278 +#: sssd.conf.5.xml:4281 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -5485,17 +5492,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:4284 +#: sssd.conf.5.xml:4287 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4286 +#: sssd.conf.5.xml:4289 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4289 +#: sssd.conf.5.xml:4292 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -5504,7 +5511,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4303 +#: sssd.conf.5.xml:4306 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -5514,7 +5521,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:4311 +#: sssd.conf.5.xml:4314 #, no-wrap msgid "" "[sssd]\n" @@ -5534,12 +5541,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4331 +#: sssd.conf.5.xml:4334 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4333 +#: sssd.conf.5.xml:4336 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -5550,69 +5557,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4340 +#: sssd.conf.5.xml:4343 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4341 +#: sssd.conf.5.xml:4344 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4342 +#: sssd.conf.5.xml:4345 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4343 +#: sssd.conf.5.xml:4346 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4344 +#: sssd.conf.5.xml:4347 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4345 +#: sssd.conf.5.xml:4348 msgid "ldap_sasl_mech," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4346 +#: sssd.conf.5.xml:4349 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4347 +#: sssd.conf.5.xml:4350 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4348 +#: sssd.conf.5.xml:4351 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4349 sssd-ipa.5.xml:884 +#: sssd.conf.5.xml:4352 sssd-ipa.5.xml:948 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4353 +#: sssd.conf.5.xml:4356 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4359 +#: sssd.conf.5.xml:4362 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4361 +#: sssd.conf.5.xml:4364 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -5625,7 +5632,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4375 +#: sssd.conf.5.xml:4378 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -5633,7 +5640,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4384 +#: sssd.conf.5.xml:4387 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -5642,55 +5649,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4391 +#: sssd.conf.5.xml:4394 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4394 +#: sssd.conf.5.xml:4397 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4398 +#: sssd.conf.5.xml:4401 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4405 +#: sssd.conf.5.xml:4408 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4408 +#: sssd.conf.5.xml:4411 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4414 +#: sssd.conf.5.xml:4417 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4420 +#: sssd.conf.5.xml:4423 msgid "" -"The RULE_NAME for the <quote>files</quote> provider which tries to find a " -"user with the same name." +"If maprule is not set and provider is <quote>proxy</quote><phrase " +"condition=\"with_files_provider\">  or <quote>files</quote></phrase>, " +"the RULE_NAME name is assumed to be the name of the matching user." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4429 +#: sssd.conf.5.xml:4434 msgid "domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4432 +#: sssd.conf.5.xml:4437 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -5699,17 +5707,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4439 +#: sssd.conf.5.xml:4444 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4444 +#: sssd.conf.5.xml:4449 msgid "priority (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4447 +#: sssd.conf.5.xml:4452 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -5717,26 +5725,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4453 +#: sssd.conf.5.xml:4458 msgid "Default: the lowest priority" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4459 +#: sssd.conf.5.xml:4464 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4465 +#: sssd.conf.5.xml:4470 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4471 +#: sssd.conf.5.xml:4476 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -5745,17 +5753,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4480 +#: sssd.conf.5.xml:4485 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4488 +#: sssd.conf.5.xml:4493 msgid "PROMPTING CONFIGURATION SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4490 +#: sssd.conf.5.xml:4495 msgid "" "If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" "filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " @@ -5765,7 +5773,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4498 +#: sssd.conf.5.xml:4503 msgid "" "With the growing number of authentication methods and the possibility that " "there are multiple ones for a single user the heuristic used by pam_sss to " @@ -5774,59 +5782,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4510 +#: sssd.conf.5.xml:4515 msgid "[prompting/password]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4513 +#: sssd.conf.5.xml:4518 msgid "password_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4514 +#: sssd.conf.5.xml:4519 msgid "to change the string of the password prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4512 +#: sssd.conf.5.xml:4517 msgid "" "to configure password prompting, allowed options are: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4522 +#: sssd.conf.5.xml:4527 msgid "[prompting/2fa]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4526 +#: sssd.conf.5.xml:4531 msgid "first_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4527 +#: sssd.conf.5.xml:4532 msgid "to change the string of the prompt for the first factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4530 +#: sssd.conf.5.xml:4535 msgid "second_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4531 +#: sssd.conf.5.xml:4536 msgid "to change the string of the prompt for the second factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4534 +#: sssd.conf.5.xml:4539 msgid "single_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4535 +#: sssd.conf.5.xml:4540 msgid "" "boolean value, if True there will be only a single prompt using the value of " "first_prompt where it is expected that both factors are entered as a single " @@ -5835,7 +5843,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4524 +#: sssd.conf.5.xml:4529 msgid "" "to configure two-factor authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/> If the second factor is " @@ -5844,7 +5852,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4548 +#: sssd.conf.5.xml:4553 msgid "" "Some clients, such as SSH with 'PasswordAuthentication yes', generate their " "own prompts and do not use prompts provided by SSSD or other PAM modules. " @@ -5855,17 +5863,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4563 +#: sssd.conf.5.xml:4568 msgid "[prompting/passkey]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4569 sssd-ad.5.xml:1022 +#: sssd.conf.5.xml:4574 sssd-ad.5.xml:1022 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4571 +#: sssd.conf.5.xml:4576 msgid "" "boolean value, if True prompt a message and wait before testing the presence " "of a passkey device. Recommended if your device doesn’t have a tactile " @@ -5873,39 +5881,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4579 +#: sssd.conf.5.xml:4584 msgid "interactive_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4581 +#: sssd.conf.5.xml:4586 msgid "to change the message of the interactive prompt." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4586 +#: sssd.conf.5.xml:4591 msgid "touch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4588 +#: sssd.conf.5.xml:4593 msgid "" "boolean value, if True prompt a message to remind the user to touch the " "device." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4594 +#: sssd.conf.5.xml:4599 msgid "touch_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4596 +#: sssd.conf.5.xml:4601 msgid "to change the message of the touch prompt." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4565 +#: sssd.conf.5.xml:4570 #, fuzzy #| msgid "" #| "The following expansions are supported: <placeholder " @@ -5918,7 +5926,7 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4505 +#: sssd.conf.5.xml:4510 msgid "" "Each supported authentication method has its own configuration subsection " "under <quote>[prompting/...]</quote>. Currently there are: <placeholder " @@ -5927,7 +5935,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4607 +#: sssd.conf.5.xml:4612 msgid "" "It is possible to add a subsection for specific PAM services, e.g. " "<quote>[prompting/password/sshd]</quote> to individual change the prompting " @@ -5935,12 +5943,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4614 pam_sss_gss.8.xml:157 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:4619 pam_sss_gss.8.xml:157 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4620 +#: sssd.conf.5.xml:4625 #, fuzzy, no-wrap #| msgid "" #| "[sssd]\n" @@ -6018,7 +6026,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4616 +#: sssd.conf.5.xml:4621 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -6027,7 +6035,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4652 +#: sssd.conf.5.xml:4657 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -6035,7 +6043,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4646 +#: sssd.conf.5.xml:4651 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -6046,7 +6054,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4663 +#: sssd.conf.5.xml:4668 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -6057,7 +6065,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4657 +#: sssd.conf.5.xml:4662 msgid "" "3. The following example shows the configuration of a certificate mapping " "rule. It is valid for the configured domain <quote>my.domain</quote> and " @@ -6398,8 +6406,17 @@ msgstr "" msgid "ldap_modify - Direct modification of userPassword (not recommended)." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:239 +msgid "" +"exop_force - Try Password Modify Extended Operation (RFC 3062) even if there " +"are no grace logins left. Depending on the type and configuration of the " +"LDAP server the password change might fail because an authenticated bind is " +"not possible." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:240 +#: sssd-ldap.5.xml:251 msgid "" "Note: First, a new connection is established to verify current password by " "binding as the user that requested password change. If successful, this " @@ -6408,76 +6425,76 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:248 +#: sssd-ldap.5.xml:259 msgid "Default: exop" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:265 msgid "ldap_default_bind_dn (string)" msgstr "ldap_default_bind_dn (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:268 msgid "The default bind DN to use for performing LDAP operations." msgstr "" "der Standard-Bind-Domain-Name, der zum Durchführen von LDAP-Aktionen benutzt " "wird" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:264 +#: sssd-ldap.5.xml:275 msgid "ldap_default_authtok_type (string)" msgstr "ldap_default_authtok_type (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:267 +#: sssd-ldap.5.xml:278 msgid "The type of the authentication token of the default bind DN." msgstr "der Typ des Authentifizierungs-Tokens des Standard-Bind-Domain-Namens" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:271 +#: sssd-ldap.5.xml:282 msgid "The two mechanisms currently supported are:" msgstr "Die beiden derzeit unterstützten Mechanismen sind:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:274 +#: sssd-ldap.5.xml:285 msgid "password" msgstr "password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:288 msgid "obfuscated_password" msgstr "obfuscated_password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:291 msgid "Default: password" msgstr "Voreinstellung: password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:283 +#: sssd-ldap.5.xml:294 msgid "" "See the <citerefentry> <refentrytitle>sss_obfuscate</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> manual page for more information." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:294 +#: sssd-ldap.5.xml:305 msgid "ldap_default_authtok (string)" msgstr "ldap_default_authtok (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 +#: sssd-ldap.5.xml:308 msgid "The authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:314 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:317 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -6490,12 +6507,12 @@ msgstr "" "ungleich Null, falls Sie einen Realm in Großbuchstaben wünschen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:319 +#: sssd-ldap.5.xml:330 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:322 +#: sssd-ldap.5.xml:333 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." @@ -6504,12 +6521,12 @@ msgstr "" "Zwischenspeicher aufgezählter Datensätze aktualisiert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:349 msgid "ldap_purge_cache_timeout (integer)" msgstr "ldap_purge_cache_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:341 +#: sssd-ldap.5.xml:352 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -6520,7 +6537,7 @@ msgstr "" "haben) und diese entfernt werden, um Platz zu sparen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:358 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -6529,12 +6546,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:367 +#: sssd-ldap.5.xml:378 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:370 +#: sssd-ldap.5.xml:381 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -6546,7 +6563,7 @@ msgstr "" "das Schema RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:377 +#: sssd-ldap.5.xml:388 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -6563,7 +6580,7 @@ msgstr "" "erfolgt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:397 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -6573,12 +6590,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:395 +#: sssd-ldap.5.xml:406 msgid "Default: 2" msgstr "Voreinstellung: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 +#: sssd-ldap.5.xml:415 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." @@ -6588,25 +6605,25 @@ msgstr "" "und neuere Versionen ausgeführt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:414 +#: sssd-ldap.5.xml:425 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:420 +#: sssd-ldap.5.xml:431 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:423 +#: sssd-ldap.5.xml:434 msgid "Optional. Use the given string as search base for host objects." msgstr "" "optional, verwendet die angegebene Zeichenkette als Suchgrundlage für " "Rechnerobjekte" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:427 sssd-ipa.5.xml:462 sssd-ipa.5.xml:481 sssd-ipa.5.xml:500 -#: sssd-ipa.5.xml:519 +#: sssd-ldap.5.xml:438 sssd-ipa.5.xml:526 sssd-ipa.5.xml:545 sssd-ipa.5.xml:564 +#: sssd-ipa.5.xml:583 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " "multiple search bases." @@ -6615,32 +6632,32 @@ msgstr "" "unter »ldap_search_base«." #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:432 sssd-ipa.5.xml:467 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:443 sssd-ipa.5.xml:531 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "Voreinstellung: der Wert von <emphasis>ldap_search_base</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:450 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:444 +#: sssd-ldap.5.xml:455 msgid "ldap_iphost_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:449 +#: sssd-ldap.5.xml:460 msgid "ldap_ipnetwork_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:465 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:468 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -6651,7 +6668,7 @@ msgstr "" "Ergebnisse zurückgegeben werden (und in den Offline-Modus gegangen wird)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:463 +#: sssd-ldap.5.xml:474 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -6662,12 +6679,12 @@ msgstr "" "Zeitüberschreitungspunkten für spezielle Nachschlagetypen ersetzt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:480 +#: sssd-ldap.5.xml:491 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:483 +#: sssd-ldap.5.xml:494 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -6679,12 +6696,12 @@ msgstr "" "(und in den Offline-Modus gegangen wird)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:501 +#: sssd-ldap.5.xml:512 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:504 +#: sssd-ldap.5.xml:515 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -6701,12 +6718,12 @@ msgstr "" "citerefentry> zurückkehrt, falls keine Aktivität stattfindet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:532 +#: sssd-ldap.5.xml:543 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:546 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -6715,12 +6732,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:566 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:569 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -6734,7 +6751,7 @@ msgstr "" "Lebensdauer) verwendet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:577 msgid "" "If the connection is idle (not actively running an operation) within " "<emphasis>ldap_opt_timeout</emphasis> seconds of expiration, then it will be " @@ -6745,38 +6762,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:578 +#: sssd-ldap.5.xml:589 msgid "" "This timeout can be extended of a random value specified by " "<emphasis>ldap_connection_expire_offset</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:588 sssd-ldap.5.xml:631 sssd-ldap.5.xml:1749 +#: sssd-ldap.5.xml:599 sssd-ldap.5.xml:642 sssd-ldap.5.xml:1760 msgid "Default: 900 (15 minutes)" msgstr "Voreinstellung: 900 (15 Minuten)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:594 +#: sssd-ldap.5.xml:605 msgid "ldap_connection_expire_offset (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:597 +#: sssd-ldap.5.xml:608 msgid "" "Random offset between 0 and configured value is added to " "<emphasis>ldap_connection_expire_timeout</emphasis>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:624 #, fuzzy #| msgid "ldap_connection_expire_timeout (integer)" msgid "ldap_connection_idle_timeout (integer)" msgstr "ldap_connection_expire_timeout (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 +#: sssd-ldap.5.xml:627 #, fuzzy #| msgid "" #| "Specifies a timeout (in seconds) that a connection to an LDAP server will " @@ -6795,17 +6812,17 @@ msgstr "" "Lebensdauer) verwendet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:622 +#: sssd-ldap.5.xml:633 msgid "You can disable this timeout by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:648 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:651 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." @@ -6815,12 +6832,12 @@ msgstr "" "pro Anfrage." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:662 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:654 +#: sssd-ldap.5.xml:665 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -6832,7 +6849,7 @@ msgstr "" "deaktiviert ist oder sich nicht ordnungsgemäß verhält." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:660 +#: sssd-ldap.5.xml:671 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." @@ -6842,7 +6859,7 @@ msgstr "" "aber nicht in der Lage, es zu benutzen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:666 +#: sssd-ldap.5.xml:677 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -6854,17 +6871,17 @@ msgstr "" "abgelehnt werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:678 +#: sssd-ldap.5.xml:689 msgid "ldap_disable_range_retrieval (boolean)" msgstr "ldap_disable_range_retrieval (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:681 +#: sssd-ldap.5.xml:692 msgid "Disable Active Directory range retrieval." msgstr "deaktiviert die Bereichsabfrage von Active Directory" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:684 +#: sssd-ldap.5.xml:695 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -6880,12 +6897,12 @@ msgstr "" "es so aussehen, als ob große Gruppen keine Mitglieder hätten." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:699 +#: sssd-ldap.5.xml:710 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 +#: sssd-ldap.5.xml:713 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -6896,19 +6913,19 @@ msgstr "" "Werte dieser Option werden durch OpenLDAP definiert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:708 sssd-ldap.5.xml:724 +#: sssd-ldap.5.xml:719 sssd-ldap.5.xml:735 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" "Voreinstellung: verwendet die Voreinstellungen des System (normalerweise in " "»ldap.conf« angegeben)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:715 +#: sssd-ldap.5.xml:726 msgid "ldap_sasl_maxssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:718 +#: sssd-ldap.5.xml:729 msgid "" "When communicating with an LDAP server using SASL, specify the maximal " "security level necessary to establish the connection. The values of this " @@ -6916,12 +6933,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:742 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:734 +#: sssd-ldap.5.xml:745 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -6933,7 +6950,7 @@ msgstr "" "nachgeschlagen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:740 +#: sssd-ldap.5.xml:751 msgid "" "You can turn off dereference lookups completely by setting the value to 0. " "Please note that there are some codepaths in SSSD, like the IPA HBAC " @@ -6944,7 +6961,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:751 +#: sssd-ldap.5.xml:762 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -6957,7 +6974,7 @@ msgstr "" "unterstützten Server sind 389/RHDS, OpenLDAP und Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 +#: sssd-ldap.5.xml:770 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -6968,12 +6985,12 @@ msgstr "" "Nachschlagen ohne Rücksicht auf die Einstellung deaktiviert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:783 msgid "ldap_ignore_unreadable_references (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 +#: sssd-ldap.5.xml:786 msgid "" "Ignore unreadable LDAP entries referenced in group's member attribute. If " "this parameter is set to false an error will be returned and the operation " @@ -6981,7 +6998,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:782 +#: sssd-ldap.5.xml:793 msgid "" "This parameter may be useful when using the AD provider and the computer " "account that sssd uses to connect to AD does not have access to a particular " @@ -6989,12 +7006,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:795 +#: sssd-ldap.5.xml:806 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:798 +#: sssd-ldap.5.xml:809 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -7004,7 +7021,7 @@ msgstr "" "Werte angegeben werden:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 +#: sssd-ldap.5.xml:815 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -7013,7 +7030,7 @@ msgstr "" "oder anfordern." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:808 +#: sssd-ldap.5.xml:819 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -7025,7 +7042,7 @@ msgstr "" "Sitzung fährt normal fort." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:826 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -7036,7 +7053,7 @@ msgstr "" "ungültiges Zertifikat bereitgestellt wird, wird die Sitzung sofort beendet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:821 +#: sssd-ldap.5.xml:832 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -7047,22 +7064,22 @@ msgstr "" "sofort beendet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:838 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> = entspricht »demand«" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:831 +#: sssd-ldap.5.xml:842 msgid "Default: hard" msgstr "Voreinstellung: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:837 +#: sssd-ldap.5.xml:848 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:840 +#: sssd-ldap.5.xml:851 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -7071,7 +7088,7 @@ msgstr "" "die <command>sssd</command> erkennen wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 sssd-ldap.5.xml:864 sssd-ldap.5.xml:905 +#: sssd-ldap.5.xml:856 sssd-ldap.5.xml:875 sssd-ldap.5.xml:916 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -7080,12 +7097,12 @@ msgstr "" "<filename>/etc/openldap/ldap.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:852 +#: sssd-ldap.5.xml:863 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:866 #, fuzzy #| msgid "" #| "Specifies the path of a directory that contains Certificate Authority " @@ -7102,38 +7119,38 @@ msgid "" msgstr "" "gibt den Pfad eines Verzeichnisses an, das Zertifikate von " "Zertifizierungstellen in separaten individuellen Dateien enthält. Die " -"Dateinamen sollen normalerweise ein Hash-Wert des Zertifikats gefolgt von " -"».0« sein. Falls verfügbar, kann <command>cacertdir_rehash</command> zum " +"Dateinamen sollen normalerweise ein Hash-Wert des Zertifikats gefolgt " +"von ».0« sein. Falls verfügbar, kann <command>cacertdir_rehash</command> zum " "Erstellen der korrekten Namen verwendet werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:871 +#: sssd-ldap.5.xml:882 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:885 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" "gibt die Datei an, die das Zertifikat für den Schlüssel des Clients enthält." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 +#: sssd-ldap.5.xml:895 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:898 msgid "Specifies the file that contains the client's key." msgstr "gibt die Datei an, die den Schlüssel des Clients enthält." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:907 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:910 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -7141,12 +7158,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 +#: sssd-ldap.5.xml:923 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:926 #, fuzzy #| msgid "" #| "Specifies that the id_provider connection must also use <systemitem " @@ -7160,12 +7177,12 @@ msgstr "" "class=\"protocol\">tls</systemitem> benutzen muss, um den Kanal abzusichern." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:937 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:940 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -7177,19 +7194,19 @@ msgstr "" "verlassen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:946 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" "Derzeit unterstützt diese Funktionalität nur das Abbilden von Active-" "Directory-ObjectSIDs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:945 +#: sssd-ldap.5.xml:956 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:959 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -7208,24 +7225,24 @@ msgstr "" "Abbildung von IDs wählen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:960 +#: sssd-ldap.5.xml:971 msgid "Default: not set (both options are set to 0)" msgstr "Voreinstellung: nicht gesetzt (beide Optionen sind auf 0 gesetzt)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:966 +#: sssd-ldap.5.xml:977 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:969 +#: sssd-ldap.5.xml:980 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " "tested and supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 +#: sssd-ldap.5.xml:984 msgid "" "If the backend supports sub-domains the value of ldap_sasl_mech is " "automatically inherited to the sub-domains. If a different value is needed " @@ -7236,12 +7253,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:989 +#: sssd-ldap.5.xml:1000 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1001 +#: sssd-ldap.5.xml:1012 #, no-wrap msgid "" "hostname@REALM\n" @@ -7254,7 +7271,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:992 +#: sssd-ldap.5.xml:1003 msgid "" "Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " "this represents the Kerberos principal used for authentication to the " @@ -7266,17 +7283,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1012 +#: sssd-ldap.5.xml:1023 msgid "Default: host/hostname@REALM" msgstr "Voreinstellung Rechner/MeinRechner@BEREICH" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1018 +#: sssd-ldap.5.xml:1029 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1032 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -7287,17 +7304,17 @@ msgstr "" "»ldap_sasl_authid« ebenfalls den Realm enthält, wird diese Option ignoriert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1038 msgid "Default: the value of krb5_realm." msgstr "Voreinstellung: der Wert von »krb5_realm«" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 +#: sssd-ldap.5.xml:1044 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 +#: sssd-ldap.5.xml:1047 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." @@ -7307,34 +7324,34 @@ msgstr "" "Bind in eine kanonische Form zu bringen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1041 +#: sssd-ldap.5.xml:1052 msgid "Default: false;" msgstr "Voreinstellung: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1047 +#: sssd-ldap.5.xml:1058 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1050 +#: sssd-ldap.5.xml:1061 msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 sssd-krb5.5.xml:247 +#: sssd-ldap.5.xml:1070 sssd-krb5.5.xml:247 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Voreinstellung: Keytab des Systems, normalerweise <filename>/etc/krb5." "keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 +#: sssd-ldap.5.xml:1076 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 +#: sssd-ldap.5.xml:1079 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -7342,28 +7359,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1080 +#: sssd-ldap.5.xml:1091 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1094 msgid "" "Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1092 sssd-ad.5.xml:1253 +#: sssd-ldap.5.xml:1103 sssd-ad.5.xml:1256 msgid "Default: 86400 (24 hours)" msgstr "Voreinstellung: 86400 (24 Stunden)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1098 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1109 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1101 +#: sssd-ldap.5.xml:1112 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -7382,7 +7399,7 @@ msgstr "" "Weitere Informationen finden Sie im Abschnitt »DIENSTSUCHE«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1113 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1124 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -7393,7 +7410,7 @@ msgstr "" "Protokoll angeben. Falls keine gefunden werden, weicht es auf _tcp aus." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1118 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1129 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -7405,29 +7422,29 @@ msgstr "" "migrieren." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1127 sssd-ipa.5.xml:531 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1138 sssd-ipa.5.xml:595 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1130 +#: sssd-ldap.5.xml:1141 msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1134 +#: sssd-ldap.5.xml:1145 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Voreinstellung: Systemvoreinstellungen, siehe <filename>/etc/krb5.conf</" "filename>" #. type: Content of: <variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1140 include/krb5_options.xml:154 +#: sssd-ldap.5.xml:1151 include/krb5_options.xml:154 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1143 +#: sssd-ldap.5.xml:1154 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" @@ -7437,12 +7454,12 @@ msgstr "" "Kerberos >= 1.7 verfügbar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1155 sssd-krb5.5.xml:336 +#: sssd-ldap.5.xml:1166 sssd-krb5.5.xml:336 msgid "krb5_use_kdcinfo (boolean)" msgstr "krb5_use_kdcinfo (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1158 sssd-krb5.5.xml:339 +#: sssd-ldap.5.xml:1169 sssd-krb5.5.xml:339 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -7458,7 +7475,7 @@ msgstr "" "manvolnum> </citerefentry> einrichten." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 sssd-krb5.5.xml:350 +#: sssd-ldap.5.xml:1180 sssd-krb5.5.xml:350 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -7469,12 +7486,12 @@ msgstr "" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1183 +#: sssd-ldap.5.xml:1194 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1186 +#: sssd-ldap.5.xml:1197 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -7483,7 +7500,7 @@ msgstr "" "Passworts abgeschätzt werden soll. Die folgenden Werte sind erlaubt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1202 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -7492,7 +7509,7 @@ msgstr "" "kann keine Server-seitigen Passwortregelwerke deaktivieren." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1196 +#: sssd-ldap.5.xml:1207 #, fuzzy #| msgid "" #| "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" @@ -7509,7 +7526,7 @@ msgstr "" "manvolnum></citerefentry>, um abzuschätzen, ob das Passwort erloschen ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1204 +#: sssd-ldap.5.xml:1215 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -7521,7 +7538,7 @@ msgstr "" "Passwort geändert wurde." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1213 +#: sssd-ldap.5.xml:1224 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." @@ -7531,17 +7548,17 @@ msgstr "" "festgelegten Regel." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1232 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1235 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "gibt an, ob automatische Verweisverfolgung aktiviert werden soll." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 +#: sssd-ldap.5.xml:1239 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -7550,7 +7567,7 @@ msgstr "" "mit OpenLDAP Version 2.4.13 oder höher kompiliert wurde." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1233 +#: sssd-ldap.5.xml:1244 #, fuzzy #| msgid "" #| "Chasing referrals may incur a performance penalty in environments that " @@ -7574,28 +7591,28 @@ msgstr "" "merkliche Leistungsverbesserung bringen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1263 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1255 +#: sssd-ldap.5.xml:1266 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "gibt an, welcher Dienstname bei aktivierter Dienstsuche benutzt werden soll." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1259 +#: sssd-ldap.5.xml:1270 msgid "Default: ldap" msgstr "Voreinstellung: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1265 +#: sssd-ldap.5.xml:1276 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1279 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -7604,17 +7621,17 @@ msgstr "" "soll, der Passwortänderungen bei aktivierter Dienstsuche ermöglicht." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 +#: sssd-ldap.5.xml:1284 msgid "Default: not set, i.e. service discovery is disabled" msgstr "Voreinstellung: nicht gesetzt, d.h. Dienstsuche ist deaktiviert" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1290 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 +#: sssd-ldap.5.xml:1293 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." @@ -7623,7 +7640,7 @@ msgstr "" "Passwortänderung mit Unix-Zeit geändert wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1288 +#: sssd-ldap.5.xml:1299 msgid "" "It is recommend to set this option explicitly if \"ldap_pwd_policy = " "shadow\" is used to let SSSD know if the LDAP server will update " @@ -7632,12 +7649,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1313 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1305 +#: sssd-ldap.5.xml:1316 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -7667,12 +7684,12 @@ msgstr "" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1336 msgid "Example:" msgstr "Beispiel:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1328 +#: sssd-ldap.5.xml:1339 #, no-wrap msgid "" "access_provider = ldap\n" @@ -7684,7 +7701,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1332 +#: sssd-ldap.5.xml:1343 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." @@ -7693,7 +7710,7 @@ msgstr "" "beschränkt, deren employeeType-Attribut auf »admin« gesetzt ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 +#: sssd-ldap.5.xml:1348 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -7702,17 +7719,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1345 sssd-ldap.5.xml:1401 +#: sssd-ldap.5.xml:1356 sssd-ldap.5.xml:1412 msgid "Default: Empty" msgstr "Voreinstellung: leer" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1351 +#: sssd-ldap.5.xml:1362 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1354 +#: sssd-ldap.5.xml:1365 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -7721,7 +7738,7 @@ msgstr "" "Zugriffssteuerungsattribute aktiviert werden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1358 +#: sssd-ldap.5.xml:1369 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -7732,12 +7749,12 @@ msgstr "" "einem geeigneten Fehlercode zurückweisen, wenn das Passwort korrekt ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1365 +#: sssd-ldap.5.xml:1376 msgid "The following values are allowed:" msgstr "Die folgenden Werte sind erlaubt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1368 +#: sssd-ldap.5.xml:1379 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -7746,7 +7763,7 @@ msgstr "" "»ldap_user_shadow_expire«, um zu bestimmen, ob das Konto abgelaufen ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1373 +#: sssd-ldap.5.xml:1384 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -7759,7 +7776,7 @@ msgstr "" "gewährt. Außerdem wird die Ablaufzeit des Kontos geprüft." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1380 +#: sssd-ldap.5.xml:1391 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -7770,7 +7787,7 @@ msgstr "" "Zugriff erlaubt wird oder nicht." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1386 +#: sssd-ldap.5.xml:1397 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -7783,7 +7800,7 @@ msgstr "" "Zugriff gewährt wird. Falls diese Attribute fehlen, wird Zugriff erteilt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1394 +#: sssd-ldap.5.xml:1405 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -7794,24 +7811,24 @@ msgstr "" "»ldap_account_expire_policy« funktioniert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1407 +#: sssd-ldap.5.xml:1418 msgid "ldap_access_order (string)" msgstr "ldap_access_order (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1410 sssd-ipa.5.xml:356 +#: sssd-ldap.5.xml:1421 sssd-ipa.5.xml:420 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "durch Kommata getrennte Liste von Zugriffssteuerungsoptionen. Folgende Werte " "sind erlaubt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 +#: sssd-ldap.5.xml:1425 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis>: verwendet »ldap_access_filter«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1417 +#: sssd-ldap.5.xml:1428 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -7821,14 +7838,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1427 +#: sssd-ldap.5.xml:1438 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1434 +#: sssd-ldap.5.xml:1445 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -7841,12 +7858,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1451 +#: sssd-ldap.5.xml:1462 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>expire</emphasis>: verwendet »ldap_account_expire_policy«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 sssd-ipa.5.xml:364 +#: sssd-ldap.5.xml:1466 sssd-ipa.5.xml:428 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -7856,31 +7873,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1465 sssd-ipa.5.xml:374 +#: sssd-ldap.5.xml:1476 sssd-ipa.5.xml:438 msgid "" "The difference between these options is the action taken if user password is " "expired:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1470 sssd-ipa.5.xml:379 +#: sssd-ldap.5.xml:1481 sssd-ipa.5.xml:443 msgid "pwd_expire_policy_reject - user is denied to log in," msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1476 sssd-ipa.5.xml:385 +#: sssd-ldap.5.xml:1487 sssd-ipa.5.xml:449 msgid "pwd_expire_policy_warn - user is still able to log in," msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1482 sssd-ipa.5.xml:391 +#: sssd-ldap.5.xml:1493 sssd-ipa.5.xml:455 msgid "" "pwd_expire_policy_renew - user is prompted to change their password " "immediately." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1490 +#: sssd-ldap.5.xml:1501 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to shadow or mit_kerberos, these " @@ -7888,7 +7905,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1507 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -7897,33 +7914,33 @@ msgstr "" "»authorizedService«, um zu bestimmen, ob Zugriff gewährt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1501 +#: sssd-ldap.5.xml:1512 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis>: verwendet das Attribut »host«, um zu bestimmen, " "ob Zugriff gewährt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1505 +#: sssd-ldap.5.xml:1516 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1520 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1514 +#: sssd-ldap.5.xml:1525 msgid "Default: filter" msgstr "Voreinstellung: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1528 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -7932,12 +7949,12 @@ msgstr "" "mehr als einmal benutzt wird." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1524 +#: sssd-ldap.5.xml:1535 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 +#: sssd-ldap.5.xml:1538 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -7946,22 +7963,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:1546 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1538 +#: sssd-ldap.5.xml:1549 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1555 msgid "ldap_deref (string)" msgstr "ldap_deref (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1558 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -7970,12 +7987,12 @@ msgstr "" "folgenden Optionen sind erlaubt:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1563 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "<emphasis>never</emphasis>: Alias werden nie dereferenziert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1556 +#: sssd-ldap.5.xml:1567 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -7985,7 +8002,7 @@ msgstr "" "Suche." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1561 +#: sssd-ldap.5.xml:1572 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -7994,7 +8011,7 @@ msgstr "" "der Suche dereferenziert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1566 +#: sssd-ldap.5.xml:1577 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -8003,7 +8020,7 @@ msgstr "" "Orten des Basisobjekts der Suche dereferenziert." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 +#: sssd-ldap.5.xml:1582 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -8012,12 +8029,12 @@ msgstr "" "<emphasis>never</emphasis> gehandhabt.)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1579 +#: sssd-ldap.5.xml:1590 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1593 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." @@ -8026,7 +8043,7 @@ msgstr "" "beizubehalten, die das Schema RFC2307 benutzen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1586 +#: sssd-ldap.5.xml:1597 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -8044,7 +8061,7 @@ msgstr "" "getpw*() oder initgroups() abzurufen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1597 +#: sssd-ldap.5.xml:1608 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -8055,64 +8072,64 @@ msgstr "" "die lokalen Benutzer um zusätzliche LDAP-Gruppen erweitert werden." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1609 sssd-ifp.5.xml:152 +#: sssd-ldap.5.xml:1620 sssd-ifp.5.xml:152 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1612 +#: sssd-ldap.5.xml:1623 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1616 +#: sssd-ldap.5.xml:1627 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1631 msgid "Default: 1000 (often the size of one page)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1626 +#: sssd-ldap.5.xml:1637 #, fuzzy #| msgid "debug_level (integer)" msgid "ldap_library_debug_level (integer)" msgstr "debug_level (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1629 +#: sssd-ldap.5.xml:1640 msgid "" "Switches on libldap debugging with the given level. The libldap debug " "messages will be written independent of the general debug_level." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1634 +#: sssd-ldap.5.xml:1645 msgid "" "OpenLDAP uses a bitmap to enable debugging for specific components, -1 will " "enable full debug output." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1639 +#: sssd-ldap.5.xml:1650 #, fuzzy #| msgid "Default: 0 (disabled)" msgid "Default: 0 (libldap debugging disabled)" msgstr "Voreinstellung: 0 (deaktiviert)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1645 +#: sssd-ldap.5.xml:1656 #, fuzzy #| msgid "ldap_id_mapping (boolean)" msgid "ldap_use_ppolicy (boolean)" msgstr "ldap_id_mapping (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1659 msgid "" "Turns on requesting and relying on the server-side password policy controls. " "Disabling this allows interacting with services which send back invalid " @@ -8120,14 +8137,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1671 #, fuzzy #| msgid "ldap_deref_threshold (integer)" msgid "ldap_ppolicy_pwd_change_threshold (integer)" msgstr "ldap_deref_threshold (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1663 +#: sssd-ldap.5.xml:1674 msgid "" "Forces a password change when server side password policy controls are " "enabled and remaining grace logins returned by the server after the " @@ -8150,12 +8167,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1683 +#: sssd-ldap.5.xml:1694 msgid "SUDO OPTIONS" msgstr "SUDO-OPTIONEN" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1685 +#: sssd-ldap.5.xml:1696 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -8166,12 +8183,12 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 +#: sssd-ldap.5.xml:1707 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 +#: sssd-ldap.5.xml:1710 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." @@ -8181,7 +8198,7 @@ msgstr "" "heruntergeladen werden)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1715 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" @@ -8190,24 +8207,24 @@ msgstr "" "emphasis> sein." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1709 +#: sssd-ldap.5.xml:1720 msgid "" "You can disable full refresh by setting this option to 0. However, either " "smart or full refresh must be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1725 msgid "Default: 21600 (6 hours)" msgstr "Voreinstellung: 21600 (6 Stunden)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1720 +#: sssd-ldap.5.xml:1731 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1734 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest " @@ -8215,7 +8232,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1740 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." @@ -8224,7 +8241,7 @@ msgstr "" "das Attribut »modifyTimestamp« benutzt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1733 +#: sssd-ldap.5.xml:1744 msgid "" "<emphasis>Note:</emphasis> the highest USN value can be updated by three " "tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " @@ -8234,21 +8251,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1744 +#: sssd-ldap.5.xml:1755 msgid "" "You can disable smart refresh by setting this option to 0. However, either " "smart or full refresh must be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1755 +#: sssd-ldap.5.xml:1766 #, fuzzy #| msgid "ldap_idmap_range_size (integer)" msgid "ldap_sudo_random_offset (integer)" msgstr "ldap_idmap_range_size (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1758 +#: sssd-ldap.5.xml:1769 msgid "" "Random offset between 0 and configured value is added to smart and full " "refresh periods each time the periodic task is scheduled. The value is in " @@ -8256,7 +8273,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 +#: sssd-ldap.5.xml:1775 msgid "" "Note that this random offset is also applied on the first SSSD start which " "delays the first sudo rules refresh. This prolongs the time when the sudo " @@ -8264,17 +8281,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1770 +#: sssd-ldap.5.xml:1781 msgid "You can disable this offset by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1780 +#: sssd-ldap.5.xml:1791 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1794 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." @@ -8284,12 +8301,12 @@ msgstr "" "Netzwerkadressen und Rechnernamen)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1794 +#: sssd-ldap.5.xml:1805 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1797 +#: sssd-ldap.5.xml:1808 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." @@ -8298,7 +8315,7 @@ msgstr "" "Domain-Namen, die zum Filtern der Regeln benutzt werden sollen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1813 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." @@ -8307,8 +8324,8 @@ msgstr "" "voll qualifizierten Domain-Namen automatisch herauszufinden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1807 sssd-ldap.5.xml:1830 sssd-ldap.5.xml:1848 -#: sssd-ldap.5.xml:1866 +#: sssd-ldap.5.xml:1818 sssd-ldap.5.xml:1841 sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1877 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." @@ -8317,17 +8334,17 @@ msgstr "" "emphasis> ist, hat diese Option keine Auswirkungen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1812 sssd-ldap.5.xml:1835 +#: sssd-ldap.5.xml:1823 sssd-ldap.5.xml:1846 msgid "Default: not specified" msgstr "Voreinstellung: nicht angegeben" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1818 +#: sssd-ldap.5.xml:1829 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1821 +#: sssd-ldap.5.xml:1832 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." @@ -8336,7 +8353,7 @@ msgstr "" "Netzwerkadressen, die zum Filtern der Regeln benutzt werden sollen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1826 +#: sssd-ldap.5.xml:1837 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." @@ -8345,12 +8362,12 @@ msgstr "" "herauszufinden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1841 +#: sssd-ldap.5.xml:1852 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "ldap_sudo_include_netgroups (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1855 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." @@ -8359,12 +8376,12 @@ msgstr "" "eine Netzgruppe im Attribut »sudoHost« enthält." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1870 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1862 +#: sssd-ldap.5.xml:1873 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." @@ -8373,14 +8390,14 @@ msgstr "" "einen Platzhalter im Attribut »sudoHost« enthält." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:1872 +#: sssd-ldap.5.xml:1883 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1884 +#: sssd-ldap.5.xml:1895 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -8393,59 +8410,59 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1894 +#: sssd-ldap.5.xml:1905 msgid "AUTOFS OPTIONS" msgstr "AUTOFS-OPTIONEN" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1896 +#: sssd-ldap.5.xml:1907 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1913 msgid "ldap_autofs_map_master_name (string)" msgstr "ldap_autofs_map_master_name (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1905 +#: sssd-ldap.5.xml:1916 msgid "The name of the automount master map in LDAP." msgstr "Der Name der Automount-Master-Abbildung in LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1919 msgid "Default: auto.master" msgstr "Voreinstellung: auto.master" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1919 +#: sssd-ldap.5.xml:1930 msgid "ADVANCED OPTIONS" msgstr "ERWEITERTE OPTIONEN" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1926 +#: sssd-ldap.5.xml:1937 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1931 +#: sssd-ldap.5.xml:1942 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1936 +#: sssd-ldap.5.xml:1947 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:1941 +#: sssd-ldap.5.xml:1952 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:1943 +#: sssd-ldap.5.xml:1954 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -8454,22 +8471,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:1950 +#: sssd-ldap.5.xml:1961 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:1963 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1968 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1921 +#: sssd-ldap.5.xml:1932 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -8478,14 +8495,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1972 sssd-simple.5.xml:131 sssd-ipa.5.xml:930 -#: sssd-ad.5.xml:1392 sssd-krb5.5.xml:483 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:1983 sssd-simple.5.xml:131 sssd-ipa.5.xml:994 +#: sssd-ad.5.xml:1459 sssd-krb5.5.xml:483 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:155 sssd-session-recording.5.xml:176 msgid "EXAMPLE" msgstr "BEISPIEL" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1974 +#: sssd-ldap.5.xml:1985 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -8496,7 +8513,7 @@ msgstr "" "gesetzt ist." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1980 +#: sssd-ldap.5.xml:1991 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -8509,27 +8526,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:1979 sssd-ldap.5.xml:1997 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:938 sssd-ad.5.xml:1400 sssd-sudo.5.xml:56 sssd-krb5.5.xml:492 -#: sssd-files.5.xml:162 sssd-files.5.xml:173 sssd-session-recording.5.xml:182 -#: include/ldap_id_mapping.xml:105 +#: sssd-ldap.5.xml:1990 sssd-ldap.5.xml:2008 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:1002 sssd-ad.5.xml:1467 sssd-sudo.5.xml:56 +#: sssd-krb5.5.xml:492 sssd-files.5.xml:162 sssd-files.5.xml:173 +#: sssd-session-recording.5.xml:182 include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1991 +#: sssd-ldap.5.xml:2002 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1993 +#: sssd-ldap.5.xml:2004 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1998 +#: sssd-ldap.5.xml:2009 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -8545,13 +8562,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2013 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1415 sssd.8.xml:270 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2024 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1482 sssd.8.xml:270 sss_seed.8.xml:163 msgid "NOTES" msgstr "ANMERKUNGEN" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2015 +#: sssd-ldap.5.xml:2026 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -10932,7 +10949,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 sssd-ad.5.xml:1182 +#: sssd-ipa.5.xml:129 sssd-ad.5.xml:1185 msgid "dyndns_update (boolean)" msgstr "dyndns_update (Boolesch)" @@ -10947,7 +10964,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:141 sssd-ad.5.xml:1196 +#: sssd-ipa.5.xml:141 sssd-ad.5.xml:1199 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -10969,12 +10986,12 @@ msgstr "" "Konfigurationsdatei migrieren." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:158 sssd-ad.5.xml:1207 +#: sssd-ipa.5.xml:158 sssd-ad.5.xml:1210 msgid "dyndns_ttl (integer)" msgstr "dyndns_ttl (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:161 sssd-ad.5.xml:1210 +#: sssd-ipa.5.xml:161 sssd-ad.5.xml:1213 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -11003,12 +11020,12 @@ msgid "Default: 1200 (seconds)" msgstr "Voreinstellung: 1200 (Sekunden)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:178 sssd-ad.5.xml:1221 +#: sssd-ipa.5.xml:178 sssd-ad.5.xml:1224 msgid "dyndns_iface (string)" msgstr "dyndns_iface (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:181 sssd-ad.5.xml:1224 +#: sssd-ipa.5.xml:181 sssd-ad.5.xml:1227 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -11036,17 +11053,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:198 sssd-ad.5.xml:1235 +#: sssd-ipa.5.xml:198 sssd-ad.5.xml:1238 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:204 sssd-ad.5.xml:1291 +#: sssd-ipa.5.xml:204 sssd-ad.5.xml:1294 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:207 sssd-ad.5.xml:1294 +#: sssd-ipa.5.xml:207 sssd-ad.5.xml:1297 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -11054,19 +11071,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:213 sssd-ad.5.xml:1300 +#: sssd-ipa.5.xml:213 sssd-ad.5.xml:1303 msgid "Default: GSS-TSIG" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:219 sssd-ad.5.xml:1306 +#: sssd-ipa.5.xml:219 sssd-ad.5.xml:1309 #, fuzzy #| msgid "dyndns_iface (string)" msgid "dyndns_auth_ptr (string)" msgstr "dyndns_iface (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:222 sssd-ad.5.xml:1309 +#: sssd-ipa.5.xml:222 sssd-ad.5.xml:1312 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "PTR updates with the DNS server, insecure updates can be sent by setting " @@ -11074,7 +11091,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:228 sssd-ad.5.xml:1315 +#: sssd-ipa.5.xml:228 sssd-ad.5.xml:1318 msgid "Default: Same as dyndns_auth" msgstr "" @@ -11109,7 +11126,7 @@ msgstr "" "gefundenen als Sicherungsserver." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1241 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1244 msgid "dyndns_refresh_interval (integer)" msgstr "dyndns_refresh_interval (Ganzzahl)" @@ -11125,12 +11142,12 @@ msgstr "" "Diese Option ist optional und nur anwendbar, wenn »dyndns_update« »true« ist." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:276 sssd-ad.5.xml:1259 +#: sssd-ipa.5.xml:276 sssd-ad.5.xml:1262 msgid "dyndns_update_ptr (bool)" msgstr "dyndns_update_ptr (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 sssd-ad.5.xml:1262 +#: sssd-ipa.5.xml:279 sssd-ad.5.xml:1265 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -11150,7 +11167,7 @@ msgstr "" "Weiterleitungsdatensätze ändern." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:290 sssd-ad.5.xml:1267 +#: sssd-ipa.5.xml:290 sssd-ad.5.xml:1270 msgid "" "Note that <emphasis>dyndns_update_per_family</emphasis> parameter does not " "apply for PTR record updates. Those updates are always sent separately." @@ -11162,12 +11179,12 @@ msgid "Default: False (disabled)" msgstr "Voreinstellung: False (deaktiviert)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1278 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1281 msgid "dyndns_force_tcp (bool)" msgstr "dyndns_force_tcp (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:304 sssd-ad.5.xml:1281 +#: sssd-ipa.5.xml:304 sssd-ad.5.xml:1284 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." @@ -11176,48 +11193,65 @@ msgstr "" "DNS-Server verwenden soll" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:308 sssd-ad.5.xml:1285 +#: sssd-ipa.5.xml:308 sssd-ad.5.xml:1288 msgid "Default: False (let nsupdate choose the protocol)" msgstr "Voreinstellung: False (lässt Nsupdate das Protokoll auswählen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:314 sssd-ad.5.xml:1321 +#: sssd-ipa.5.xml:314 sssd-ad.5.xml:1324 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1324 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1327 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 sssd-ad.5.xml:1329 +#: sssd-ipa.5.xml:322 sssd-ad.5.xml:1332 msgid "" "Setting this option makes sense for environments where the DNS server is " -"different from the identity server." +"different from the identity server or when we use encrypted DNS." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:327 sssd-ad.5.xml:1337 +msgid "" +"The parameter can be a simple string containing DNS name or IP address. It " +"can also be an URI. The URI can look like <emphasis>dns://servername/</" +"emphasis> or <emphasis>dns+tls://1.2.3.4:853#servername/</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:334 sssd-ad.5.xml:1344 +msgid "" +"The second example enables DNS-over-TLS protocol for DNS updates. The " +"nsupdate utility must support DoT - check the <emphasis>man nsupdate</" +"emphasis> before enabling it in SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:327 sssd-ad.5.xml:1334 +#: sssd-ipa.5.xml:340 sssd-ad.5.xml:1350 msgid "" "Please note that this option will be only used in fallback attempt when " -"previous attempt using autodetected settings failed." +"previous attempt using autodetected settings failed or when DNS-over-TLS is " +"enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:332 sssd-ad.5.xml:1339 +#: sssd-ipa.5.xml:346 sssd-ad.5.xml:1356 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:338 sssd-ad.5.xml:1345 +#: sssd-ipa.5.xml:352 sssd-ad.5.xml:1362 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:341 sssd-ad.5.xml:1348 +#: sssd-ipa.5.xml:355 sssd-ad.5.xml:1365 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -11225,52 +11259,118 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:353 +#: sssd-ipa.5.xml:367 sssd-ad.5.xml:1377 +#, fuzzy +#| msgid "dyndns_iface (string)" +msgid "dyndns_dot_cacert (string)" +msgstr "dyndns_iface (Zeichenkette)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:370 sssd-ad.5.xml:1380 +msgid "" +"This option specifies the file of the certificate authorities certificates " +"(in PEM format) in order to verify the remote server TLS certificate when " +"using DoT." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:376 sssd-ad.5.xml:1386 +msgid "Default: None (use global certificate store)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:382 sssd-ad.5.xml:1392 +#, fuzzy +#| msgid "dyndns_iface (string)" +msgid "dyndns_dot_cert (string)" +msgstr "dyndns_iface (Zeichenkette)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:385 sssd-ad.5.xml:1395 +msgid "" +"This option sets the certificate(s) file for authentication for the DoT " +"transport to the remote server. The certificate chain file is expected to be " +"in PEM format." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:391 sssd-ad.5.xml:1401 +msgid "" +"The <emphasis>dyndns_dot_cert</emphasis> and <emphasis>dyndns_dot_key</" +"emphasis> options must be both set to achieve mutual TLS authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:396 sssd-ipa.5.xml:411 sssd-ad.5.xml:1406 sssd-ad.5.xml:1421 +#, fuzzy +#| msgid "Default: not set (no substitution for unset home directories)" +msgid "Default: None (Do not use TLS authentication)" +msgstr "" +"Voreinstellung: nicht gesetzt (kein Ersetzen nicht gesetzter Home-" +"Verzeichnisse)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:402 sssd-ad.5.xml:1412 +#, fuzzy +#| msgid "dyndns_iface (string)" +msgid "dyndns_dot_key (string)" +msgstr "dyndns_iface (Zeichenkette)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:405 sssd-ad.5.xml:1415 +msgid "" +"This option sets the key file for authenticated encryption for the DoT " +"transport to the remote server. The private key file is expected to be in " +"PEM format." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:417 #, fuzzy #| msgid "ldap_access_order (string)" msgid "ipa_access_order (string)" msgstr "ldap_access_order (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:360 +#: sssd-ipa.5.xml:424 #, fuzzy #| msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgid "<emphasis>expire</emphasis>: use IPA's account expiration policy." msgstr "<emphasis>expire</emphasis>: verwendet »ldap_account_expire_policy«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:399 +#: sssd-ipa.5.xml:463 msgid "" "Please note that 'access_provider = ipa' must be set for this feature to " "work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:406 +#: sssd-ipa.5.xml:470 msgid "ipa_deskprofile_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:409 +#: sssd-ipa.5.xml:473 msgid "" "Optional. Use the given string as search base for Desktop Profile related " "objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:413 sssd-ipa.5.xml:440 +#: sssd-ipa.5.xml:477 sssd-ipa.5.xml:504 msgid "Default: Use base DN" msgstr "Voreinstellung: verwendet Basis-DN" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:419 +#: sssd-ipa.5.xml:483 #, fuzzy #| msgid "ipa_subdomains_search_base (string)" msgid "ipa_subid_ranges_search_base (string)" msgstr "ipa_subdomains_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:422 +#: sssd-ipa.5.xml:486 #, fuzzy #| msgid "" #| "Optional. Use the given string as search base for HBAC related objects." @@ -11282,97 +11382,97 @@ msgstr "" "bezogene Objekte" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:426 +#: sssd-ipa.5.xml:490 #, fuzzy #| msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgid "Default: the value of <emphasis>cn=subids,%basedn</emphasis>" msgstr "Voreinstellung: der Wert von <emphasis>cn=trusts,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:433 +#: sssd-ipa.5.xml:497 msgid "ipa_hbac_search_base (string)" msgstr "ipa_hbac_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:436 +#: sssd-ipa.5.xml:500 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" "optional, verwendet die angegebene Zeichenkette als Suchgrundlage für HBAC-" "bezogene Objekte" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:446 +#: sssd-ipa.5.xml:510 msgid "ipa_host_search_base (string)" msgstr "ipa_host_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:449 +#: sssd-ipa.5.xml:513 msgid "Deprecated. Use ldap_host_search_base instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:455 +#: sssd-ipa.5.xml:519 msgid "ipa_selinux_search_base (string)" msgstr "ipa_selinux_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:458 +#: sssd-ipa.5.xml:522 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" "optional, verwendet die angegebene Zeichenkette als Suchgrundlage für " "SELinux-Benutzerabbildungen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:474 +#: sssd-ipa.5.xml:538 msgid "ipa_subdomains_search_base (string)" msgstr "ipa_subdomains_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:477 +#: sssd-ipa.5.xml:541 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" "optional, verwendet die angegebene Zeichenkette als Suchgrundlage für " "vertrauenswürdige Domains" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 +#: sssd-ipa.5.xml:550 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "Voreinstellung: der Wert von <emphasis>cn=trusts,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:493 +#: sssd-ipa.5.xml:557 msgid "ipa_master_domain_search_base (string)" msgstr "ipa_master_domain_search_base (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:496 +#: sssd-ipa.5.xml:560 msgid "Optional. Use the given string as search base for master domain object." msgstr "" "optional, verwendet die angegebene Zeichenkette als Suchgrundlage für das " "Master-Domain-Objekt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:505 +#: sssd-ipa.5.xml:569 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "Voreinstellung: der Wert von <emphasis>cn=ad,cn=etc,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 +#: sssd-ipa.5.xml:576 msgid "ipa_views_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 +#: sssd-ipa.5.xml:579 msgid "Optional. Use the given string as search base for views containers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:524 +#: sssd-ipa.5.xml:588 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:534 +#: sssd-ipa.5.xml:598 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." @@ -11381,7 +11481,7 @@ msgstr "" "Wert von »ipa_domain«." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:538 +#: sssd-ipa.5.xml:602 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." @@ -11391,37 +11491,37 @@ msgstr "" "zu verwenden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:546 sssd-ad.5.xml:1363 +#: sssd-ipa.5.xml:610 sssd-ad.5.xml:1430 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:549 sssd-ad.5.xml:1366 +#: sssd-ipa.5.xml:613 sssd-ad.5.xml:1433 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:553 sssd-ad.5.xml:1370 +#: sssd-ipa.5.xml:617 sssd-ad.5.xml:1437 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:557 sssd-ad.5.xml:1374 +#: sssd-ipa.5.xml:621 sssd-ad.5.xml:1441 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:564 +#: sssd-ipa.5.xml:628 msgid "ipa_deskprofile_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:567 +#: sssd-ipa.5.xml:631 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server. This will reduce the latency and load on the IPA server if there " @@ -11429,34 +11529,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:574 sssd-ipa.5.xml:604 sssd-ipa.5.xml:620 sssd-ad.5.xml:600 +#: sssd-ipa.5.xml:638 sssd-ipa.5.xml:668 sssd-ipa.5.xml:684 sssd-ad.5.xml:600 msgid "Default: 5 (seconds)" msgstr "Voreinstellung: 5 (Sekunden)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:580 +#: sssd-ipa.5.xml:644 msgid "ipa_deskprofile_request_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:583 +#: sssd-ipa.5.xml:647 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server in case the last request did not return any rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:588 +#: sssd-ipa.5.xml:652 msgid "Default: 60 (minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:594 +#: sssd-ipa.5.xml:658 msgid "ipa_hbac_refresh (integer)" msgstr "ipa_hbac_refresh (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:597 +#: sssd-ipa.5.xml:661 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -11467,12 +11567,12 @@ msgstr "" "Zugriffssteuerungsanfragen in einer kurzen Zeitspanne ankommen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:610 +#: sssd-ipa.5.xml:674 msgid "ipa_hbac_selinux (integer)" msgstr "ipa_hbac_selinux (Ganzzahl)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:613 +#: sssd-ipa.5.xml:677 msgid "" "The amount of time between lookups of the SELinux maps against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -11483,33 +11583,33 @@ msgstr "" "viele Benutzeranmeldeanfragen in einer kurzen Zeitspanne ankommen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:626 +#: sssd-ipa.5.xml:690 msgid "ipa_server_mode (boolean)" msgstr "ipa_server_mode (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:629 +#: sssd-ipa.5.xml:693 msgid "" "This option will be set by the IPA installer (ipa-server-install) " "automatically and denotes if SSSD is running on an IPA server or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:634 +#: sssd-ipa.5.xml:698 msgid "" "On an IPA server SSSD will lookup users and groups from trusted domains " "directly while on a client it will ask an IPA server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:639 +#: sssd-ipa.5.xml:703 msgid "" "NOTE: There are currently some assumptions that must be met when SSSD is " "running on an IPA server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:644 +#: sssd-ipa.5.xml:708 msgid "" "The <quote>ipa_server</quote> option must be configured to point to the IPA " "server itself. This is already the default set by the IPA installer, so no " @@ -11517,59 +11617,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:653 +#: sssd-ipa.5.xml:717 msgid "" "The <quote>full_name_format</quote> option must not be tweaked to only print " "short names for users from trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:668 +#: sssd-ipa.5.xml:732 msgid "ipa_automount_location (string)" msgstr "ipa_automount_location (Zeichenkette)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:671 +#: sssd-ipa.5.xml:735 msgid "The automounter location this IPA client will be using" msgstr "der Ort des Automounters, den dieser IPA-Client benutzen wird" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:674 +#: sssd-ipa.5.xml:738 msgid "Default: The location named \"default\"" msgstr "Voreinstellung: der Ort namens »default«" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:682 +#: sssd-ipa.5.xml:746 msgid "VIEWS AND OVERRIDES" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:691 +#: sssd-ipa.5.xml:755 msgid "ipa_view_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:694 +#: sssd-ipa.5.xml:758 msgid "Objectclass of the view container." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:697 +#: sssd-ipa.5.xml:761 msgid "Default: nsContainer" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:703 +#: sssd-ipa.5.xml:767 msgid "ipa_view_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:706 +#: sssd-ipa.5.xml:770 msgid "Name of the attribute holding the name of the view." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:710 sssd-ldap-attributes.5.xml:496 +#: sssd-ipa.5.xml:774 sssd-ldap-attributes.5.xml:496 #: sssd-ldap-attributes.5.xml:832 sssd-ldap-attributes.5.xml:913 #: sssd-ldap-attributes.5.xml:1010 sssd-ldap-attributes.5.xml:1068 #: sssd-ldap-attributes.5.xml:1226 sssd-ldap-attributes.5.xml:1271 @@ -11577,128 +11677,128 @@ msgid "Default: cn" msgstr "Voreinstellung: cn" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:716 +#: sssd-ipa.5.xml:780 msgid "ipa_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:719 +#: sssd-ipa.5.xml:783 msgid "Objectclass of the override objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:722 +#: sssd-ipa.5.xml:786 msgid "Default: ipaOverrideAnchor" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:728 +#: sssd-ipa.5.xml:792 msgid "ipa_anchor_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:731 +#: sssd-ipa.5.xml:795 msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:735 +#: sssd-ipa.5.xml:799 msgid "Default: ipaAnchorUUID" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:741 +#: sssd-ipa.5.xml:805 msgid "ipa_user_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:744 +#: sssd-ipa.5.xml:808 msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:749 +#: sssd-ipa.5.xml:813 msgid "User overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:752 +#: sssd-ipa.5.xml:816 msgid "ldap_user_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:755 +#: sssd-ipa.5.xml:819 msgid "ldap_user_uid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:758 +#: sssd-ipa.5.xml:822 msgid "ldap_user_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:761 +#: sssd-ipa.5.xml:825 msgid "ldap_user_gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:764 +#: sssd-ipa.5.xml:828 msgid "ldap_user_home_directory" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:767 +#: sssd-ipa.5.xml:831 msgid "ldap_user_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:770 +#: sssd-ipa.5.xml:834 msgid "ldap_user_ssh_public_key" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:775 +#: sssd-ipa.5.xml:839 msgid "Default: ipaUserOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:781 +#: sssd-ipa.5.xml:845 msgid "ipa_group_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:784 +#: sssd-ipa.5.xml:848 msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:789 +#: sssd-ipa.5.xml:853 msgid "Group overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:792 +#: sssd-ipa.5.xml:856 msgid "ldap_group_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:795 +#: sssd-ipa.5.xml:859 msgid "ldap_group_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:800 +#: sssd-ipa.5.xml:864 msgid "Default: ipaGroupOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:684 +#: sssd-ipa.5.xml:748 msgid "" "SSSD can handle views and overrides which are offered by FreeIPA 4.1 and " "later version. Since all paths and objectclasses are fixed on the server " @@ -11708,12 +11808,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:812 +#: sssd-ipa.5.xml:876 msgid "SUBDOMAINS PROVIDER" msgstr "ANBIETER VON UNTER-DOMAINS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:814 +#: sssd-ipa.5.xml:878 msgid "" "The IPA subdomains provider behaves slightly differently if it is configured " "explicitly or implicitly." @@ -11722,7 +11822,7 @@ msgstr "" "ob er explizit oder implizit konfiguriert wurde." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:818 +#: sssd-ipa.5.xml:882 msgid "" "If the option 'subdomains_provider = ipa' is found in the domain section of " "sssd.conf, the IPA subdomains provider is configured explicitly, and all " @@ -11733,7 +11833,7 @@ msgstr "" "und alle Subdomain-Anfragen werden, falls nötig, an den IPA-Server gesandt." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:824 +#: sssd-ipa.5.xml:888 msgid "" "If the option 'subdomains_provider' is not set in the domain section of sssd." "conf but there is the option 'id_provider = ipa', the IPA subdomains " @@ -11752,12 +11852,12 @@ msgstr "" "online gegangen ist, wird der Subdomain-Anbieter erneut aktiviert." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:835 +#: sssd-ipa.5.xml:899 msgid "TRUSTED DOMAINS CONFIGURATION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:843 +#: sssd-ipa.5.xml:907 #, no-wrap msgid "" "[domain/ipa.domain.com/ad.domain.com]\n" @@ -11765,7 +11865,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:837 +#: sssd-ipa.5.xml:901 msgid "" "Some configuration options can also be set for a trusted domain. A trusted " "domain configuration can be set using the trusted domain subsection as shown " @@ -11775,80 +11875,80 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:848 +#: sssd-ipa.5.xml:912 msgid "" "For more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:855 +#: sssd-ipa.5.xml:919 msgid "" "Different configuration options are tunable for a trusted domain depending " "on whether you are configuring SSSD on an IPA server or an IPA client." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:860 +#: sssd-ipa.5.xml:924 msgid "OPTIONS TUNABLE ON IPA MASTERS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:862 +#: sssd-ipa.5.xml:926 msgid "" "The following options can be set in a subdomain section on an IPA master:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:866 sssd-ipa.5.xml:896 +#: sssd-ipa.5.xml:930 sssd-ipa.5.xml:960 msgid "ad_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:869 +#: sssd-ipa.5.xml:933 msgid "ad_backup_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:872 sssd-ipa.5.xml:899 +#: sssd-ipa.5.xml:936 sssd-ipa.5.xml:963 msgid "ad_site" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:875 +#: sssd-ipa.5.xml:939 msgid "ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:878 +#: sssd-ipa.5.xml:942 msgid "ldap_user_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:881 +#: sssd-ipa.5.xml:945 msgid "ldap_group_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:890 +#: sssd-ipa.5.xml:954 msgid "OPTIONS TUNABLE ON IPA CLIENTS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:892 +#: sssd-ipa.5.xml:956 msgid "" "The following options can be set in a subdomain section on an IPA client:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:904 +#: sssd-ipa.5.xml:968 msgid "" "Note that if both options are set, only <quote>ad_server</quote> is " "evaluated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:908 +#: sssd-ipa.5.xml:972 msgid "" "Since any request for a user or a group identity from a trusted domain " "triggered from an IPA client is resolved by the IPA server, the " @@ -11862,7 +11962,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:932 +#: sssd-ipa.5.xml:996 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -11874,7 +11974,7 @@ msgstr "" "Optionen von IPA." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:939 +#: sssd-ipa.5.xml:1003 #, no-wrap msgid "" "[domain/example.com]\n" @@ -13074,6 +13174,13 @@ msgstr "ldap_sudo_include_netgroups (Boolesch)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:1136 +#, fuzzy +#| msgid "This option can also be set per-domain." +msgid "This option is deprecated." +msgstr "Diese Option kann auch pro Domain gesetzt werden." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1139 msgid "" "If this option is set to <quote>true</quote> SSSD will not filter out Domain " "Local groups from remote domains in the AD forest. By default they are " @@ -13084,7 +13191,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1146 +#: sssd-ad.5.xml:1149 msgid "" "Please note that setting this option to <quote>true</quote> will be against " "the intention of Domain Local group in Active Directory and <emphasis>SHOULD " @@ -13099,7 +13206,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1162 +#: sssd-ad.5.xml:1165 msgid "" "Given the comments above, if this option is set to <quote>true</quote> the " "tokenGroups request must be disabled by setting <quote>ldap_use_tokengroups</" @@ -13111,7 +13218,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1185 +#: sssd-ad.5.xml:1188 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -13129,19 +13236,19 @@ msgstr "" "»dyndns_iface« angegeben wurde." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1215 +#: sssd-ad.5.xml:1218 msgid "Default: 3600 (seconds)" msgstr "Voreinstellung: 3600 (Sekunden)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1231 +#: sssd-ad.5.xml:1234 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1244 +#: sssd-ad.5.xml:1247 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -13151,7 +13258,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1394 +#: sssd-ad.5.xml:1461 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -13163,7 +13270,7 @@ msgstr "" "Optionen von AD." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1401 +#: sssd-ad.5.xml:1468 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -13187,7 +13294,7 @@ msgstr "" "ad_domain = example.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1421 +#: sssd-ad.5.xml:1488 #, no-wrap msgid "" "access_provider = ldap\n" @@ -13199,7 +13306,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1417 +#: sssd-ad.5.xml:1484 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -13210,7 +13317,7 @@ msgstr "" "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1427 +#: sssd-ad.5.xml:1494 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -13220,7 +13327,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1435 +#: sssd-ad.5.xml:1502 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -19438,9 +19545,14 @@ msgstr "" #. type: Content of: <refsect1><refsect2><para> #: include/ldap_id_mapping.xml:67 +#, fuzzy +#| msgid "" +#| "The SSSD ID-mapping algorithm takes a range of available UIDs and divides " +#| "it into equally-sized component sections - called \"slices\"-. Each slice " +#| "represents the space available to an Active Directory domain." msgid "" "The SSSD ID-mapping algorithm takes a range of available UIDs and divides it " -"into equally-sized component sections - called \"slices\"-. Each slice " +"into equally-sized component sections - called \"slices\". Each slice " "represents the space available to an Active Directory domain." msgstr "" "Der ID-Abbildungsalgorithmus von SSSD nimmt einen Bereich verfügbarer UIDs " @@ -19631,7 +19743,7 @@ msgid "" "For example, if your most recently-added Active Directory user has " "objectSid=S-1-5-21-2153326666-2176343378-3404031434-1107, " "<quote>ldap_idmap_range_size</quote> must be at least 1108 as range size is " -"equal to maximal SID minus minimal SID plus one (e.g. 1108 = 1107 - 0 + 1)." +"equal to maximal RID minus minimal RID plus one (e.g. 1108 = 1107 - 0 + 1)." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> diff --git a/src/man/po/es.po b/src/man/po/es.po index 40d7eac93f2..4bb1deb10d3 100644 --- a/src/man/po/es.po +++ b/src/man/po/es.po @@ -18,7 +18,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 2.3.0\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2024-10-15 11:44+0200\n" +"POT-Creation-Date: 2024-12-10 14:33+0100\n" "PO-Revision-Date: 2021-10-27 15:05+0000\n" "Last-Translator: Emilio Herrera <ehespinosa57@gmail.com>\n" "Language-Team: Spanish <https://translate.fedoraproject.org/projects/sssd/" @@ -155,20 +155,20 @@ msgstr "" #| "<filename>sssd.conf</filename> must be a regular file, owned by root and " #| "only root may read from or write to the file." msgid "" -"<filename>sssd.conf</filename> must be a regular file that is owned, " -"readable, and writeable by the same user as configured to run SSSD service." +"<filename>sssd.conf</filename> must be a regular file that is accessible " +"only by the user used to run SSSD service or root." msgstr "" "<filename>sssd.conf</filename> debe ser un archivo regular, cuyo dueño sea " "el usuario root, y sólo este usuario podrá tener permisos de lectura y " "escritura sobre él." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:67 +#: sssd.conf.5.xml:66 msgid "CONFIGURATION SNIPPETS FROM INCLUDE DIRECTORY" msgstr "FRAGMENTOS DE CONFIGURACIÓN DESDE EL DIRECTORIO INCLUDE" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:70 +#: sssd.conf.5.xml:69 #, fuzzy #| msgid "" #| "The configuration file <filename>sssd.conf</filename> will include " @@ -186,7 +186,7 @@ msgstr "" "libini versión 1.3.0 o posterior." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:76 +#: sssd.conf.5.xml:75 msgid "" "Any file placed in <filename>conf.d</filename> that ends in " "<quote><filename>.conf</filename></quote> and does not begin with a dot " @@ -199,7 +199,7 @@ msgstr "" "configurar SSSD." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:84 +#: sssd.conf.5.xml:83 msgid "" "The configuration snippets from <filename>conf.d</filename> have higher " "priority than <filename>sssd.conf</filename> and will override " @@ -220,7 +220,7 @@ msgstr "" "visualizar la prioridad (números mas altos significan prioridad más alta)." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:98 +#: sssd.conf.5.xml:97 #, fuzzy #| msgid "" #| "The snippet files require the same owner and permissions as " @@ -233,34 +233,34 @@ msgstr "" "<filename>sssd.conf</filename>. Que son por defecto root:root y 0600." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:104 +#: sssd.conf.5.xml:103 msgid "GENERAL OPTIONS" msgstr "OPCIONES GENERALES" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:106 +#: sssd.conf.5.xml:105 msgid "Following options are usable in more than one configuration sections." msgstr "" "Las siguientes opciones son útiles en más de una de las secciones de " "configuración." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:110 +#: sssd.conf.5.xml:109 msgid "Options usable in all sections" msgstr "Opciones utilizables en todas las secciones" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:114 +#: sssd.conf.5.xml:113 msgid "debug_level (integer)" msgstr "debug_level (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:118 +#: sssd.conf.5.xml:117 msgid "debug (integer)" msgstr "debug (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:121 +#: sssd.conf.5.xml:120 msgid "" "SSSD 1.14 and later also includes the <replaceable>debug</replaceable> alias " "for <replaceable>debug_level</replaceable> as a convenience feature. If both " @@ -273,12 +273,12 @@ msgstr "" "<replaceable>debug_level</replaceable>." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:131 +#: sssd.conf.5.xml:130 msgid "debug_timestamps (bool)" msgstr "debug_timestamps (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:134 +#: sssd.conf.5.xml:133 msgid "" "Add a timestamp to the debug messages. If journald is enabled for SSSD " "debug logging this option is ignored." @@ -287,23 +287,23 @@ msgstr "" "habilitado para el registro de la depuración SSSD esta opción se ignora." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 sssd.conf.5.xml:176 sssd.conf.5.xml:338 -#: sssd.conf.5.xml:698 sssd.conf.5.xml:713 sssd.conf.5.xml:923 -#: sssd.conf.5.xml:1041 sssd.conf.5.xml:2169 sssd-ldap.5.xml:920 -#: sssd-ldap.5.xml:1074 sssd-ldap.5.xml:1177 sssd-ldap.5.xml:1246 -#: sssd-ldap.5.xml:1654 sssd-ldap.5.xml:1788 sssd-ldap.5.xml:1853 -#: sssd-ipa.5.xml:347 sssd-ad.5.xml:252 sssd-ad.5.xml:367 sssd-ad.5.xml:1201 -#: sssd-ad.5.xml:1354 sssd-krb5.5.xml:358 +#: sssd.conf.5.xml:138 sssd.conf.5.xml:175 sssd.conf.5.xml:337 +#: sssd.conf.5.xml:701 sssd.conf.5.xml:716 sssd.conf.5.xml:926 +#: sssd.conf.5.xml:1044 sssd.conf.5.xml:2172 sssd-ldap.5.xml:931 +#: sssd-ldap.5.xml:1085 sssd-ldap.5.xml:1188 sssd-ldap.5.xml:1257 +#: sssd-ldap.5.xml:1665 sssd-ldap.5.xml:1799 sssd-ldap.5.xml:1864 +#: sssd-ipa.5.xml:361 sssd-ad.5.xml:252 sssd-ad.5.xml:367 sssd-ad.5.xml:1204 +#: sssd-ad.5.xml:1371 sssd-krb5.5.xml:358 msgid "Default: true" msgstr "Predeterminado: true" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:144 +#: sssd.conf.5.xml:143 msgid "debug_microseconds (bool)" msgstr "debug_microseconds (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:147 +#: sssd.conf.5.xml:146 msgid "" "Add microseconds to the timestamp in debug messages. If journald is enabled " "for SSSD debug logging this option is ignored." @@ -313,27 +313,27 @@ msgstr "" "se ignora." #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:152 sssd.conf.5.xml:636 sssd.conf.5.xml:920 -#: sssd.conf.5.xml:2072 sssd.conf.5.xml:2139 sssd.conf.5.xml:4231 -#: sssd-ldap.5.xml:313 sssd-ldap.5.xml:939 sssd-ldap.5.xml:1149 -#: sssd-ldap.5.xml:1603 sssd-ldap.5.xml:1877 sssd-ipa.5.xml:152 -#: sssd-ipa.5.xml:254 sssd-ipa.5.xml:662 sssd-ad.5.xml:1107 sssd-krb5.5.xml:268 +#: sssd.conf.5.xml:151 sssd.conf.5.xml:639 sssd.conf.5.xml:923 +#: sssd.conf.5.xml:2075 sssd.conf.5.xml:2142 sssd.conf.5.xml:4234 +#: sssd-ldap.5.xml:324 sssd-ldap.5.xml:950 sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1888 sssd-ipa.5.xml:152 +#: sssd-ipa.5.xml:254 sssd-ipa.5.xml:726 sssd-ad.5.xml:1107 sssd-krb5.5.xml:268 #: sssd-krb5.5.xml:330 sssd-krb5.5.xml:432 include/krb5_options.xml:163 msgid "Default: false" msgstr "Predeterminado: false" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:157 +#: sssd.conf.5.xml:156 msgid "debug_backtrace_enabled (bool)" msgstr "debug_backtrace_enabled (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:160 +#: sssd.conf.5.xml:159 msgid "Enable debug backtrace." msgstr "Habilita el seguimiento de depuración." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:163 +#: sssd.conf.5.xml:162 msgid "" "In case SSSD is run with debug_level less than 9, everything is logged to a " "ring buffer in memory and flushed to a log file on any error up to and " @@ -348,7 +348,7 @@ msgstr "" "una traza, de lo contrario hasta 2)." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:172 +#: sssd.conf.5.xml:171 msgid "" "Feature is only supported for `logger == files` (i.e. setting doesn't have " "effect for other logger types)." @@ -357,8 +357,8 @@ msgstr "" "configuración no tiene efecto para otro tipo de registros)." #. type: Content of: outside any tag (error?) -#: sssd.conf.5.xml:112 sssd.conf.5.xml:187 sssd-ldap.5.xml:1694 -#: sssd-ldap.5.xml:1900 sss-certmap.5.xml:645 sssd-systemtap.5.xml:82 +#: sssd.conf.5.xml:111 sssd.conf.5.xml:186 sssd-ldap.5.xml:1705 +#: sssd-ldap.5.xml:1911 sss-certmap.5.xml:645 sssd-systemtap.5.xml:82 #: sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 #: sssd-systemtap.5.xml:330 sssd-ldap-attributes.5.xml:40 #: sssd-ldap-attributes.5.xml:661 sssd-ldap-attributes.5.xml:803 @@ -370,17 +370,17 @@ msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:185 +#: sssd.conf.5.xml:184 msgid "Options usable in SERVICE and DOMAIN sections" msgstr "Opciones utilizables en las secciones SERVICIO y DOMINIO" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:189 +#: sssd.conf.5.xml:188 msgid "timeout (integer)" msgstr "timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:192 +#: sssd.conf.5.xml:191 msgid "" "Timeout in seconds between heartbeats for this service. This is used to " "ensure that the process is alive and capable of answering requests. Note " @@ -391,33 +391,33 @@ msgstr "" "Advierta que después de tres pulsaciones perdidas el servicio se terminará." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:199 sssd.conf.5.xml:1261 sssd.conf.5.xml:1738 -#: sssd.conf.5.xml:4247 sssd-ldap.5.xml:766 include/ldap_id_mapping.xml:270 +#: sssd.conf.5.xml:198 sssd.conf.5.xml:1264 sssd.conf.5.xml:1741 +#: sssd.conf.5.xml:4250 sssd-ldap.5.xml:777 include/ldap_id_mapping.xml:270 msgid "Default: 10" msgstr "Predeterminado: 10" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:209 +#: sssd.conf.5.xml:208 msgid "SPECIAL SECTIONS" msgstr "SECCIONES ESPECIALES" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:212 +#: sssd.conf.5.xml:211 msgid "The [sssd] section" msgstr "La sección [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><title> -#: sssd.conf.5.xml:221 +#: sssd.conf.5.xml:220 msgid "Section parameters" msgstr "Parámetros de sección" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:223 +#: sssd.conf.5.xml:222 msgid "services" msgstr "servicios" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:226 +#: sssd.conf.5.xml:225 msgid "" "Comma separated list of services that are started when sssd itself starts. " "<phrase condition=\"have_systemd\"> The services' list is optional on " @@ -430,7 +430,7 @@ msgstr "" "serán enchufados o activado D-Bus cuando sea necesario. </phrase>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:235 +#: sssd.conf.5.xml:234 #, fuzzy #| msgid "" #| "Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</" @@ -451,7 +451,7 @@ msgstr "" "condition=\"with_ifp\">, ifp</phrase>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:242 +#: sssd.conf.5.xml:241 msgid "" "<phrase condition=\"have_systemd\"> By default, all services are disabled " "and the administrator must enable the ones allowed to be used by executing: " @@ -462,12 +462,12 @@ msgstr "" "usen para ejecución: \"systemctl enable sssd-@service@.socket\". </phrase>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:251 +#: sssd.conf.5.xml:250 msgid "domains" msgstr "dominios" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:254 +#: sssd.conf.5.xml:253 msgid "" "A domain is a database containing user information. SSSD can use more " "domains at the same time, but at least one must be configured or SSSD won't " @@ -484,12 +484,12 @@ msgstr "" "\"/\" está prohibido." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:267 sssd.conf.5.xml:3535 +#: sssd.conf.5.xml:266 sssd.conf.5.xml:3538 msgid "re_expression (string)" msgstr "re_expression (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:270 +#: sssd.conf.5.xml:269 msgid "" "Default regular expression that describes how to parse the string containing " "user name and domain into these components." @@ -498,7 +498,7 @@ msgstr "" "contiene el nombre de usuario y el dominio en estos componentes." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:275 +#: sssd.conf.5.xml:274 msgid "" "Each domain can have an individual regular expression configured. For some " "ID providers there are also default regular expressions. See DOMAIN SECTIONS " @@ -509,12 +509,12 @@ msgstr "" "las SECCIONES DOMINIO para mas información sobre estas expresiones regulares." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:284 sssd.conf.5.xml:3592 +#: sssd.conf.5.xml:283 sssd.conf.5.xml:3595 msgid "full_name_format (string)" msgstr "full_name_format (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:3595 +#: sssd.conf.5.xml:286 sssd.conf.5.xml:3598 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -526,33 +526,33 @@ msgstr "" "dominio." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:298 sssd.conf.5.xml:3606 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:3609 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 sssd.conf.5.xml:3607 +#: sssd.conf.5.xml:298 sssd.conf.5.xml:3610 msgid "user name" msgstr "nombre de usuario" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:302 sssd.conf.5.xml:3610 +#: sssd.conf.5.xml:301 sssd.conf.5.xml:3613 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:305 sssd.conf.5.xml:3613 +#: sssd.conf.5.xml:304 sssd.conf.5.xml:3616 msgid "domain name as specified in the SSSD config file." msgstr "" "nombre de dominio como se especifica en el fichero de configuración SSSD" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:311 sssd.conf.5.xml:3619 +#: sssd.conf.5.xml:310 sssd.conf.5.xml:3622 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:314 sssd.conf.5.xml:3622 +#: sssd.conf.5.xml:313 sssd.conf.5.xml:3625 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." @@ -562,7 +562,7 @@ msgstr "" "medio de IPA de confianza." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:295 sssd.conf.5.xml:3603 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:3606 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -571,7 +571,7 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:324 +#: sssd.conf.5.xml:323 msgid "" "Each domain can have an individual format string configured. See DOMAIN " "SECTIONS for more info on this option." @@ -580,12 +580,12 @@ msgstr "" "SECCIONES DOMINIO para más información sobre esta opción." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:330 +#: sssd.conf.5.xml:329 msgid "monitor_resolv_conf (boolean)" msgstr "monitor_resolv_conf (booleano)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:333 +#: sssd.conf.5.xml:332 msgid "" "Controls if SSSD should monitor the state of resolv.conf to identify when it " "needs to update its internal DNS resolver." @@ -594,12 +594,12 @@ msgstr "" "cuando necesita actualizar su interfaz de resolución DNS interno." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:343 +#: sssd.conf.5.xml:342 msgid "try_inotify (boolean)" msgstr "try_inotify (boolean)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:346 +#: sssd.conf.5.xml:345 msgid "" "By default, SSSD will attempt to use inotify to monitor configuration files " "changes and will fall back to polling every five seconds if inotify cannot " @@ -610,7 +610,7 @@ msgstr "" "no puede ser usado." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:352 +#: sssd.conf.5.xml:351 msgid "" "There are some limited situations where it is preferred that we should skip " "even trying to use inotify. In these rare cases, this option should be set " @@ -621,7 +621,7 @@ msgstr "" "'false' " #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:358 +#: sssd.conf.5.xml:357 msgid "" "Default: true on platforms where inotify is supported. False on other " "platforms." @@ -630,7 +630,7 @@ msgstr "" "en el resto de las plataformas." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:362 +#: sssd.conf.5.xml:361 msgid "" "Note: this option will have no effect on platforms where inotify is " "unavailable. On these platforms, polling will always be used." @@ -640,12 +640,12 @@ msgstr "" "utilizada siempre." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 +#: sssd.conf.5.xml:368 msgid "krb5_rcache_dir (string)" msgstr "krb5_rcache_dir (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 +#: sssd.conf.5.xml:371 msgid "" "Directory on the filesystem where SSSD should store Kerberos replay cache " "files." @@ -654,7 +654,7 @@ msgstr "" "reproducción de cache de Kerberos." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:376 +#: sssd.conf.5.xml:375 msgid "" "This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " "SSSD to let libkrb5 decide the appropriate location for the replay cache." @@ -664,7 +664,7 @@ msgstr "" "de respuesta." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:382 +#: sssd.conf.5.xml:381 msgid "" "Default: Distribution-specific and specified at build-time. " "(__LIBKRB5_DEFAULTS__ if not configured)" @@ -673,12 +673,12 @@ msgstr "" "tiempo. (si no se configura __LIBKRB5_DEFAULTS__)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:389 +#: sssd.conf.5.xml:388 msgid "user (string)" msgstr "usuario (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:392 +#: sssd.conf.5.xml:391 msgid "" "A legacy (deprecated) method to configure the user to drop the privileges to " "where appropriate to avoid running as the root user. The only supported " @@ -686,14 +686,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 +#: sssd.conf.5.xml:398 msgid "" "This option is ignored if main SSSD process is started under non-root user " "initially (preferred method)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:404 +#: sssd.conf.5.xml:403 msgid "" "This option doesn't apply to socket activated services, as in this case the " "user to run the processes is configured in systemd service files. Keep in " @@ -703,17 +703,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:415 +#: sssd.conf.5.xml:414 msgid "Default: not set, process will run as root" msgstr "Por defecto: no ajustado, los procesos correrán como root" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:420 +#: sssd.conf.5.xml:419 msgid "default_domain_suffix (string)" msgstr "default_domain_suffix (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:423 +#: sssd.conf.5.xml:422 +msgid "" +"Please note that this option is deprecated and domain_resolution_order " +"should be used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:426 msgid "" "This string will be used as a default domain name for all names without a " "domain name component. The main use case is environments where the primary " @@ -729,7 +736,7 @@ msgstr "" "usuario sin dar también un nombre de dominio." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 +#: sssd.conf.5.xml:436 #, fuzzy #| msgid "" #| "Please note that if this option is set all users from the primary domain " @@ -761,8 +768,8 @@ msgstr "" "cuando se use la opción default_domain_suffix." #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:450 sssd-ldap.5.xml:878 sssd-ldap.5.xml:890 -#: sssd-ldap.5.xml:983 sssd-ad.5.xml:921 sssd-ad.5.xml:996 sssd-krb5.5.xml:468 +#: sssd.conf.5.xml:453 sssd-ldap.5.xml:889 sssd-ldap.5.xml:901 +#: sssd-ldap.5.xml:994 sssd-ad.5.xml:921 sssd-ad.5.xml:996 sssd-krb5.5.xml:468 #: sssd-ldap-attributes.5.xml:470 sssd-ldap-attributes.5.xml:978 #: include/ldap_id_mapping.xml:211 include/ldap_id_mapping.xml:222 #: include/krb5_options.xml:148 @@ -770,12 +777,12 @@ msgid "Default: not set" msgstr "Predeterminado: no definido" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:455 +#: sssd.conf.5.xml:458 msgid "override_space (string)" msgstr "override_space (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:458 +#: sssd.conf.5.xml:461 msgid "" "This parameter will replace spaces (space bar) with the given character for " "user and group names. e.g. (_). User name "john doe" will be " @@ -791,7 +798,7 @@ msgstr "" "predeterminado en el shell." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:467 +#: sssd.conf.5.xml:470 msgid "" "Please note it is a configuration error to use a replacement character that " "might be used in user or group names. If a name contains the replacement " @@ -804,22 +811,22 @@ msgstr "" "no modificado pero en general el resultado de la búsqueda es indefinido." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:475 +#: sssd.conf.5.xml:478 msgid "Default: not set (spaces will not be replaced)" msgstr "Por defecto: no ajustado (los espacios no serán reemplazados)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:480 +#: sssd.conf.5.xml:483 msgid "certificate_verification (string)" msgstr "certificate_verification (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:488 +#: sssd.conf.5.xml:491 msgid "no_ocsp" msgstr "no_ocsp" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:490 +#: sssd.conf.5.xml:493 msgid "" "Disables Online Certificate Status Protocol (OCSP) checks. This might be " "needed if the OCSP servers defined in the certificate are not reachable from " @@ -830,12 +837,12 @@ msgstr "" "certificado no son alcanzables por el cliente." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:498 +#: sssd.conf.5.xml:501 msgid "soft_ocsp" msgstr "soft_ocsp" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:500 +#: sssd.conf.5.xml:503 msgid "" "If a connection cannot be established to an OCSP responder the OCSP check is " "skipped. This option should be used to allow authentication when the system " @@ -847,12 +854,12 @@ msgstr "" "puede ser alcanzado." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:510 +#: sssd.conf.5.xml:513 msgid "ocsp_dgst" msgstr "ocsp_dgst" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:512 +#: sssd.conf.5.xml:515 msgid "" "Digest (hash) function used to create the certificate ID for the OCSP " "request. Allowed values are:" @@ -861,39 +868,39 @@ msgstr "" "petición OCSP. Los valores permitidos son:" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:516 +#: sssd.conf.5.xml:519 msgid "sha1" msgstr "sha1" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:517 +#: sssd.conf.5.xml:520 msgid "sha256" msgstr "sha256" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:518 +#: sssd.conf.5.xml:521 msgid "sha384" msgstr "sha384" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:519 +#: sssd.conf.5.xml:522 msgid "sha512" msgstr "sha512" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:522 +#: sssd.conf.5.xml:525 msgid "Default: sha1 (to allow compatibility with RFC5019-compliant responder)" msgstr "" "Predeterminado: sha1 (para permitir la compatibilidad con el contestador que " "cumple el RFC50190)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:528 +#: sssd.conf.5.xml:531 msgid "no_verification" msgstr "no_verification" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:530 +#: sssd.conf.5.xml:533 msgid "" "Disables verification completely. This option should only be used for " "testing." @@ -902,12 +909,12 @@ msgstr "" "para pruebas." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:536 +#: sssd.conf.5.xml:539 msgid "partial_chain" msgstr "partial_chain" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:538 +#: sssd.conf.5.xml:541 msgid "" "Allow verification to succeed even if a <replaceable>complete</replaceable> " "chain cannot be built to a self-signed trust-anchor, provided it is possible " @@ -919,12 +926,12 @@ msgstr "" "que puede no estar autofirmado." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:547 +#: sssd.conf.5.xml:550 msgid "ocsp_default_responder=URL" msgstr "ocsp_default_responder=URL" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:549 +#: sssd.conf.5.xml:552 msgid "" "Sets the OCSP default responder which should be used instead of the one " "mentioned in the certificate. URL must be replaced with the URL of the OCSP " @@ -935,12 +942,12 @@ msgstr "" "OCSP por defecto e.g. http://example.com:80/ocsp." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:559 +#: sssd.conf.5.xml:562 msgid "ocsp_default_responder_signing_cert=NAME" msgstr "ocsp_default_responder_signing_cert=NAME" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:561 +#: sssd.conf.5.xml:564 msgid "" "This option is currently ignored. All needed certificates must be available " "in the PEM file given by pam_cert_db_path." @@ -949,12 +956,12 @@ msgstr "" "estar disponibles en el fichero PEM indicado por pam_cert_db_path." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:569 +#: sssd.conf.5.xml:572 msgid "crl_file=/PATH/TO/CRL/FILE" msgstr "crl_file=/PATH/TO/CRL/FILE" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:571 +#: sssd.conf.5.xml:574 msgid "" "Use the Certificate Revocation List (CRL) from the given file during the " "verification of the certificate. The CRL must be given in PEM format, see " @@ -967,12 +974,12 @@ msgstr "" "<manvolnum>1ssl</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:584 +#: sssd.conf.5.xml:587 msgid "soft_crl" msgstr "soft_crl" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:587 +#: sssd.conf.5.xml:590 #, fuzzy #| msgid "" #| "If a Certificate Revocation List (CRL) is expired ignore the CRL checks " @@ -990,7 +997,7 @@ msgstr "" "linea y la CRL no puede ser renovada." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:483 +#: sssd.conf.5.xml:486 msgid "" "With this parameter the certificate verification can be tuned with a comma " "separated list of options. Supported options are: <placeholder " @@ -1001,23 +1008,23 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 +#: sssd.conf.5.xml:603 msgid "Unknown options are reported but ignored." msgstr "Se informa de las opciones desconocidas pero son ignoradas." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:603 +#: sssd.conf.5.xml:606 msgid "Default: not set, i.e. do not restrict certificate verification" msgstr "" "Por defecto: no fijado, i.e. no restringe la verificación de certificado" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:609 +#: sssd.conf.5.xml:612 msgid "disable_netlink (boolean)" msgstr "disable_netlink (boolean)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:612 +#: sssd.conf.5.xml:615 msgid "" "SSSD hooks into the netlink interface to monitor changes to routes, " "addresses, links and trigger certain actions." @@ -1026,7 +1033,7 @@ msgstr "" "rutas, direcciones, enlaces y disparar ciertas acciones." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 +#: sssd.conf.5.xml:620 msgid "" "The SSSD state changes caused by netlink events may be undesirable and can " "be disabled by setting this option to 'true'" @@ -1036,17 +1043,17 @@ msgstr "" "'true'" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:622 +#: sssd.conf.5.xml:625 msgid "Default: false (netlink changes are detected)" msgstr "Predeterminado: false (se detectan los cambio de enlace de red)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:627 +#: sssd.conf.5.xml:630 msgid "enable_files_domain (boolean)" msgstr "enable_files_domain (boolean)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:630 +#: sssd.conf.5.xml:633 msgid "" "When this option is enabled, SSSD prepends an implicit domain with " "<quote>id_provider=files</quote> before any explicitly configured domains." @@ -1056,12 +1063,12 @@ msgstr "" "configurado." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:641 +#: sssd.conf.5.xml:644 msgid "domain_resolution_order" msgstr "domain_resolution_order" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:644 +#: sssd.conf.5.xml:647 msgid "" "Comma separated list of domains and subdomains representing the lookup order " "that will be followed. The list doesn't have to include all possible " @@ -1078,7 +1085,7 @@ msgstr "" "serán buscados en un orden aleatorio por cada dominio padre." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:656 +#: sssd.conf.5.xml:659 #, fuzzy #| msgid "" #| "Please, note that when this option is set the output format of all " @@ -1125,20 +1132,20 @@ msgstr "" "casos donde los nombres de usuarios se deben compartir entre dominios." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:684 sssd.conf.5.xml:1762 sssd.conf.5.xml:4297 +#: sssd.conf.5.xml:687 sssd.conf.5.xml:1765 sssd.conf.5.xml:4300 #: sssd-ad.5.xml:187 sssd-ad.5.xml:328 sssd-ad.5.xml:342 msgid "Default: Not set" msgstr "Por defecto: No definido" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:692 #, fuzzy #| msgid "ad_gpo_implicit_deny (boolean)" msgid "implicit_pac_responder (boolean)" msgstr "ad_gpo_implicit_deny (booleano)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 +#: sssd.conf.5.xml:695 msgid "" "The PAC responder is enabled automatically for the IPA and AD provider to " "evaluate and check the PAC. If it has to be disabled set this option to " @@ -1146,14 +1153,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:703 +#: sssd.conf.5.xml:706 #, fuzzy #| msgid "ad_gpo_ignore_unreadable (boolean)" msgid "core_dumpable (boolean)" msgstr "ad_gpo_ignore_unreadable (booleano)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:706 +#: sssd.conf.5.xml:709 msgid "" "This option can be used for general system hardening: setting it to 'false' " "forbids core dumps for all SSSD processes to avoid leaking plain text " @@ -1161,28 +1168,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:718 +#: sssd.conf.5.xml:721 #, fuzzy #| msgid "certificate_verification (string)" msgid "passkey_verification (string)" msgstr "certificate_verification (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:726 +#: sssd.conf.5.xml:729 #, fuzzy #| msgid "certificate_verification (string)" msgid "user_verification (boolean)" msgstr "certificate_verification (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 +#: sssd.conf.5.xml:731 msgid "" "Enable or disable the user verification (i.e. PIN, fingerprint) during " "authentication. If enabled, the PIN will always be requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 +#: sssd.conf.5.xml:737 msgid "" "The default is that the key settings decide what to do. In the IPA or " "kerberos pre-authentication case, this value will be overwritten by the " @@ -1190,7 +1197,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:721 +#: sssd.conf.5.xml:724 #, fuzzy #| msgid "" #| "With this parameter the certificate verification can be tuned with a " @@ -1206,7 +1213,7 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:214 +#: sssd.conf.5.xml:213 msgid "" "Individual pieces of SSSD functionality are provided by special SSSD " "services that are started and stopped together with SSSD. The services are " @@ -1223,12 +1230,12 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:753 +#: sssd.conf.5.xml:756 msgid "SERVICES SECTIONS" msgstr "SECCIONES DE SERVICIOS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:755 +#: sssd.conf.5.xml:758 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -1241,22 +1248,22 @@ msgstr "" "sección sería <quote>[nss]</quote>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:762 +#: sssd.conf.5.xml:765 msgid "General service configuration options" msgstr "Opciones de configuración de servicios generales" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:764 +#: sssd.conf.5.xml:767 msgid "These options can be used to configure any service." msgstr "Estas opciones pueden usarse para configurar cualquier servicio." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:768 +#: sssd.conf.5.xml:771 msgid "fd_limit" msgstr "fd_limit" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:771 +#: sssd.conf.5.xml:774 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -1271,17 +1278,17 @@ msgstr "" "valor más bajo de este o de limite “hard” en limits.conf." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:780 +#: sssd.conf.5.xml:783 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "Por defecto: 8192 (o limite “hard” en limits.conf)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:785 +#: sssd.conf.5.xml:788 msgid "client_idle_timeout" msgstr "client_idle_timeout" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:788 +#: sssd.conf.5.xml:791 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " @@ -1296,17 +1303,17 @@ msgstr "" "configura un valor más bajo será ajustado a 10 segundos." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:797 +#: sssd.conf.5.xml:800 msgid "Default: 60, KCM: 300" msgstr "Predeterminado: 60, KCM: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 +#: sssd.conf.5.xml:805 msgid "offline_timeout (integer)" msgstr "offline_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 +#: sssd.conf.5.xml:808 msgid "" "When SSSD switches to offline mode the amount of time before it tries to go " "back online will increase based upon the time spent disconnected. By " @@ -1324,7 +1331,7 @@ msgstr "" "nuevo intervalo se calcula mediante lo siguiente:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:816 sssd.conf.5.xml:872 +#: sssd.conf.5.xml:819 sssd.conf.5.xml:875 msgid "" "new_delay = Minimum(old_delay * 2, offline_timeout_max) + random[0..." "offline_timeout_random_offset]" @@ -1333,7 +1340,7 @@ msgstr "" "offline_timeout_random_offset]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:822 msgid "" "The offline_timeout default value is 60. The offline_timeout_max default " "value is 3600. The offline_timeout_random_offset default value is 30. The " @@ -1345,46 +1352,46 @@ msgstr "" "segundos antes del próximo reintento." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:825 +#: sssd.conf.5.xml:828 msgid "" "Note that the maximum length of each interval is defined by " "offline_timeout_max (apart of random part)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:829 sssd.conf.5.xml:1172 sssd.conf.5.xml:1555 -#: sssd.conf.5.xml:1851 sssd-ldap.5.xml:495 +#: sssd.conf.5.xml:832 sssd.conf.5.xml:1175 sssd.conf.5.xml:1558 +#: sssd.conf.5.xml:1854 sssd-ldap.5.xml:506 msgid "Default: 60" msgstr "Predeterminado: 60" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:834 +#: sssd.conf.5.xml:837 #, fuzzy #| msgid "offline_timeout (integer)" msgid "offline_timeout_max (integer)" msgstr "offline_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:837 +#: sssd.conf.5.xml:840 msgid "" "Controls by how much the time between attempts to go online can be " "incremented following unsuccessful attempts to go online." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:842 +#: sssd.conf.5.xml:845 msgid "A value of 0 disables the incrementing behaviour." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:845 +#: sssd.conf.5.xml:848 msgid "" "The value of this parameter should be set in correlation to offline_timeout " "parameter value." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:849 +#: sssd.conf.5.xml:852 msgid "" "With offline_timeout set to 60 (default value) there is no point in setting " "offlinet_timeout_max to less than 120 as it will saturate instantly. General " @@ -1393,66 +1400,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:858 msgid "" "Although a value between 0 and offline_timeout may be specified, it has the " "effect of overriding the offline_timeout value so is of little use." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:863 #, fuzzy #| msgid "Default: 300" msgid "Default: 3600" msgstr "Predeterminado: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:865 +#: sssd.conf.5.xml:868 #, fuzzy #| msgid "offline_timeout + random_offset" msgid "offline_timeout_random_offset (integer)" msgstr "offline_timeout + random_offset" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:868 +#: sssd.conf.5.xml:871 msgid "" "When SSSD is in offline mode it keeps probing backend servers in specified " "time intervals:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:875 +#: sssd.conf.5.xml:878 msgid "" "This parameter controls the value of the random offset used for the above " "equation. Final random_offset value will be random number in range:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:880 +#: sssd.conf.5.xml:883 #, fuzzy #| msgid "offline_timeout + random_offset" msgid "[0 - offline_timeout_random_offset]" msgstr "offline_timeout + random_offset" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:883 +#: sssd.conf.5.xml:886 msgid "A value of 0 disables the random offset addition." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:886 +#: sssd.conf.5.xml:889 #, fuzzy #| msgid "Default: 300" msgid "Default: 30" msgstr "Predeterminado: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:894 msgid "responder_idle_timeout" msgstr "responder_idle_timeout" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:894 +#: sssd.conf.5.xml:897 msgid "" "This option specifies the number of seconds that an SSSD responder process " "can be up without being used. This value is limited in order to avoid " @@ -1471,18 +1478,18 @@ msgstr "" "los servicios activados son socket o D-Bus." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:908 sssd.conf.5.xml:1185 sssd.conf.5.xml:2304 -#: sssd-ldap.5.xml:332 +#: sssd.conf.5.xml:911 sssd.conf.5.xml:1188 sssd.conf.5.xml:2307 +#: sssd-ldap.5.xml:343 msgid "Default: 300" msgstr "Predeterminado: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:913 +#: sssd.conf.5.xml:916 msgid "cache_first" msgstr "cache_first" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:916 +#: sssd.conf.5.xml:919 msgid "" "This option specifies whether the responder should query all caches before " "querying the Data Providers." @@ -1491,12 +1498,12 @@ msgstr "" "de consultar a los Proveedores de Datos." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:934 msgid "NSS configuration options" msgstr "Opciones de configuración de NSS" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:933 +#: sssd.conf.5.xml:936 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" @@ -1504,12 +1511,12 @@ msgstr "" "Switch (NSS)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:938 +#: sssd.conf.5.xml:941 msgid "enum_cache_timeout (integer)" msgstr "enum_cache_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:941 +#: sssd.conf.5.xml:944 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" @@ -1518,17 +1525,17 @@ msgstr "" "sobre todos los usuarios)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:945 +#: sssd.conf.5.xml:948 msgid "Default: 120" msgstr "Predeterminado: 120" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:950 +#: sssd.conf.5.xml:953 msgid "entry_cache_nowait_percentage (integer)" msgstr "entry_cache_nowait_percentage (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:956 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -1539,7 +1546,7 @@ msgstr "" "valor de entry_cache_timeout para el dominio." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:959 +#: sssd.conf.5.xml:962 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -1555,7 +1562,7 @@ msgstr "" "actualización del cache." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:969 +#: sssd.conf.5.xml:972 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -1568,17 +1575,17 @@ msgstr "" "segundos. (0 deshabilita esta función)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:977 sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:980 sssd.conf.5.xml:2096 msgid "Default: 50" msgstr "Predeterminado: 50" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:985 msgid "entry_negative_timeout (integer)" msgstr "entry_negative_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:985 +#: sssd.conf.5.xml:988 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -1589,17 +1596,17 @@ msgstr "" "entradas no existentes) antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:991 sssd.conf.5.xml:1750 sssd.conf.5.xml:2117 +#: sssd.conf.5.xml:994 sssd.conf.5.xml:1753 sssd.conf.5.xml:2120 msgid "Default: 15" msgstr "Predeterminado: 15" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:996 +#: sssd.conf.5.xml:999 msgid "local_negative_timeout (integer)" msgstr "local_negative_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:999 +#: sssd.conf.5.xml:1002 msgid "" "Specifies for how many seconds nss_sss should keep local users and groups in " "negative cache before trying to look it up in the back end again. Setting " @@ -1610,17 +1617,17 @@ msgstr "" "otra vez. Fijando la opción a 0 deshabilita esta característica." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1005 +#: sssd.conf.5.xml:1008 msgid "Default: 14400 (4 hours)" msgstr "Por defecto: 14400 (4 horas)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1013 msgid "filter_users, filter_groups (string)" msgstr "filter_users, filter_groups (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1013 +#: sssd.conf.5.xml:1016 msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " @@ -1634,7 +1641,7 @@ msgstr "" "usuario (UPN)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1024 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1647,17 +1654,17 @@ msgstr "" "filtrado mantendrá los usuarios miembros del listado posterior." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1029 +#: sssd.conf.5.xml:1032 msgid "Default: root" msgstr "Predeterminado: root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1037 msgid "filter_users_in_groups (bool)" msgstr "filter_users_in_groups (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1037 +#: sssd.conf.5.xml:1040 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" @@ -1665,12 +1672,12 @@ msgstr "" "opción a false." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1048 +#: sssd.conf.5.xml:1051 msgid "fallback_homedir (string)" msgstr "fallback_homedir (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 +#: sssd.conf.5.xml:1054 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." @@ -1679,7 +1686,7 @@ msgstr "" "especificado una explícitamente por el proveedor de datos del dominio." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1056 +#: sssd.conf.5.xml:1059 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" @@ -1687,7 +1694,7 @@ msgstr "" "override_homedir." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1062 +#: sssd.conf.5.xml:1065 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1697,24 +1704,24 @@ msgstr "" " " #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 sssd.conf.5.xml:1622 sssd.conf.5.xml:1641 -#: sssd.conf.5.xml:1718 sssd-krb5.5.xml:451 include/override_homedir.xml:66 +#: sssd.conf.5.xml:1063 sssd.conf.5.xml:1625 sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1721 sssd-krb5.5.xml:451 include/override_homedir.xml:66 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "ejemplo: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1069 msgid "Default: not set (no substitution for unset home directories)" msgstr "" "Por defecto: no fijado (sin sustitución para los directorios home no fijados)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1072 +#: sssd.conf.5.xml:1075 msgid "override_shell (string)" msgstr "override_shell (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 +#: sssd.conf.5.xml:1078 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1725,17 +1732,17 @@ msgstr "" "la sección [nss] o por dominio." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1084 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "Por defecto: no fijado (SSSD usará el valor recuperado desde LDAP)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1090 msgid "allowed_shells (string)" msgstr "allowed_shells (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1093 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" @@ -1743,12 +1750,12 @@ msgstr "" "evaluación es:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:1096 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "1. Si el shell está presente en <quote>/etc/shells</quote>, se usa." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1097 +#: sssd.conf.5.xml:1100 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." @@ -1757,7 +1764,7 @@ msgstr "" "shells</quote>, usa el valor del parámetro shell_fallback." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1105 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." @@ -1766,12 +1773,12 @@ msgstr "" "shells</quote>, se usará un shell de no acceso." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 +#: sssd.conf.5.xml:1110 msgid "The wildcard (*) can be used to allow any shell." msgstr "Se puede usar el comodín (*) para permitir cualquier shell." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1110 +#: sssd.conf.5.xml:1113 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1782,12 +1789,12 @@ msgstr "" "los shells permitidos en allowed_shells estuviera llena." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1117 +#: sssd.conf.5.xml:1120 msgid "An empty string for shell is passed as-is to libc." msgstr "Una cadena vacía para el shell se pasa como-es a libc." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1123 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." @@ -1797,27 +1804,27 @@ msgstr "" "una nueva shell." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1127 msgid "Default: Not set. The user shell is automatically used." msgstr "Por defecto: No fijado. La shell del usuario se usa automáticamente." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1132 msgid "vetoed_shells (string)" msgstr "vetoed_shells (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1132 +#: sssd.conf.5.xml:1135 msgid "Replace any instance of these shells with the shell_fallback" msgstr "Reemplaza cualquier instancia de estos shells con shell_fallback" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1140 msgid "shell_fallback (string)" msgstr "shell_fallback (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1143 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" @@ -1825,17 +1832,17 @@ msgstr "" "máquina." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1147 msgid "Default: /bin/sh" msgstr "Predeterminado: /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1152 msgid "default_shell" msgstr "default_shell" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1155 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." @@ -1845,7 +1852,7 @@ msgstr "" "o por dominio." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1161 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" @@ -1855,12 +1862,12 @@ msgstr "" "normalmente /bin/sh)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 sssd.conf.5.xml:1548 +#: sssd.conf.5.xml:1168 sssd.conf.5.xml:1551 msgid "get_domains_timeout (int)" msgstr "get_domains_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 sssd.conf.5.xml:1551 +#: sssd.conf.5.xml:1171 sssd.conf.5.xml:1554 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." @@ -1869,14 +1876,14 @@ msgstr "" "considerada válida." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1180 #, fuzzy #| msgid "enum_cache_timeout (integer)" msgid "memcache_timeout (integer)" msgstr "enum_cache_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1180 +#: sssd.conf.5.xml:1183 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." @@ -1885,7 +1892,7 @@ msgstr "" "cache serán validos. Fijando esta opción o cero deshabilita la memoria cache." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1191 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." @@ -1895,8 +1902,8 @@ msgstr "" "pruebas." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 sssd.conf.5.xml:1219 sssd.conf.5.xml:1244 -#: sssd.conf.5.xml:1269 sssd.conf.5.xml:1296 +#: sssd.conf.5.xml:1197 sssd.conf.5.xml:1222 sssd.conf.5.xml:1247 +#: sssd.conf.5.xml:1272 sssd.conf.5.xml:1299 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." @@ -1905,14 +1912,14 @@ msgstr "" "las aplicaciones clientes no usaran la memoria cache rápida." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1202 +#: sssd.conf.5.xml:1205 #, fuzzy #| msgid "enum_cache_timeout (integer)" msgid "memcache_size_passwd (integer)" msgstr "enum_cache_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1205 +#: sssd.conf.5.xml:1208 #, fuzzy #| msgid "" #| "Specifies time in seconds for which records in the in-memory cache will " @@ -1926,13 +1933,13 @@ msgstr "" "cache serán validos. Fijando esta opción o cero deshabilita la memoria cache." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:2963 sssd-ldap.5.xml:549 +#: sssd.conf.5.xml:1214 sssd.conf.5.xml:2966 sssd-ldap.5.xml:560 msgid "Default: 8" msgstr "Predeterminado: 8" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1214 sssd.conf.5.xml:1239 sssd.conf.5.xml:1264 -#: sssd.conf.5.xml:1291 +#: sssd.conf.5.xml:1217 sssd.conf.5.xml:1242 sssd.conf.5.xml:1267 +#: sssd.conf.5.xml:1294 #, fuzzy #| msgid "" #| "WARNING: Disabling the in-memory cache will have significant negative " @@ -1946,14 +1953,14 @@ msgstr "" "pruebas." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1230 #, fuzzy #| msgid "enum_cache_timeout (integer)" msgid "memcache_size_group (integer)" msgstr "enum_cache_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1233 #, fuzzy #| msgid "" #| "Specifies time in seconds for which records in the in-memory cache will " @@ -1967,21 +1974,21 @@ msgstr "" "cache serán validos. Fijando esta opción o cero deshabilita la memoria cache." #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1236 sssd.conf.5.xml:1288 sssd.conf.5.xml:3724 -#: sssd-ldap.5.xml:474 sssd-ldap.5.xml:526 include/failover.xml:116 +#: sssd.conf.5.xml:1239 sssd.conf.5.xml:1291 sssd.conf.5.xml:3727 +#: sssd-ldap.5.xml:485 sssd-ldap.5.xml:537 include/failover.xml:116 #: include/krb5_options.xml:11 msgid "Default: 6" msgstr "Predeterminado: 6" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1252 +#: sssd.conf.5.xml:1255 #, fuzzy #| msgid "enum_cache_timeout (integer)" msgid "memcache_size_initgroups (integer)" msgstr "enum_cache_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1255 +#: sssd.conf.5.xml:1258 #, fuzzy #| msgid "" #| "Specifies time in seconds for which records in the in-memory cache will " @@ -1995,14 +2002,14 @@ msgstr "" "cache serán validos. Fijando esta opción o cero deshabilita la memoria cache." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 +#: sssd.conf.5.xml:1280 #, fuzzy #| msgid "enum_cache_timeout (integer)" msgid "memcache_size_sid (integer)" msgstr "enum_cache_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 +#: sssd.conf.5.xml:1283 #, fuzzy #| msgid "" #| "Specifies time in seconds for which records in the in-memory cache will " @@ -2017,12 +2024,12 @@ msgstr "" "cache serán validos. Fijando esta opción o cero deshabilita la memoria cache." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1304 sssd-ifp.5.xml:90 +#: sssd.conf.5.xml:1307 sssd-ifp.5.xml:90 msgid "user_attributes (string)" msgstr "user_attributes (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1307 +#: sssd.conf.5.xml:1310 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -2040,7 +2047,7 @@ msgstr "" "predeterminados." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1320 +#: sssd.conf.5.xml:1323 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." @@ -2049,17 +2056,17 @@ msgstr "" "opción InfoPipe si no está fijada para el contestador NSS." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1325 +#: sssd.conf.5.xml:1328 msgid "Default: not set, fallback to InfoPipe option" msgstr "Por defecto: no ajustada, retroceder a opción InfoPipe" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1330 +#: sssd.conf.5.xml:1333 msgid "pwfield (string)" msgstr "pwfield (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1336 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." @@ -2068,14 +2075,14 @@ msgstr "" "para el campo <quote>password</quote>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1341 #, fuzzy #| msgid "Default: <quote>permit</quote>" msgid "Default: <quote>*</quote>" msgstr "Predeterminado: <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1341 +#: sssd.conf.5.xml:1344 #, fuzzy #| msgid "This option can also be set per-domain." msgid "" @@ -2084,7 +2091,7 @@ msgid "" msgstr "Esta opción puede ser también fijada por dominio." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1348 #, fuzzy #| msgid "" #| "Default: <quote>*</quote> (remote domains) or <quote>x</quote> (the " @@ -2099,12 +2106,12 @@ msgstr "" "ficheros de dominio)" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1360 msgid "PAM configuration options" msgstr "Opciones de configuración PAM" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1359 +#: sssd.conf.5.xml:1362 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." @@ -2113,12 +2120,12 @@ msgstr "" "Authentication Module (PAM)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1364 +#: sssd.conf.5.xml:1367 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1367 +#: sssd.conf.5.xml:1370 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." @@ -2127,17 +2134,17 @@ msgstr "" "los accesos escondidos (en días desde el último login en línea con éxito)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1372 sssd.conf.5.xml:1385 +#: sssd.conf.5.xml:1375 sssd.conf.5.xml:1388 msgid "Default: 0 (No limit)" msgstr "Predeterminado: 0 (Sin límite)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1381 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1384 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." @@ -2146,12 +2153,12 @@ msgstr "" "login fallados están permitidos." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1391 +#: sssd.conf.5.xml:1394 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1394 +#: sssd.conf.5.xml:1397 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." @@ -2161,7 +2168,7 @@ msgstr "" "intento de login sea posible." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1399 +#: sssd.conf.5.xml:1402 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -2172,17 +2179,17 @@ msgstr "" "éxito puede habilitar otra vez la autenticación fuera de línea." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1405 sssd.conf.5.xml:1515 +#: sssd.conf.5.xml:1408 sssd.conf.5.xml:1518 msgid "Default: 5" msgstr "Predeterminado: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1411 +#: sssd.conf.5.xml:1414 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1414 +#: sssd.conf.5.xml:1417 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." @@ -2191,46 +2198,46 @@ msgstr "" "autenticación. Cuanto mayor sea el número de mensajes más aparecen." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1422 msgid "Currently sssd supports the following values:" msgstr "Actualmente sssd soporta los siguientes valores:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1422 +#: sssd.conf.5.xml:1425 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis>: no mostrar ningún mensaje" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1425 +#: sssd.conf.5.xml:1428 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis>: mostrar sólo mensajes importantes" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1432 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis>: mostrar mensajes informativos" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1435 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" "<emphasis>3</emphasis>: mostrar todos los mensajes e información de " "depuración" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1436 sssd.8.xml:63 +#: sssd.conf.5.xml:1439 sssd.8.xml:63 msgid "Default: 1" msgstr "Predeterminado: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1442 +#: sssd.conf.5.xml:1445 #, fuzzy #| msgid "pam_response_filter (integer)" msgid "pam_response_filter (string)" msgstr "pam_response_filter (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:1448 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -2243,7 +2250,7 @@ msgstr "" "variables de entorno que deberían ser fijadas por pam_sss." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1453 +#: sssd.conf.5.xml:1456 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." @@ -2252,37 +2259,37 @@ msgstr "" "pam_verbosity esta opción permite filtrar otra clase de respuestas también." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1463 msgid "ENV" msgstr "ENV" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1461 +#: sssd.conf.5.xml:1464 msgid "Do not send any environment variables to any service." msgstr "No envía ninguna variable de entorno a ningún servicio." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1464 +#: sssd.conf.5.xml:1467 msgid "ENV:var_name" msgstr "ENV:var_name" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1465 +#: sssd.conf.5.xml:1468 msgid "Do not send environment variable var_name to any service." msgstr "No envía la variable de entorno var_name a ningún servicio." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:1472 msgid "ENV:var_name:service" msgstr "ENV:var_name:service" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1470 +#: sssd.conf.5.xml:1473 msgid "Do not send environment variable var_name to service." msgstr "No envía la variable de entorno var_name al servicio." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1458 +#: sssd.conf.5.xml:1461 msgid "" "Currently the following filters are supported: <placeholder " "type=\"variablelist\" id=\"0\"/>" @@ -2291,7 +2298,7 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1477 +#: sssd.conf.5.xml:1480 msgid "" "The list of strings can either be the list of filters which would set this " "list of filters and overwrite the defaults. Or each element of the list can " @@ -2302,25 +2309,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1488 +#: sssd.conf.5.xml:1491 #, fuzzy #| msgid "Example: ENV:KRB5CCNAME:sudo-i" msgid "Default: ENV:KRB5CCNAME:sudo, ENV:KRB5CCNAME:sudo-i" msgstr "Ejemplo: ENV:KRB5CCNAME:sudo-i" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1491 +#: sssd.conf.5.xml:1494 msgid "" "Example: -ENV:KRB5CCNAME:sudo-i will remove the filter from the default list" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1498 +#: sssd.conf.5.xml:1501 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1501 +#: sssd.conf.5.xml:1504 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -2332,7 +2339,7 @@ msgstr "" "información más actual." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1507 +#: sssd.conf.5.xml:1510 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -2346,17 +2353,17 @@ msgstr "" "proveedor de identidad." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1521 +#: sssd.conf.5.xml:1524 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1524 sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:1527 sssd.conf.5.xml:2990 msgid "Display a warning N days before the password expires." msgstr "Mostrar una advertencia N días antes que la contraseña caduque." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1527 +#: sssd.conf.5.xml:1530 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2367,7 +2374,7 @@ msgstr "" "información desaparece, sssd no podrá mostrar un aviso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1533 sssd.conf.5.xml:2990 +#: sssd.conf.5.xml:1536 sssd.conf.5.xml:2993 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -2377,7 +2384,7 @@ msgstr "" "automáticamente." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1541 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." @@ -2386,18 +2393,18 @@ msgstr "" "<emphasis>pwd_expiration_warning</emphasis> para un dominio concreto." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1543 sssd.conf.5.xml:3990 sssd-ldap.5.xml:607 -#: sssd-ldap.5.xml:1673 sssd.8.xml:79 +#: sssd.conf.5.xml:1546 sssd.conf.5.xml:3993 sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:1684 sssd.8.xml:79 msgid "Default: 0" msgstr "Predeterminado: 0" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1560 +#: sssd.conf.5.xml:1563 msgid "pam_trusted_users (string)" msgstr "pam_trusted_users (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1563 +#: sssd.conf.5.xml:1566 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -2412,12 +2419,12 @@ msgstr "" "nombres de usuarios se resuelven a UIDs en el arranque." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1573 +#: sssd.conf.5.xml:1576 msgid "Default: All users are considered trusted by default" msgstr "Por defecto: Todos los usuarios se consideran de confianza por defecto" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1577 +#: sssd.conf.5.xml:1580 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." @@ -2426,12 +2433,12 @@ msgstr "" "aunque no está en la la lista pam_trusted_users." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1584 +#: sssd.conf.5.xml:1587 msgid "pam_public_domains (string)" msgstr "pam_public_domains (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1587 +#: sssd.conf.5.xml:1590 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." @@ -2440,13 +2447,13 @@ msgstr "" "accesibles hasta para los usuarios en los que no se confíe." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1591 +#: sssd.conf.5.xml:1594 msgid "Two special values for pam_public_domains option are defined:" msgstr "" "Hay definidos dos valores especiales para la opción pam_public_domains:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1595 +#: sssd.conf.5.xml:1598 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" @@ -2454,7 +2461,7 @@ msgstr "" "dominios en el contestador PAM.)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1602 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" @@ -2463,19 +2470,19 @@ msgstr "" "dominios PAM en el contestador.)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1603 sssd.conf.5.xml:1628 sssd.conf.5.xml:1647 -#: sssd.conf.5.xml:1884 sssd.conf.5.xml:2725 sssd.conf.5.xml:3919 -#: sssd-ldap.5.xml:1210 +#: sssd.conf.5.xml:1606 sssd.conf.5.xml:1631 sssd.conf.5.xml:1650 +#: sssd.conf.5.xml:1887 sssd.conf.5.xml:2728 sssd.conf.5.xml:3922 +#: sssd-ldap.5.xml:1221 msgid "Default: none" msgstr "Predeterminado: none" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1611 msgid "pam_account_expired_message (string)" msgstr "pam_account_expired_message (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1611 +#: sssd.conf.5.xml:1614 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." @@ -2484,7 +2491,7 @@ msgstr "" "mensaje predeterminado 'Permiso denegado'." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1616 +#: sssd.conf.5.xml:1619 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." @@ -2494,7 +2501,7 @@ msgstr "" "mensajes e información de depuración)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1627 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -2504,12 +2511,12 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1633 +#: sssd.conf.5.xml:1636 msgid "pam_account_locked_message (string)" msgstr "pam_account_locked_message (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1639 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." @@ -2518,7 +2525,7 @@ msgstr "" "por defecto 'Permiso denegado'." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1643 +#: sssd.conf.5.xml:1646 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -2528,48 +2535,48 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1652 +#: sssd.conf.5.xml:1655 #, fuzzy #| msgid "pam_cert_auth (bool)" msgid "pam_passkey_auth (bool)" msgstr "pam_cert_auth (booleano)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1655 +#: sssd.conf.5.xml:1658 msgid "Enable passkey device based authentication." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1658 sssd.conf.5.xml:1970 sssd-ad.5.xml:1272 +#: sssd.conf.5.xml:1661 sssd.conf.5.xml:1973 sssd-ad.5.xml:1275 #: sss_rpcidmapd.5.xml:76 sssd-files.5.xml:145 msgid "Default: True" msgstr "Predeterminado: True" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1663 +#: sssd.conf.5.xml:1666 msgid "passkey_debug_libfido2 (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1666 +#: sssd.conf.5.xml:1669 msgid "Enable libfido2 library debug messages." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1669 sssd.conf.5.xml:1683 sssd-ldap.5.xml:672 -#: sssd-ldap.5.xml:693 sssd-ldap.5.xml:789 sssd-ldap.5.xml:1296 -#: sssd-ad.5.xml:506 sssd-ad.5.xml:582 sssd-ad.5.xml:1127 sssd-ad.5.xml:1176 +#: sssd.conf.5.xml:1672 sssd.conf.5.xml:1686 sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:704 sssd-ldap.5.xml:800 sssd-ldap.5.xml:1307 +#: sssd-ad.5.xml:506 sssd-ad.5.xml:582 sssd-ad.5.xml:1127 sssd-ad.5.xml:1179 #: include/ldap_id_mapping.xml:250 msgid "Default: False" msgstr "Por defecto: False" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1674 +#: sssd.conf.5.xml:1677 msgid "pam_cert_auth (bool)" msgstr "pam_cert_auth (booleano)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1677 +#: sssd.conf.5.xml:1680 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -2580,22 +2587,22 @@ msgstr "" "de autenticación esta opción está deshabilitada por defecto." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1688 +#: sssd.conf.5.xml:1691 msgid "pam_cert_db_path (string)" msgstr "pam_cert_db_path (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1691 +#: sssd.conf.5.xml:1694 msgid "The path to the certificate database." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1694 sssd.conf.5.xml:2219 sssd.conf.5.xml:4411 +#: sssd.conf.5.xml:1697 sssd.conf.5.xml:2222 sssd.conf.5.xml:4414 msgid "Default:" msgstr "Predeterminado:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1696 sssd.conf.5.xml:2221 +#: sssd.conf.5.xml:1699 sssd.conf.5.xml:2224 #, fuzzy #| msgid "" #| "/etc/sssd/pki/sssd_auth_ca_db.pem (OpenSSL version, path to a file with " @@ -2608,14 +2615,14 @@ msgstr "" "certificados CA de confianza en formato PEM)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:1709 #, fuzzy #| msgid "certificate_verification (string)" msgid "pam_cert_verification (string)" msgstr "certificate_verification (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:1712 #, fuzzy #| msgid "" #| "With this parameter the certificate verification can be tuned with a " @@ -2633,7 +2640,7 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:1723 #, fuzzy, no-wrap #| msgid "" #| "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -2646,31 +2653,31 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:1727 msgid "" "Default: not set, i.e. use default <quote>certificate_verification</quote> " "option defined in <quote>[sssd]</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1731 +#: sssd.conf.5.xml:1734 msgid "p11_child_timeout (integer)" msgstr "p11_child_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1734 +#: sssd.conf.5.xml:1737 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "Cuantos segundos esperará pam_sss wait para que p11_child finalice." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1743 +#: sssd.conf.5.xml:1746 #, fuzzy #| msgid "p11_child_timeout (integer)" msgid "passkey_child_timeout (integer)" msgstr "p11_child_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 +#: sssd.conf.5.xml:1749 #, fuzzy #| msgid "How many seconds will pam_sss wait for p11_child to finish." msgid "" @@ -2678,12 +2685,12 @@ msgid "" msgstr "Cuantos segundos esperará pam_sss wait para que p11_child finalice." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1758 msgid "pam_app_services (string)" msgstr "pam_app_services (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1761 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" @@ -2692,14 +2699,14 @@ msgstr "" "tipo <quote>application</quote>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1767 +#: sssd.conf.5.xml:1770 #, fuzzy #| msgid "pam_p11_allowed_services (integer)" msgid "pam_p11_allowed_services (string)" msgstr "pam_p11_allowed_services (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1770 +#: sssd.conf.5.xml:1773 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." @@ -2708,7 +2715,7 @@ msgstr "" "permitidos usar Smartcards." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1785 +#: sssd.conf.5.xml:1788 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -2718,7 +2725,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1774 +#: sssd.conf.5.xml:1777 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -2738,7 +2745,7 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1789 sssd-ad.5.xml:645 sssd-ad.5.xml:754 sssd-ad.5.xml:812 +#: sssd.conf.5.xml:1792 sssd-ad.5.xml:645 sssd-ad.5.xml:754 sssd-ad.5.xml:812 #: sssd-ad.5.xml:870 sssd-ad.5.xml:948 msgid "Default: the default set of PAM service names includes:" msgstr "" @@ -2746,57 +2753,57 @@ msgstr "" "incluye:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1794 sssd-ad.5.xml:649 +#: sssd.conf.5.xml:1797 sssd-ad.5.xml:649 msgid "login" msgstr "login" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1799 sssd-ad.5.xml:654 +#: sssd.conf.5.xml:1802 sssd-ad.5.xml:654 msgid "su" msgstr "su" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1804 sssd-ad.5.xml:659 +#: sssd.conf.5.xml:1807 sssd-ad.5.xml:659 msgid "su-l" msgstr "su-l" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1809 sssd-ad.5.xml:674 +#: sssd.conf.5.xml:1812 sssd-ad.5.xml:674 msgid "gdm-smartcard" msgstr "gdm-smartcard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1814 sssd-ad.5.xml:669 +#: sssd.conf.5.xml:1817 sssd-ad.5.xml:669 msgid "gdm-password" msgstr "gdm-password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1819 sssd-ad.5.xml:679 +#: sssd.conf.5.xml:1822 sssd-ad.5.xml:679 msgid "kdm" msgstr "kdm" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1824 sssd-ad.5.xml:957 +#: sssd.conf.5.xml:1827 sssd-ad.5.xml:957 msgid "sudo" msgstr "sudo" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1829 sssd-ad.5.xml:962 +#: sssd.conf.5.xml:1832 sssd-ad.5.xml:962 msgid "sudo-i" msgstr "sudo-i" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1837 msgid "gnome-screensaver" msgstr "gnome-screensaver" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1845 msgid "p11_wait_for_card_timeout (integer)" msgstr "p11_wait_for_card_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1845 +#: sssd.conf.5.xml:1848 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2807,12 +2814,12 @@ msgstr "" "inserte la Smartcard." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1856 +#: sssd.conf.5.xml:1859 msgid "p11_uri (string)" msgstr "p11_uri (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1859 +#: sssd.conf.5.xml:1862 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " @@ -2830,7 +2837,7 @@ msgstr "" "específico." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1872 +#: sssd.conf.5.xml:1875 #, fuzzy, no-wrap #| msgid "" #| "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2843,7 +2850,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1876 +#: sssd.conf.5.xml:1879 #, fuzzy, no-wrap #| msgid "" #| "p11_uri = library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2856,7 +2863,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1870 +#: sssd.conf.5.xml:1873 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2869,47 +2876,47 @@ msgstr "" "GnuTLS 'p11tool' con e.g. '--list-all' mostrará PKCS#11 URIs también." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1892 msgid "pam_initgroups_scheme" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1897 +#: sssd.conf.5.xml:1900 msgid "always" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1898 +#: sssd.conf.5.xml:1901 msgid "" "Always do an online lookup, please note that pam_id_timeout still applies" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1902 +#: sssd.conf.5.xml:1905 msgid "no_session" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1903 +#: sssd.conf.5.xml:1906 msgid "" "Only do an online lookup if there is no active session of the user, i.e. if " "the user is currently not logged in" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1908 +#: sssd.conf.5.xml:1911 msgid "never" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1909 +#: sssd.conf.5.xml:1912 msgid "" "Never force an online lookup, use the data from the cache as long as they " "are not expired" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1892 +#: sssd.conf.5.xml:1895 msgid "" "The PAM responder can force an online lookup to get the current group " "memberships of the user trying to log in. This option controls when this " @@ -2918,19 +2925,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1916 +#: sssd.conf.5.xml:1919 msgid "Default: no_session" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1921 sssd.conf.5.xml:4350 +#: sssd.conf.5.xml:1924 sssd.conf.5.xml:4353 #, fuzzy #| msgid "pam_app_services (string)" msgid "pam_gssapi_services" msgstr "pam_app_services (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1924 +#: sssd.conf.5.xml:1927 #, fuzzy #| msgid "Comma separated list of users who are allowed to log in." msgid "" @@ -2939,13 +2946,13 @@ msgid "" msgstr "Lista separada por comas de usuarios a los está permitido el acceso." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:1932 msgid "" "To disable GSSAPI authentication, set this option to <quote>-</quote> (dash)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1933 sssd.conf.5.xml:1964 sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:1936 sssd.conf.5.xml:1967 sssd.conf.5.xml:2005 msgid "" "Note: This option can also be set per-domain which overwrites the value in " "[pam] section. It can also be set for trusted domain which overwrites the " @@ -2953,7 +2960,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1941 +#: sssd.conf.5.xml:1944 #, fuzzy, no-wrap #| msgid "" #| "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -2966,22 +2973,22 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1939 sssd.conf.5.xml:3913 +#: sssd.conf.5.xml:1942 sssd.conf.5.xml:3916 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "Ejemplo: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1945 +#: sssd.conf.5.xml:1948 msgid "Default: - (GSSAPI authentication is disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1950 sssd.conf.5.xml:4351 +#: sssd.conf.5.xml:1953 sssd.conf.5.xml:4354 msgid "pam_gssapi_check_upn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1953 +#: sssd.conf.5.xml:1956 msgid "" "If True, SSSD will require that the Kerberos user principal that " "successfully authenticated through GSSAPI can be associated with the user " @@ -2989,19 +2996,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1960 +#: sssd.conf.5.xml:1963 msgid "" "If False, every user that is able to obtained required service ticket will " "be authenticated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:1978 msgid "pam_gssapi_indicators_map" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1978 +#: sssd.conf.5.xml:1981 msgid "" "Comma separated list of authentication indicators required to be present in " "a Kerberos ticket to access a PAM service that is allowed to try GSSAPI " @@ -3009,7 +3016,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1984 +#: sssd.conf.5.xml:1987 msgid "" "Each element of the list can be either an authentication indicator name or a " "pair <quote>service:indicator</quote>. Indicators not prefixed with the PAM " @@ -3024,7 +3031,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1997 +#: sssd.conf.5.xml:2000 msgid "" "To disable GSSAPI authentication indicator check, set this option to <quote>-" "</quote> (dash). To disable the check for a specific PAM service, add " @@ -3032,45 +3039,45 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2008 +#: sssd.conf.5.xml:2011 msgid "" "Following authentication indicators are supported by IPA Kerberos " "deployments:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2011 +#: sssd.conf.5.xml:2014 msgid "" "pkinit -- pre-authentication using X.509 certificates -- whether stored in " "files or on smart cards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2014 +#: sssd.conf.5.xml:2017 msgid "" "hardened -- SPAKE pre-authentication or any pre-authentication wrapped in a " "FAST channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2017 +#: sssd.conf.5.xml:2020 msgid "radius -- pre-authentication with the help of a RADIUS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2020 +#: sssd.conf.5.xml:2023 msgid "" "otp -- pre-authentication using integrated two-factor authentication (2FA or " "one-time password, OTP) in IPA." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2023 +#: sssd.conf.5.xml:2026 msgid "idp -- pre-authentication using external identity provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2033 +#: sssd.conf.5.xml:2036 #, fuzzy, no-wrap #| msgid "" #| "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -3083,7 +3090,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2028 +#: sssd.conf.5.xml:2031 msgid "" "Example: to require access to SUDO services only for users which obtained " "their Kerberos tickets with a X.509 certificate pre-authentication (PKINIT), " @@ -3091,7 +3098,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2037 +#: sssd.conf.5.xml:2040 #, fuzzy #| msgid "Default: not set (no substitution for unset home directories)" msgid "Default: not set (use of authentication indicators is not required)" @@ -3099,12 +3106,12 @@ msgstr "" "Por defecto: no fijado (sin sustitución para los directorios home no fijados)" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2048 msgid "SUDO configuration options" msgstr "SUDO opciones de configuración" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2047 +#: sssd.conf.5.xml:2050 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -3122,12 +3129,12 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2064 +#: sssd.conf.5.xml:2067 msgid "sudo_timed (bool)" msgstr "sudo_timed (booleano)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2067 +#: sssd.conf.5.xml:2070 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." @@ -3136,12 +3143,12 @@ msgstr "" "entradas de sudoers dependientes del tiempo." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2079 +#: sssd.conf.5.xml:2082 msgid "sudo_threshold (integer)" msgstr "sudo_threshold (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2082 +#: sssd.conf.5.xml:2085 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -3157,22 +3164,22 @@ msgstr "" "comando." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2101 +#: sssd.conf.5.xml:2104 msgid "AUTOFS configuration options" msgstr "Opciones de configuración AUTOFS" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2103 +#: sssd.conf.5.xml:2106 msgid "These options can be used to configure the autofs service." msgstr "Estas opciones pueden ser usadas para configurar el servicio autofs." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2107 +#: sssd.conf.5.xml:2110 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2110 +#: sssd.conf.5.xml:2113 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -3183,22 +3190,22 @@ msgstr "" "existentes) antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2126 +#: sssd.conf.5.xml:2129 msgid "SSH configuration options" msgstr "Opciones de configuración SSH" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2128 +#: sssd.conf.5.xml:2131 msgid "These options can be used to configure the SSH service." msgstr "Estas opciones se pueden usar para configurar el servicio SSH." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:2135 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (booleano)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2135 +#: sssd.conf.5.xml:2138 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." @@ -3207,12 +3214,12 @@ msgstr "" "known_host. " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2144 +#: sssd.conf.5.xml:2147 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2147 +#: sssd.conf.5.xml:2150 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." @@ -3221,17 +3228,17 @@ msgstr "" "después de que se hayan pedido sus claves de host." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2154 msgid "Default: 180" msgstr "Por defecto: 180" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2156 +#: sssd.conf.5.xml:2159 msgid "ssh_use_certificate_keys (bool)" msgstr "ssh_use_certificate_keys (booleano)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2159 +#: sssd.conf.5.xml:2162 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -3245,12 +3252,12 @@ msgstr "" "manvolnum> </citerefentry> for details." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2174 +#: sssd.conf.5.xml:2177 msgid "ssh_use_certificate_matching_rules (string)" msgstr "ssh_use_certificate_matching_rules (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2177 +#: sssd.conf.5.xml:2180 msgid "" "By default the ssh responder will use all available certificate matching " "rules to filter the certificates so that ssh keys are only derived from the " @@ -3265,7 +3272,7 @@ msgstr "" "de reglas que coincidan y mapeen. Todas las demás reglas serán ignoradas." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2186 +#: sssd.conf.5.xml:2189 msgid "" "There are two special key words 'all_rules' and 'no_rules' which will enable " "all or no rules, respectively. The latter means that no certificates will be " @@ -3273,7 +3280,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2193 +#: sssd.conf.5.xml:2196 msgid "" "If no rules are configured using 'all_rules' will enable a default rule " "which enables all certificates suitable for client authentication. This is " @@ -3282,26 +3289,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2200 +#: sssd.conf.5.xml:2203 msgid "" "A non-existing rule name is considered an error. If as a result no rule is " "selected all certificates will be ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2205 +#: sssd.conf.5.xml:2208 msgid "" "Default: not set, equivalent to 'all_rules', all found rules or the default " "rule are used" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2211 +#: sssd.conf.5.xml:2214 msgid "ca_db (string)" msgstr "ca_db (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2214 +#: sssd.conf.5.xml:2217 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." @@ -3311,12 +3318,12 @@ msgstr "" "públicas ssh de ellos." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2234 +#: sssd.conf.5.xml:2237 msgid "PAC responder configuration options" msgstr "Opciones de configuración del respondedor PAC" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2239 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -3334,7 +3341,7 @@ msgstr "" "se hacen algunas de las siguientes operaciones:" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2245 +#: sssd.conf.5.xml:2248 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -3350,7 +3357,7 @@ msgstr "" "predeterminado, pero se puede sustituir con el parámetro default_shell." #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2253 +#: sssd.conf.5.xml:2256 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." @@ -3359,17 +3366,17 @@ msgstr "" "a esos grupos." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2259 +#: sssd.conf.5.xml:2262 msgid "These options can be used to configure the PAC responder." msgstr "Estas opciones pueden ser usadas para configurar el respondedor PAC." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2263 sssd-ifp.5.xml:66 +#: sssd.conf.5.xml:2266 sssd-ifp.5.xml:66 msgid "allowed_uids (string)" msgstr "allowed_uids (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2266 +#: sssd.conf.5.xml:2269 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -3379,7 +3386,7 @@ msgstr "" "usuario que tiene el acceso permitido al respondedor PAC." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2272 +#: sssd.conf.5.xml:2275 #, fuzzy #| msgid "" #| "Default: 0 (only the root user is allowed to access the PAC responder)" @@ -3391,14 +3398,14 @@ msgstr "" "respondedor PAC)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2279 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" "Por defecto: 0 (sólo el usuario root tiene permitido el acceso al " "respondedor PAC)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2280 +#: sssd.conf.5.xml:2283 #, fuzzy #| msgid "" #| "Please note that although the UID 0 is used as the default it will be " @@ -3417,7 +3424,7 @@ msgstr "" "lista de UIDs permitidas también." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2287 +#: sssd.conf.5.xml:2290 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -3430,12 +3437,12 @@ msgstr "" "lista de UIDs permitidas también." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2296 +#: sssd.conf.5.xml:2299 msgid "pac_lifetime (integer)" msgstr "pac_lifetime (entero)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2299 +#: sssd.conf.5.xml:2302 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." @@ -3445,14 +3452,14 @@ msgstr "" "usuario." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2309 +#: sssd.conf.5.xml:2312 #, fuzzy #| msgid "ldap_schema (string)" msgid "pac_check (string)" msgstr "ldap_schema (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2312 +#: sssd.conf.5.xml:2315 msgid "" "Apply additional checks on the PAC of the Kerberos ticket which is available " "in Active Directory and FreeIPA domains, if configured. Please note that " @@ -3463,24 +3470,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2326 +#: sssd.conf.5.xml:2329 msgid "no_check" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2328 +#: sssd.conf.5.xml:2331 msgid "" "The PAC must not be present and even if it is present no additional checks " "will be done." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2334 +#: sssd.conf.5.xml:2337 msgid "pac_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:2339 msgid "" "The PAC must be present in the service ticket which SSSD will request with " "the help of the user's TGT. If the PAC is not available the authentication " @@ -3488,24 +3495,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2344 +#: sssd.conf.5.xml:2347 msgid "check_upn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2346 +#: sssd.conf.5.xml:2349 msgid "" "If the PAC is present check if the user principal name (UPN) information is " "consistent." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2352 +#: sssd.conf.5.xml:2355 msgid "check_upn_allow_missing" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2357 msgid "" "This option should be used together with 'check_upn' and handles the case " "where a UPN is set on the server-side but is not read by SSSD. The typical " @@ -3517,7 +3524,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2366 +#: sssd.conf.5.xml:2369 msgid "" "Currently this option is set by default to avoid regressions in such " "environments. A log message will be added to the system log and SSSD's debug " @@ -3528,41 +3535,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2380 +#: sssd.conf.5.xml:2383 msgid "upn_dns_info_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2382 +#: sssd.conf.5.xml:2385 msgid "The PAC must contain the UPN-DNS-INFO buffer, implies 'check_upn'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2387 +#: sssd.conf.5.xml:2390 msgid "check_upn_dns_info_ex" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2389 +#: sssd.conf.5.xml:2392 msgid "" "If the PAC is present and the extension to the UPN-DNS-INFO buffer is " "available check if the information in the extension is consistent." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2396 +#: sssd.conf.5.xml:2399 msgid "upn_dns_info_ex_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2401 msgid "" "The PAC must contain the extension of the UPN-DNS-INFO buffer, implies " "'check_upn_dns_info_ex', 'upn_dns_info_present' and 'check_upn'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2325 #, fuzzy #| msgid "" #| "The following expansions are supported: <placeholder " @@ -3575,19 +3582,19 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2408 +#: sssd.conf.5.xml:2411 msgid "" "Default: no_check (AD and IPA provider 'check_upn, check_upn_allow_missing, " "check_upn_dns_info_ex')" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2417 +#: sssd.conf.5.xml:2420 msgid "Session recording configuration options" msgstr "Opciones de configuración de la grabación de sesión" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2419 +#: sssd.conf.5.xml:2422 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -3603,32 +3610,32 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2432 +#: sssd.conf.5.xml:2435 msgid "These options can be used to configure session recording." msgstr "Se pueden usar estas opciones para configurar la grabación de sesión." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2436 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:2439 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "scope (cadena)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2443 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:2446 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "\"none\"" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2446 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:2449 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "NO se grabaron usuarios." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2451 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:2454 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "\"some\"" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2454 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:2457 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." @@ -3637,17 +3644,17 @@ msgstr "" "replaceable> y<replaceable>groups</replaceable> son grabados." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2463 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:2466 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "\"all\"" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2466 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:2469 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "Se graban todos los usuarios." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2439 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:2442 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -3656,17 +3663,17 @@ msgstr "" "grabación: <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:2476 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "Predeterminado: \"none\"" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2478 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:2481 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "users (cadena)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2481 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:2484 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -3678,17 +3685,17 @@ msgstr "" "mayúsculas/minúsculas, etc." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2487 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:2490 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "Predeterminado: Vacío. No hay usuarios coincidentes." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2492 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:2495 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "groups (cadena)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2495 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:2498 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -3700,7 +3707,7 @@ msgstr "" "minúsculas, etc." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2501 sssd.conf.5.xml:2533 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:2504 sssd.conf.5.xml:2536 sssd-session-recording.5.xml:129 #: sssd-session-recording.5.xml:161 msgid "" "NOTE: using this option (having it set to anything) has a considerable " @@ -3713,65 +3720,65 @@ msgstr "" "pertenece el usuario." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2508 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:2511 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "Predeterminado: Vacío. No empareja grupos." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2513 sssd-session-recording.5.xml:141 +#: sssd.conf.5.xml:2516 sssd-session-recording.5.xml:141 #, fuzzy #| msgid "users (string)" msgid "exclude_users (string)" msgstr "users (cadena)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2516 sssd-session-recording.5.xml:144 +#: sssd.conf.5.xml:2519 sssd-session-recording.5.xml:144 msgid "" "A comma-separated list of users to be excluded from recording, only " "applicable with 'scope=all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2520 sssd-session-recording.5.xml:148 +#: sssd.conf.5.xml:2523 sssd-session-recording.5.xml:148 #, fuzzy #| msgid "Default: Empty. Matches no users." msgid "Default: Empty. No users excluded." msgstr "Predeterminado: Vacío. No hay usuarios coincidentes." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2525 sssd-session-recording.5.xml:153 +#: sssd.conf.5.xml:2528 sssd-session-recording.5.xml:153 #, fuzzy #| msgid "groups (string)" msgid "exclude_groups (string)" msgstr "groups (cadena)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2528 sssd-session-recording.5.xml:156 +#: sssd.conf.5.xml:2531 sssd-session-recording.5.xml:156 msgid "" "A comma-separated list of groups, members of which should be excluded from " "recording. Only applicable with 'scope=all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2540 sssd-session-recording.5.xml:168 +#: sssd.conf.5.xml:2543 sssd-session-recording.5.xml:168 #, fuzzy #| msgid "Default: Empty. Matches no groups." msgid "Default: Empty. No groups excluded." msgstr "Predeterminado: Vacío. No empareja grupos." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:2550 +#: sssd.conf.5.xml:2553 msgid "DOMAIN SECTIONS" msgstr "SECCIONES DE DOMINIO" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para> -#: sssd.conf.5.xml:2557 sssd.conf.5.xml:4041 sssd.conf.5.xml:4042 -#: sssd.conf.5.xml:4045 +#: sssd.conf.5.xml:2560 sssd.conf.5.xml:4044 sssd.conf.5.xml:4045 +#: sssd.conf.5.xml:4048 msgid "enabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2560 +#: sssd.conf.5.xml:2563 msgid "" "Explicitly enable or disable the domain. If <quote>true</quote>, the domain " "is always <quote>enabled</quote>. If <quote>false</quote>, the domain is " @@ -3781,12 +3788,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2572 +#: sssd.conf.5.xml:2575 msgid "domain_type (string)" msgstr "domain_type (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2578 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -3799,7 +3806,7 @@ msgstr "" "disponibles para las interfaces y utilidades de sistema operativo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2583 +#: sssd.conf.5.xml:2586 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." @@ -3808,7 +3815,7 @@ msgstr "" "<quote>application</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2587 +#: sssd.conf.5.xml:2590 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -3821,7 +3828,7 @@ msgstr "" "manvolnum> </citerefentry>) y el contestador PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2595 +#: sssd.conf.5.xml:2598 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." @@ -3830,7 +3837,7 @@ msgstr "" "<quote>id_provider=ldap</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2602 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." @@ -3839,17 +3846,17 @@ msgstr "" "<quote>Dominios aplicación</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2603 +#: sssd.conf.5.xml:2606 msgid "Default: posix" msgstr "Predeterminado: posix" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2609 +#: sssd.conf.5.xml:2612 msgid "min_id,max_id (integer)" msgstr "min_id, max_id (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2615 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -3858,7 +3865,7 @@ msgstr "" "está fuera de estos límites, ésta es ignorada." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2617 +#: sssd.conf.5.xml:2620 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -3871,7 +3878,7 @@ msgstr "" "reportados como en espera." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2627 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." @@ -3880,17 +3887,17 @@ msgstr "" "devolviéndolas por nombre o ID." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2631 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Predeterminado: 1 para min_id, 0 (sin límite) para max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2637 msgid "enumerate (bool)" msgstr "enumerar (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2637 +#: sssd.conf.5.xml:2640 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -3903,22 +3910,22 @@ msgstr "" "Este parámetros puede tener uno de los siguientes valores:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:2648 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = Usuarios y grupos son enumerados" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:2651 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = Sin enumeraciones para este dominio" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2651 sssd.conf.5.xml:2942 sssd.conf.5.xml:3119 +#: sssd.conf.5.xml:2654 sssd.conf.5.xml:2945 sssd.conf.5.xml:3122 msgid "Default: FALSE" msgstr "Predeterminado: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2654 +#: sssd.conf.5.xml:2657 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." @@ -3927,14 +3934,14 @@ msgstr "" "entradas de usuario y grupo del servidor remoto." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2659 +#: sssd.conf.5.xml:2662 msgid "" "Feature is only supported for domains with id_provider = ldap or id_provider " "= proxy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2663 +#: sssd.conf.5.xml:2666 #, fuzzy #| msgid "" #| "Note: Enabling enumeration has a moderate performance impact on SSSD " @@ -3969,7 +3976,7 @@ msgstr "" "guardián interno." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2678 +#: sssd.conf.5.xml:2681 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -3979,7 +3986,7 @@ msgstr "" "completen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2683 +#: sssd.conf.5.xml:2686 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -3993,7 +4000,7 @@ msgstr "" "específico id_provider en uso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2694 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." @@ -4002,7 +4009,7 @@ msgstr "" "especialmente en entornos grandes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2696 +#: sssd.conf.5.xml:2699 msgid "" "Note: the proxy provider is tested with open source modules like " "'libnss_files' and 'libnss_ldap'. 3rd party modules must follow the " @@ -4010,32 +4017,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2705 +#: sssd.conf.5.xml:2708 msgid "subdomain_enumerate (string)" msgstr "subdomain_enumerate (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2712 +#: sssd.conf.5.xml:2715 msgid "all" msgstr "all" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2716 msgid "All discovered trusted domains will be enumerated" msgstr "Se enumerarán todos los dominios de confianza descubiertos" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2716 +#: sssd.conf.5.xml:2719 msgid "none" msgstr "none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2717 +#: sssd.conf.5.xml:2720 msgid "No discovered trusted domains will be enumerated" msgstr "No serán enumerados dominios de confianza descubiertos" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2708 +#: sssd.conf.5.xml:2711 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -4048,12 +4055,12 @@ msgstr "" "enumeración solo para estos dominios de confianza." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2731 +#: sssd.conf.5.xml:2734 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2734 +#: sssd.conf.5.xml:2737 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -4062,7 +4069,7 @@ msgstr "" "volver a consultar al backend" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2738 +#: sssd.conf.5.xml:2741 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -4080,17 +4087,17 @@ msgstr "" "están en la caché." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2751 +#: sssd.conf.5.xml:2754 msgid "Default: 5400" msgstr "Predeterminado: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2757 +#: sssd.conf.5.xml:2760 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2760 +#: sssd.conf.5.xml:2763 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" @@ -4099,19 +4106,19 @@ msgstr "" "antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2764 sssd.conf.5.xml:2777 sssd.conf.5.xml:2790 -#: sssd.conf.5.xml:2803 sssd.conf.5.xml:2817 sssd.conf.5.xml:2830 -#: sssd.conf.5.xml:2844 sssd.conf.5.xml:2858 sssd.conf.5.xml:2871 +#: sssd.conf.5.xml:2767 sssd.conf.5.xml:2780 sssd.conf.5.xml:2793 +#: sssd.conf.5.xml:2806 sssd.conf.5.xml:2820 sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2847 sssd.conf.5.xml:2861 sssd.conf.5.xml:2874 msgid "Default: entry_cache_timeout" msgstr "Por defecto: entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2773 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2776 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" @@ -4120,12 +4127,12 @@ msgstr "" "antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2783 +#: sssd.conf.5.xml:2786 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2786 +#: sssd.conf.5.xml:2789 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" @@ -4134,12 +4141,12 @@ msgstr "" "válidas antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2796 +#: sssd.conf.5.xml:2799 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2799 +#: sssd.conf.5.xml:2802 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" @@ -4148,24 +4155,24 @@ msgstr "" "antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2812 msgid "entry_cache_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2812 +#: sssd.conf.5.xml:2815 msgid "" "How many seconds should nss_sss consider hosts and networks entries valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:2826 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2826 +#: sssd.conf.5.xml:2829 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" @@ -4174,12 +4181,12 @@ msgstr "" "preguntar al backend otra vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2836 +#: sssd.conf.5.xml:2839 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2839 +#: sssd.conf.5.xml:2842 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" @@ -4188,12 +4195,12 @@ msgstr "" "automontaje válidos antes de preguntar al punto final otra vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2850 +#: sssd.conf.5.xml:2853 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "entry_cache_ssh_host_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2853 +#: sssd.conf.5.xml:2856 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." @@ -4202,24 +4209,24 @@ msgstr "" "cuanto guardar en caché la clave de host." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2867 msgid "entry_cache_computer_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2867 +#: sssd.conf.5.xml:2870 msgid "" "How many seconds to keep the local computer entry before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2877 +#: sssd.conf.5.xml:2880 msgid "refresh_expired_interval (integer)" msgstr "refresh_expired_interval (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2880 +#: sssd.conf.5.xml:2883 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." @@ -4229,7 +4236,7 @@ msgstr "" "expirados o a punto de hacerlo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2885 +#: sssd.conf.5.xml:2888 msgid "" "The background refresh will process users, groups and netgroups in the " "cache. For users who have performed the initgroups (get group membership for " @@ -4242,18 +4249,18 @@ msgstr "" "login), tanto la entrada usuario y la membresia de grupo son actualizados." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2893 +#: sssd.conf.5.xml:2896 msgid "This option is automatically inherited for all trusted domains." msgstr "" "Esta opción se hereda automáticamente para todos los dominios de confianza." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2897 +#: sssd.conf.5.xml:2900 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "Usted puede considerar ajustar este valor a 3/4 * entry_cache_timeout." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2901 +#: sssd.conf.5.xml:2904 msgid "" "Cache entry will be refreshed by background task when 2/3 of cache timeout " "has already passed. If there are existing cached entries, the background " @@ -4265,18 +4272,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2914 sssd-ldap.5.xml:361 sssd-ldap.5.xml:1774 +#: sssd.conf.5.xml:2917 sssd-ldap.5.xml:372 sssd-ldap.5.xml:1785 #: sssd-ipa.5.xml:270 msgid "Default: 0 (disabled)" msgstr "Predeterminado: 0 (deshabilitado)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2920 +#: sssd.conf.5.xml:2923 msgid "cache_credentials (bool)" msgstr "cache_credentials (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:2926 msgid "" "Determines if user credentials are also cached in the local LDB cache. The " "cached credentials refer to passwords, which includes the first (long term) " @@ -4287,7 +4294,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2934 +#: sssd.conf.5.xml:2937 msgid "" "Take a note that while credentials are stored as a salted SHA512 hash, this " "still potentially poses some security risk in case an attacker manages to " @@ -4296,12 +4303,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:2951 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "cache_credentials_minimal_first_factor_length (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2951 +#: sssd.conf.5.xml:2954 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -4313,7 +4320,7 @@ msgstr "" "SHA512 en el caché." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2958 +#: sssd.conf.5.xml:2961 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." @@ -4323,12 +4330,12 @@ msgstr "" "bruta." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:2972 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:2975 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -4341,17 +4348,17 @@ msgstr "" "grande o igual que offline_credentials_expiration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2979 +#: sssd.conf.5.xml:2982 msgid "Default: 0 (unlimited)" msgstr "Predeterminado: 0 (ilimitado)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:2987 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2995 +#: sssd.conf.5.xml:2998 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -4364,17 +4371,17 @@ msgstr "" "configurar un proveedor de autorización para el backend." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3002 +#: sssd.conf.5.xml:3005 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "Por defecto: 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3008 +#: sssd.conf.5.xml:3011 msgid "id_provider (string)" msgstr "id_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3011 +#: sssd.conf.5.xml:3014 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" @@ -4382,12 +4389,12 @@ msgstr "" "soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3015 +#: sssd.conf.5.xml:3018 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "<quote>proxy</quote>: Soporta un proveedor NSS heredado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3018 +#: sssd.conf.5.xml:3021 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -4399,7 +4406,7 @@ msgstr "" "grupos locales en SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3026 +#: sssd.conf.5.xml:3029 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -4410,8 +4417,8 @@ msgstr "" "información sobre la configuración de LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3034 sssd.conf.5.xml:3145 sssd.conf.5.xml:3196 -#: sssd.conf.5.xml:3259 +#: sssd.conf.5.xml:3037 sssd.conf.5.xml:3148 sssd.conf.5.xml:3199 +#: sssd.conf.5.xml:3262 #, fuzzy #| msgid "" #| "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " @@ -4429,8 +4436,8 @@ msgstr "" "configuración de FreeIPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3043 sssd.conf.5.xml:3154 sssd.conf.5.xml:3205 -#: sssd.conf.5.xml:3268 +#: sssd.conf.5.xml:3046 sssd.conf.5.xml:3157 sssd.conf.5.xml:3208 +#: sssd.conf.5.xml:3271 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4442,12 +4449,12 @@ msgstr "" "Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3054 +#: sssd.conf.5.xml:3057 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3057 +#: sssd.conf.5.xml:3060 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." @@ -4457,7 +4464,7 @@ msgstr "" "NSS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3062 +#: sssd.conf.5.xml:3065 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -4471,7 +4478,7 @@ msgstr "" "command> lo haría." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3070 +#: sssd.conf.5.xml:3073 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -4483,24 +4490,24 @@ msgstr "" "cualificado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3077 +#: sssd.conf.5.xml:3080 msgid "" "Default: FALSE (TRUE for trusted domain/sub-domains or if " "default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3084 +#: sssd.conf.5.xml:3087 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3087 +#: sssd.conf.5.xml:3090 msgid "Do not return group members for group lookups." msgstr "No devuelve miembros de grupo para búsquedas de grupo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3090 +#: sssd.conf.5.xml:3093 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -4519,7 +4526,7 @@ msgstr "" "devolver el grupo pedido como si estuviera vacío." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3111 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -4530,23 +4537,23 @@ msgstr "" "especialmente para grupos que contienen muchos miembros." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3114 sssd.conf.5.xml:3835 sssd-ldap.5.xml:327 -#: sssd-ldap.5.xml:356 sssd-ldap.5.xml:409 sssd-ldap.5.xml:469 -#: sssd-ldap.5.xml:490 sssd-ldap.5.xml:521 sssd-ldap.5.xml:544 -#: sssd-ldap.5.xml:583 sssd-ldap.5.xml:602 sssd-ldap.5.xml:626 -#: sssd-ldap.5.xml:1054 sssd-ldap.5.xml:1087 +#: sssd.conf.5.xml:3117 sssd.conf.5.xml:3838 sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:367 sssd-ldap.5.xml:420 sssd-ldap.5.xml:480 +#: sssd-ldap.5.xml:501 sssd-ldap.5.xml:532 sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:594 sssd-ldap.5.xml:613 sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:1065 sssd-ldap.5.xml:1098 msgid "" "This option can be also set per subdomain or inherited via " "<emphasis>subdomain_inherit</emphasis>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3124 +#: sssd.conf.5.xml:3127 msgid "auth_provider (string)" msgstr "auth_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3127 +#: sssd.conf.5.xml:3130 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -4555,7 +4562,7 @@ msgstr "" "autenticación soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3131 sssd.conf.5.xml:3189 +#: sssd.conf.5.xml:3134 sssd.conf.5.xml:3192 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4566,7 +4573,7 @@ msgstr "" "citerefentry> para más información sobre la configuración LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3138 +#: sssd.conf.5.xml:3141 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4577,7 +4584,7 @@ msgstr "" "citerefentry> para más información sobre la configuración de Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3162 +#: sssd.conf.5.xml:3165 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" @@ -4585,12 +4592,12 @@ msgstr "" "objetivo PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3168 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> deshabilita la autenticación explícitamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3168 +#: sssd.conf.5.xml:3171 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -4599,12 +4606,12 @@ msgstr "" "manejar las peticiones de autenticación." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3174 +#: sssd.conf.5.xml:3177 msgid "access_provider (string)" msgstr "access_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3177 +#: sssd.conf.5.xml:3180 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -4615,7 +4622,7 @@ msgstr "" "proveedores especiales internos son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3183 +#: sssd.conf.5.xml:3186 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." @@ -4624,12 +4631,12 @@ msgstr "" "sólo permitido para un dominio local." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3186 +#: sssd.conf.5.xml:3189 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> siempre niega el acceso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3213 +#: sssd.conf.5.xml:3216 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -4642,7 +4649,7 @@ msgstr "" "configuración del módulo de acceso sencillo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3223 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -4654,23 +4661,23 @@ msgstr "" "Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3227 +#: sssd.conf.5.xml:3230 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" "<quote>proxy</quote> para transmitir control de acceso a otro módulo PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3230 +#: sssd.conf.5.xml:3233 msgid "Default: <quote>permit</quote>" msgstr "Predeterminado: <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3235 +#: sssd.conf.5.xml:3238 msgid "chpass_provider (string)" msgstr "chpass_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3238 +#: sssd.conf.5.xml:3241 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -4679,7 +4686,7 @@ msgstr "" "el dominio. Los proveedores de cambio de passweord soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3243 +#: sssd.conf.5.xml:3246 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -4691,7 +4698,7 @@ msgstr "" "configuración de LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3251 +#: sssd.conf.5.xml:3254 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4702,7 +4709,7 @@ msgstr "" "citerefentry> para más información sobre configurar Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3276 +#: sssd.conf.5.xml:3279 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" @@ -4710,13 +4717,13 @@ msgstr "" "otros objetivos PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3280 +#: sssd.conf.5.xml:3283 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" "<quote>none</quote> deniega explícitamente los cambios en la contraseña." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3283 +#: sssd.conf.5.xml:3286 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -4725,18 +4732,18 @@ msgstr "" "puede manejar las peticiones de cambio de password." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3290 +#: sssd.conf.5.xml:3293 msgid "sudo_provider (string)" msgstr "sudo_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3293 +#: sssd.conf.5.xml:3296 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" "El proveedor SUDO usado por el dominio. Los proveedores SUDO soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3297 +#: sssd.conf.5.xml:3300 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4747,7 +4754,7 @@ msgstr "" "citerefentry> para más información sobre la configuración LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3305 +#: sssd.conf.5.xml:3308 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." @@ -4756,7 +4763,7 @@ msgstr "" "predeterminados IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3309 +#: sssd.conf.5.xml:3312 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." @@ -4765,19 +4772,19 @@ msgstr "" "predeterminados AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3313 +#: sssd.conf.5.xml:3316 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "<quote>none</quote>deshabilita SUDO explícitamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3316 sssd.conf.5.xml:3402 sssd.conf.5.xml:3467 -#: sssd.conf.5.xml:3492 sssd.conf.5.xml:3528 +#: sssd.conf.5.xml:3319 sssd.conf.5.xml:3405 sssd.conf.5.xml:3470 +#: sssd.conf.5.xml:3495 sssd.conf.5.xml:3531 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" "Por defecto: el valor de <quote>id_provider</quote> se usa si está fijado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3320 +#: sssd.conf.5.xml:3323 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -4794,7 +4801,7 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3335 +#: sssd.conf.5.xml:3338 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -4808,12 +4815,12 @@ msgstr "" "desea usar sudo cn SSSD mas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3345 +#: sssd.conf.5.xml:3348 msgid "selinux_provider (string)" msgstr "selinux_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3348 +#: sssd.conf.5.xml:3351 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -4824,7 +4831,7 @@ msgstr "" "finalice. Los proveedores selinux soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3354 +#: sssd.conf.5.xml:3357 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -4836,14 +4843,14 @@ msgstr "" "IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3362 +#: sssd.conf.5.xml:3365 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" "<quote>none</quote> deshabilita ir a buscar los ajustes selinux " "explícitamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3365 +#: sssd.conf.5.xml:3368 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." @@ -4852,12 +4859,12 @@ msgstr "" "manejar las peticiones de carga selinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3371 +#: sssd.conf.5.xml:3374 msgid "subdomains_provider (string)" msgstr "subdomains_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3374 +#: sssd.conf.5.xml:3377 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" @@ -4867,7 +4874,7 @@ msgstr "" "soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3380 +#: sssd.conf.5.xml:3383 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -4879,7 +4886,7 @@ msgstr "" "configuración de IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3389 +#: sssd.conf.5.xml:3392 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -4892,18 +4899,18 @@ msgstr "" "configuración del proveedor AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3398 +#: sssd.conf.5.xml:3401 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" "<quote>none</quote> deshabilita el buscador de subdominios explícitamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3408 +#: sssd.conf.5.xml:3411 msgid "session_provider (string)" msgstr "session_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3411 +#: sssd.conf.5.xml:3414 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -4915,14 +4922,14 @@ msgstr "" "de sesiones soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3418 +#: sssd.conf.5.xml:3421 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" "<quote>ipa</quote> para permitir llevar a cabo tareas relacionadas con la " "sesión de usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3422 +#: sssd.conf.5.xml:3425 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" @@ -4930,7 +4937,7 @@ msgstr "" "de usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3426 +#: sssd.conf.5.xml:3429 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." @@ -4939,12 +4946,12 @@ msgstr "" "llevar a cabo tareas relacionadas con la sesión de usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3433 +#: sssd.conf.5.xml:3436 msgid "autofs_provider (string)" msgstr "autofs_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3436 +#: sssd.conf.5.xml:3439 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" @@ -4952,7 +4959,7 @@ msgstr "" "son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3440 +#: sssd.conf.5.xml:3443 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4964,7 +4971,7 @@ msgstr "" "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3447 +#: sssd.conf.5.xml:3450 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4976,7 +4983,7 @@ msgstr "" "IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3455 +#: sssd.conf.5.xml:3458 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4988,17 +4995,17 @@ msgstr "" "proveedor AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3464 +#: sssd.conf.5.xml:3467 msgid "<quote>none</quote> disables autofs explicitly." msgstr "<quote>none</quote> deshabilita autofs explícitamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3474 +#: sssd.conf.5.xml:3477 msgid "hostid_provider (string)" msgstr "hostid_provider (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3477 +#: sssd.conf.5.xml:3480 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" @@ -5007,7 +5014,7 @@ msgstr "" "proveedores de hostid soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3481 +#: sssd.conf.5.xml:3484 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -5019,31 +5026,31 @@ msgstr "" "configuración de IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3492 msgid "<quote>none</quote> disables hostid explicitly." msgstr "<quote>none</quote> deshabilita hostid explícitamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3499 +#: sssd.conf.5.xml:3502 msgid "resolver_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3502 +#: sssd.conf.5.xml:3505 msgid "" "The provider which should handle hosts and networks lookups. Supported " "resolver providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3506 +#: sssd.conf.5.xml:3509 msgid "" "<quote>proxy</quote> to forward lookups to another NSS library. See " "<quote>proxy_resolver_lib_name</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3510 +#: sssd.conf.5.xml:3513 msgid "" "<quote>ldap</quote> to fetch hosts and networks stored in LDAP. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -5051,7 +5058,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3517 +#: sssd.conf.5.xml:3520 msgid "" "<quote>ad</quote> to fetch hosts and networks stored in AD. See " "<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" @@ -5060,12 +5067,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3525 +#: sssd.conf.5.xml:3528 msgid "<quote>none</quote> disallows fetching hosts and networks explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3538 +#: sssd.conf.5.xml:3541 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -5080,7 +5087,7 @@ msgstr "" "dominios Active Directory, el nombre plano (NetBIOS) del dominio." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3547 +#: sssd.conf.5.xml:3550 #, fuzzy #| msgid "" #| "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" @@ -5097,17 +5104,17 @@ msgstr "" "nombres de usuario:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3552 sssd.conf.5.xml:3566 +#: sssd.conf.5.xml:3555 sssd.conf.5.xml:3569 msgid "username" msgstr "nombre de usuario" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3555 sssd.conf.5.xml:3569 +#: sssd.conf.5.xml:3558 sssd.conf.5.xml:3572 msgid "username@domain.name" msgstr "username@domain.name" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3560 +#: sssd.conf.5.xml:3563 #, fuzzy #| msgid "" #| "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" @@ -5126,12 +5133,12 @@ msgstr "" "nombres de usuario:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3572 +#: sssd.conf.5.xml:3575 msgid "domain\\username" msgstr "dominio/nombre_de_usuario" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3575 +#: sssd.conf.5.xml:3578 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." @@ -5141,7 +5148,7 @@ msgstr "" "dominios Windows." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3580 +#: sssd.conf.5.xml:3583 msgid "" "The default re_expression uses the <quote>@</quote> character as a separator " "between the name and the domain. As a result of this setting the default " @@ -5151,17 +5158,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3632 +#: sssd.conf.5.xml:3635 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Predeterminado: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3638 +#: sssd.conf.5.xml:3641 msgid "lookup_family_order (string)" msgstr "lookup_family_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3641 +#: sssd.conf.5.xml:3644 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -5170,57 +5177,57 @@ msgstr "" "a usar cuando se lleven a cabo búsquedas DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3645 +#: sssd.conf.5.xml:3648 msgid "Supported values:" msgstr "Valores soportados:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3648 +#: sssd.conf.5.xml:3651 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "ipv4_first: Intenta buscar dirección IPv4, si falla, intenta IPv6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3651 +#: sssd.conf.5.xml:3654 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "ipv4_only: Sólo intenta resolver nombres de host a direccones IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3654 +#: sssd.conf.5.xml:3657 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "ipv6_first: Intenta buscar dirección IPv6, si falla, intenta IPv4" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3657 +#: sssd.conf.5.xml:3660 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "ipv6_only: Sólo intenta resolver nombres de host a direccones IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3660 +#: sssd.conf.5.xml:3663 msgid "Default: ipv4_first" msgstr "Predeterminado: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3666 +#: sssd.conf.5.xml:3669 #, fuzzy #| msgid "dns_resolver_timeout (integer)" msgid "dns_resolver_server_timeout (integer)" msgstr "dns_resolver_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3669 +#: sssd.conf.5.xml:3672 msgid "" "Defines the amount of time (in milliseconds) SSSD would try to talk to DNS " "server before trying next DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3674 +#: sssd.conf.5.xml:3677 msgid "" "The AD provider will use this option for the CLDAP ping timeouts as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3678 sssd.conf.5.xml:3698 sssd.conf.5.xml:3719 +#: sssd.conf.5.xml:3681 sssd.conf.5.xml:3701 sssd.conf.5.xml:3722 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." @@ -5229,19 +5236,19 @@ msgstr "" "información sobre la resolución del servicio." #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3683 sssd-ldap.5.xml:645 include/failover.xml:84 +#: sssd.conf.5.xml:3686 sssd-ldap.5.xml:656 include/failover.xml:84 msgid "Default: 1000" msgstr "Predeterminado: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3689 +#: sssd.conf.5.xml:3692 #, fuzzy #| msgid "dns_resolver_timeout (integer)" msgid "dns_resolver_op_timeout (integer)" msgstr "dns_resolver_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3692 +#: sssd.conf.5.xml:3695 msgid "" "Defines the amount of time (in seconds) to wait to resolve single DNS query " "(e.g. resolution of a hostname or an SRV record) before trying the next " @@ -5249,17 +5256,17 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3703 include/failover.xml:100 +#: sssd.conf.5.xml:3706 include/failover.xml:100 msgid "Default: 3" msgstr "Predeterminado: 3" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3709 +#: sssd.conf.5.xml:3712 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3712 +#: sssd.conf.5.xml:3715 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -5272,14 +5279,14 @@ msgstr "" "trabajando en modo offline." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3730 +#: sssd.conf.5.xml:3733 #, fuzzy #| msgid "dns_resolver_timeout (integer)" msgid "dns_resolver_use_search_list (bool)" msgstr "dns_resolver_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3733 +#: sssd.conf.5.xml:3736 msgid "" "Normally, the DNS resolver searches the domain list defined in the " "\"search\" directive from the resolv.conf file. This can lead to delays in " @@ -5287,7 +5294,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3739 +#: sssd.conf.5.xml:3742 msgid "" "If fully qualified domain names (or _srv_) are used in the SSSD " "configuration, setting this option to FALSE can prevent unnecessary DNS " @@ -5295,17 +5302,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3745 +#: sssd.conf.5.xml:3748 msgid "Default: TRUE" msgstr "Predeterminado: TRUE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3751 +#: sssd.conf.5.xml:3754 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3754 +#: sssd.conf.5.xml:3757 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -5314,20 +5321,20 @@ msgstr "" "de dominio de la pregunta al descubridor de servicio DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3758 +#: sssd.conf.5.xml:3761 msgid "Default: Use the domain part of machine's hostname" msgstr "" "Predeterminado: Utilizar la parte del dominio del nombre de host del equipo" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3764 +#: sssd.conf.5.xml:3767 #, fuzzy #| msgid "p11_wait_for_card_timeout (integer)" msgid "failover_primary_timeout (integer)" msgstr "p11_wait_for_card_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3767 +#: sssd.conf.5.xml:3770 msgid "" "When no primary server is available, SSSD fails over to a backup server. " "This option defines the number of seconds SSSD waits before attempting to " @@ -5335,61 +5342,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3774 +#: sssd.conf.5.xml:3777 msgid "Note: The minimum value is 31." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3777 +#: sssd.conf.5.xml:3780 #, fuzzy #| msgid "Default: 3" msgid "Default: 31" msgstr "Predeterminado: 3" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3783 +#: sssd.conf.5.xml:3786 msgid "override_gid (integer)" msgstr "override_gid (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3786 +#: sssd.conf.5.xml:3789 msgid "Override the primary GID value with the one specified." msgstr "Anula el valor primario GID con el especificado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3792 +#: sssd.conf.5.xml:3795 msgid "case_sensitive (string)" msgstr "case_sensitive (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3799 +#: sssd.conf.5.xml:3802 msgid "True" msgstr "True" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3802 +#: sssd.conf.5.xml:3805 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" "Distingue mayúsculas y minúsculas. Este valor es invalido para el proveedor " "AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3808 +#: sssd.conf.5.xml:3811 msgid "False" msgstr "False" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3810 +#: sssd.conf.5.xml:3813 msgid "Case insensitive." msgstr "No sensible a mayúsculas minúsculas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3814 +#: sssd.conf.5.xml:3817 msgid "Preserving" msgstr "Preserving" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3817 +#: sssd.conf.5.xml:3820 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -5401,14 +5408,14 @@ msgstr "" "protocolo) están en minúsculas en la salida." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3825 +#: sssd.conf.5.xml:3828 msgid "" "If you want to set this value for trusted domain with IPA provider, you need " "to set it on both the client and SSSD on the server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3795 +#: sssd.conf.5.xml:3798 #, fuzzy #| msgid "" #| "The available options are: <placeholder type=\"variablelist\" id=\"0\"/>" @@ -5419,17 +5426,17 @@ msgstr "" "Las opciones disponibles son: <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3840 +#: sssd.conf.5.xml:3843 msgid "Default: True (False for AD provider)" msgstr "Predeterminado: True (False para proveedor AD)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3846 +#: sssd.conf.5.xml:3849 msgid "subdomain_inherit (string)" msgstr "subdomain_inherit (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3849 +#: sssd.conf.5.xml:3852 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -5441,61 +5448,61 @@ msgstr "" "siguientes opciones:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3855 +#: sssd.conf.5.xml:3858 #, fuzzy #| msgid "ldap_search_timeout (integer)" msgid "ldap_search_timeout" msgstr "ldap_search_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3858 +#: sssd.conf.5.xml:3861 #, fuzzy #| msgid "ldap_network_timeout (integer)" msgid "ldap_network_timeout" msgstr "ldap_network_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3861 +#: sssd.conf.5.xml:3864 #, fuzzy #| msgid "ldap_opt_timeout (integer)" msgid "ldap_opt_timeout" msgstr "ldap_opt_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3864 +#: sssd.conf.5.xml:3867 #, fuzzy #| msgid "ldap_connection_expire_timeout (integer)" msgid "ldap_offline_timeout" msgstr "ldap_connection_expire_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3867 +#: sssd.conf.5.xml:3870 #, fuzzy #| msgid "ldap_enumeration_refresh_timeout (integer)" msgid "ldap_enumeration_refresh_timeout" msgstr "ldap_enumeration_refresh_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3870 +#: sssd.conf.5.xml:3873 #, fuzzy #| msgid "ldap_enumeration_refresh_timeout (integer)" msgid "ldap_enumeration_refresh_offset" msgstr "ldap_enumeration_refresh_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3873 +#: sssd.conf.5.xml:3876 msgid "ldap_purge_cache_timeout" msgstr "ldap_purge_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3876 +#: sssd.conf.5.xml:3879 #, fuzzy #| msgid "ldap_purge_cache_timeout" msgid "ldap_purge_cache_offset" msgstr "ldap_purge_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3879 +#: sssd.conf.5.xml:3882 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" @@ -5504,71 +5511,71 @@ msgstr "" "explícitamente ldap_krb5_keytab)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3883 +#: sssd.conf.5.xml:3886 #, fuzzy #| msgid "ldap_krb5_ticket_lifetime (integer)" msgid "ldap_krb5_ticket_lifetime" msgstr "ldap_krb5_ticket_lifetime (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3886 +#: sssd.conf.5.xml:3889 #, fuzzy #| msgid "ldap_enumeration_search_timeout (integer)" msgid "ldap_enumeration_search_timeout" msgstr "ldap_enumeration_search_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3889 +#: sssd.conf.5.xml:3892 #, fuzzy #| msgid "ldap_connection_expire_timeout (integer)" msgid "ldap_connection_expire_timeout" msgstr "ldap_connection_expire_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3892 +#: sssd.conf.5.xml:3895 #, fuzzy #| msgid "ldap_connection_expire_timeout (integer)" msgid "ldap_connection_expire_offset" msgstr "ldap_connection_expire_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3895 +#: sssd.conf.5.xml:3898 #, fuzzy #| msgid "ldap_connection_expire_timeout (integer)" msgid "ldap_connection_idle_timeout" msgstr "ldap_connection_expire_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3898 sssd-ldap.5.xml:401 +#: sssd.conf.5.xml:3901 sssd-ldap.5.xml:412 msgid "ldap_use_tokengroups" msgstr "ldap_use_tokengroups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3901 +#: sssd.conf.5.xml:3904 msgid "ldap_user_principal" msgstr "ldap_user_principal" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3904 +#: sssd.conf.5.xml:3907 msgid "ignore_group_members" msgstr "ignore_group_members" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3907 +#: sssd.conf.5.xml:3910 #, fuzzy #| msgid "auto_private_groups (string)" msgid "auto_private_groups" msgstr "auto_private_groups (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3910 +#: sssd.conf.5.xml:3913 #, fuzzy #| msgid "Case insensitive." msgid "case_sensitive" msgstr "No sensible a mayúsculas minúsculas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3915 +#: sssd.conf.5.xml:3918 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -5578,27 +5585,27 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3922 +#: sssd.conf.5.xml:3925 msgid "Note: This option only works with the IPA and AD provider." msgstr "Aviso: Esta opción solo trabaja con el proveedor IPA y AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3929 +#: sssd.conf.5.xml:3932 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3940 +#: sssd.conf.5.xml:3943 msgid "%F" msgstr "%F" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3941 +#: sssd.conf.5.xml:3944 msgid "flat (NetBIOS) name of a subdomain." msgstr "flat (NetBIOS) nombre de un subdominio." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3932 +#: sssd.conf.5.xml:3935 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -5614,7 +5621,7 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3946 +#: sssd.conf.5.xml:3949 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" @@ -5622,17 +5629,17 @@ msgstr "" "emphasis>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3950 +#: sssd.conf.5.xml:3953 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "Por defecto: <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3955 +#: sssd.conf.5.xml:3958 msgid "realmd_tags (string)" msgstr "realmd_tags (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3958 +#: sssd.conf.5.xml:3961 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" @@ -5640,12 +5647,12 @@ msgstr "" "este dominio." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3964 +#: sssd.conf.5.xml:3967 msgid "cached_auth_timeout (int)" msgstr "cached_auth_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3967 +#: sssd.conf.5.xml:3970 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -5658,7 +5665,7 @@ msgstr "" "incorrectas, SSSD cae de nuevo a la autenticación en linea." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3975 +#: sssd.conf.5.xml:3978 msgid "" "This option's value is inherited by all trusted domains. At the moment it is " "not possible to set a different value per trusted domain." @@ -5668,12 +5675,12 @@ msgstr "" "confianza." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3980 +#: sssd.conf.5.xml:3983 msgid "Special value 0 implies that this feature is disabled." msgstr "El valor especial 0 implica que esta función está deshabilitada." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3984 +#: sssd.conf.5.xml:3987 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -5684,14 +5691,14 @@ msgstr "" "gestionar <quote>initgroups.</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3995 +#: sssd.conf.5.xml:3998 #, fuzzy #| msgid "ldap_pwd_policy (string)" msgid "local_auth_policy (string)" msgstr "ldap_pwd_policy (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3998 +#: sssd.conf.5.xml:4001 msgid "" "Local authentication methods policy. Some backends (i.e. LDAP, proxy " "provider) only support a password based authentication, while others can " @@ -5703,7 +5710,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4010 +#: sssd.conf.5.xml:4013 msgid "" "There are three possible values for this option: match, only, enable. " "<quote>match</quote> is used to match offline and online states for Kerberos " @@ -5715,7 +5722,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4023 +#: sssd.conf.5.xml:4026 msgid "" "The following table shows which authentication methods, if configured " "properly, are currently enabled or disabled for each backend, with the " @@ -5723,46 +5730,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4036 +#: sssd.conf.5.xml:4039 #, fuzzy #| msgid "ldap_pwd_policy (string)" msgid "local_auth_policy = match (default)" msgstr "ldap_pwd_policy (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4037 +#: sssd.conf.5.xml:4040 msgid "Passkey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4038 +#: sssd.conf.5.xml:4041 #, fuzzy #| msgid "gdm-smartcard" msgid "Smartcard" msgstr "gdm-smartcard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4041 sssd-ldap.5.xml:189 +#: sssd.conf.5.xml:4044 sssd-ldap.5.xml:189 msgid "IPA" msgstr "IPA" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4044 sssd-ldap.5.xml:194 +#: sssd.conf.5.xml:4047 sssd-ldap.5.xml:194 msgid "AD" msgstr "AD" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para> -#: sssd.conf.5.xml:4044 sssd.conf.5.xml:4047 sssd.conf.5.xml:4048 +#: sssd.conf.5.xml:4047 sssd.conf.5.xml:4050 sssd.conf.5.xml:4051 msgid "disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry> -#: sssd.conf.5.xml:4047 +#: sssd.conf.5.xml:4050 msgid "LDAP" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4052 +#: sssd.conf.5.xml:4055 msgid "" "Please note that if local Smartcard authentication is enabled and a " "Smartcard is present, Smartcard authentication will be preferred over the " @@ -5771,7 +5778,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4064 +#: sssd.conf.5.xml:4067 #, no-wrap msgid "" "[domain/shadowutils]\n" @@ -5782,7 +5789,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4060 +#: sssd.conf.5.xml:4063 msgid "" "The following configuration example allows local users to authenticate " "locally using any enabled method (i.e. smartcard, passkey). <placeholder " @@ -5790,31 +5797,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4072 +#: sssd.conf.5.xml:4075 msgid "" "It is expected that the <quote>files</quote> provider ignores the " "local_auth_policy option and supports Smartcard authentication by default." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4077 +#: sssd.conf.5.xml:4080 #, fuzzy #| msgid "Default: mail" msgid "Default: match" msgstr "Predeterminado: mail" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4082 +#: sssd.conf.5.xml:4085 msgid "auto_private_groups (string)" msgstr "auto_private_groups (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4088 +#: sssd.conf.5.xml:4091 msgid "true" msgstr "true" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4091 +#: sssd.conf.5.xml:4094 msgid "" "Create user's private group unconditionally from user's UID number. The GID " "number is ignored in this case." @@ -5823,7 +5830,7 @@ msgstr "" "usuario. El número GID se ignora en este caso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4095 +#: sssd.conf.5.xml:4098 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -5836,12 +5843,12 @@ msgstr "" "unicidad den el espacio de ID." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4104 +#: sssd.conf.5.xml:4107 msgid "false" msgstr "false" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4107 +#: sssd.conf.5.xml:4110 msgid "" "Always use the user's primary GID number. The GID number must refer to a " "group object in the LDAP database." @@ -5850,12 +5857,12 @@ msgstr "" "a un objeto grupo en las base de datos LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4113 +#: sssd.conf.5.xml:4116 msgid "hybrid" msgstr "hybrid" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4116 +#: sssd.conf.5.xml:4119 msgid "" "A primary group is autogenerated for user entries whose UID and GID numbers " "have the same value and at the same time the GID number does not correspond " @@ -5870,7 +5877,7 @@ msgstr "" "grupo, el GID primario del usuario se resuelve al de ese objeto grupo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4129 +#: sssd.conf.5.xml:4132 msgid "" "If the UID and GID of a user are different, then the GID must correspond to " "a group entry, otherwise the GID is simply not resolvable." @@ -5879,7 +5886,7 @@ msgstr "" "una entrada de grupo, de otro modo el GID simplemente no se puede resolver." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4136 +#: sssd.conf.5.xml:4139 msgid "" "This feature is useful for environments that wish to stop maintaining a " "separate group objects for the user private groups, but also wish to retain " @@ -5890,7 +5897,7 @@ msgstr "" "también desea retener los grupos privados existentes del usuario." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4085 +#: sssd.conf.5.xml:4088 msgid "" "This option takes any of three available values: <placeholder " "type=\"variablelist\" id=\"0\"/>" @@ -5899,7 +5906,7 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4148 +#: sssd.conf.5.xml:4151 msgid "" "For subdomains, the default value is False for subdomains that use assigned " "POSIX IDs and True for subdomains that use automatic ID-mapping." @@ -5908,7 +5915,7 @@ msgstr "" "POSIX IDs asignados y True para subdominios que usan mapeo de ID automático." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4156 +#: sssd.conf.5.xml:4159 #, no-wrap msgid "" "[domain/forest.domain/sub.domain]\n" @@ -5918,7 +5925,7 @@ msgstr "" "auto_private_groups = false\n" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4162 +#: sssd.conf.5.xml:4165 #, no-wrap msgid "" "[domain/forest.domain]\n" @@ -5930,7 +5937,7 @@ msgstr "" "auto_private_groups = false\n" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4153 +#: sssd.conf.5.xml:4156 msgid "" "The value of auto_private_groups can either be set per subdomains in a " "subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " @@ -5944,7 +5951,7 @@ msgstr "" "type=\"programlisting\" id=\"1\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2552 +#: sssd.conf.5.xml:2555 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -5956,17 +5963,17 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4177 +#: sssd.conf.5.xml:4180 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4180 +#: sssd.conf.5.xml:4183 msgid "The proxy target PAM proxies to." msgstr "El proxy de destino PAM próximo a." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4183 +#: sssd.conf.5.xml:4186 #, fuzzy #| msgid "" #| "Default: not set by default, you have to take an existing pam " @@ -5980,12 +5987,12 @@ msgstr "" "pam existente o crear una nueva y añadir el nombre de servicio aquí." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4193 +#: sssd.conf.5.xml:4196 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4196 +#: sssd.conf.5.xml:4199 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -5996,12 +6003,12 @@ msgstr "" "_nss_$(libName)_$(function), por ejemplo _nss_files_getpwent." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4206 +#: sssd.conf.5.xml:4209 msgid "proxy_resolver_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4209 +#: sssd.conf.5.xml:4212 msgid "" "The name of the NSS library to use for hosts and networks lookups in proxy " "domains. The NSS functions searched for in the library are in the form of " @@ -6009,12 +6016,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4220 +#: sssd.conf.5.xml:4223 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4223 +#: sssd.conf.5.xml:4226 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -6028,12 +6035,12 @@ msgstr "" "razones de rendimiento." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4237 +#: sssd.conf.5.xml:4240 msgid "proxy_max_children (integer)" msgstr "proxy_max_children (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4240 +#: sssd.conf.5.xml:4243 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -6045,7 +6052,7 @@ msgstr "" "son encoladas." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4173 +#: sssd.conf.5.xml:4176 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -6054,12 +6061,12 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:4256 +#: sssd.conf.5.xml:4259 msgid "Application domains" msgstr "Dominios de aplicaciones" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4258 +#: sssd.conf.5.xml:4261 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -6088,7 +6095,7 @@ msgstr "" "que opcionalmente herede ajustes de un dominio SSSD tradicional." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4278 +#: sssd.conf.5.xml:4281 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -6100,17 +6107,17 @@ msgstr "" "establecido correctamente." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:4284 +#: sssd.conf.5.xml:4287 msgid "Application domain parameters" msgstr "Parámetros de dominio de aplicación" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4286 +#: sssd.conf.5.xml:4289 msgid "inherit_from (string)" msgstr "inherit_from (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4289 +#: sssd.conf.5.xml:4292 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -6123,7 +6130,7 @@ msgstr "" "<quote>hermano</quote>." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4303 +#: sssd.conf.5.xml:4306 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -6138,7 +6145,7 @@ msgstr "" "cache y hace al atributo phone alcanzable a través del interfaz D-Bus." #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:4311 +#: sssd.conf.5.xml:4314 #, no-wrap msgid "" "[sssd]\n" @@ -6172,12 +6179,12 @@ msgstr "" "ldap_user_extra_attrs = phone:telephoneNumber\n" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4331 +#: sssd.conf.5.xml:4334 msgid "TRUSTED DOMAIN SECTION" msgstr "SECCIÓN DE DOMINIO DE CONFIANZA" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4333 +#: sssd.conf.5.xml:4336 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -6194,57 +6201,57 @@ msgstr "" "soportadas en la sección de dominio de confianza son:" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4340 +#: sssd.conf.5.xml:4343 msgid "ldap_search_base," msgstr "ldap_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4341 +#: sssd.conf.5.xml:4344 msgid "ldap_user_search_base," msgstr "ldap_user_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4342 +#: sssd.conf.5.xml:4345 msgid "ldap_group_search_base," msgstr "ldap_group_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4343 +#: sssd.conf.5.xml:4346 msgid "ldap_netgroup_search_base," msgstr "ldap_netgroup_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4344 +#: sssd.conf.5.xml:4347 msgid "ldap_service_search_base," msgstr "ldap_service_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4345 +#: sssd.conf.5.xml:4348 msgid "ldap_sasl_mech," msgstr "ldap_sasl_mech," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4346 +#: sssd.conf.5.xml:4349 msgid "ad_server," msgstr "ad_server," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4347 +#: sssd.conf.5.xml:4350 msgid "ad_backup_server," msgstr "ad_backup_server," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4348 +#: sssd.conf.5.xml:4351 msgid "ad_site," msgstr "ad_site," #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4349 sssd-ipa.5.xml:884 +#: sssd.conf.5.xml:4352 sssd-ipa.5.xml:948 msgid "use_fully_qualified_names" msgstr "use_fully_qualified_names" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4353 +#: sssd.conf.5.xml:4356 msgid "" "For more details about these options see their individual description in the " "manual page." @@ -6253,12 +6260,12 @@ msgstr "" "página de manual." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4359 +#: sssd.conf.5.xml:4362 msgid "CERTIFICATE MAPPING SECTION" msgstr "SECCIÓN DE MAPEO DEL CERTIFICADO" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4361 +#: sssd.conf.5.xml:4364 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -6280,7 +6287,7 @@ msgstr "" "usan autenticación PAM." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4375 +#: sssd.conf.5.xml:4378 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -6292,7 +6299,7 @@ msgstr "" "citerefentry>)." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4384 +#: sssd.conf.5.xml:4387 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -6306,12 +6313,12 @@ msgstr "" "opciones:" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4391 +#: sssd.conf.5.xml:4394 msgid "matchrule (string)" msgstr "matchrule (cadena)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4394 +#: sssd.conf.5.xml:4397 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." @@ -6320,7 +6327,7 @@ msgstr "" "procesados, los demás son ignorados." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4398 +#: sssd.conf.5.xml:4401 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" @@ -6329,17 +6336,17 @@ msgstr "" "tengan Extended Key Usage <quote>clientAuth</quote>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4405 +#: sssd.conf.5.xml:4408 msgid "maprule (string)" msgstr "maprule (cadena)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4408 +#: sssd.conf.5.xml:4411 msgid "Defines how the user is found for a given certificate." msgstr "Define como se encuentra un usuario desde un certificado dado." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4414 +#: sssd.conf.5.xml:4417 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." @@ -6348,21 +6355,20 @@ msgstr "" "como <quote>ldap</quote>, <quote>AD</quote> o <quote>ipa</quote>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4420 +#: sssd.conf.5.xml:4423 msgid "" -"The RULE_NAME for the <quote>files</quote> provider which tries to find a " -"user with the same name." +"If maprule is not set and provider is <quote>proxy</quote><phrase " +"condition=\"with_files_provider\">  or <quote>files</quote></phrase>, " +"the RULE_NAME name is assumed to be the name of the matching user." msgstr "" -"El RULE_NAME para el proveedor de <quote>ficheros</quote> que intenta " -"encontrar un usuario con el mismo nombre." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4429 +#: sssd.conf.5.xml:4434 msgid "domains (string)" msgstr "domains (cadena)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4432 +#: sssd.conf.5.xml:4437 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -6375,17 +6381,17 @@ msgstr "" "usada para añadir la regla a los subdominios también." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4439 +#: sssd.conf.5.xml:4444 msgid "Default: the configured domain in sssd.conf" msgstr "Predetermiado: el dominio configurado en sssd.conf" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4444 +#: sssd.conf.5.xml:4449 msgid "priority (integer)" msgstr "priority (entero)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4447 +#: sssd.conf.5.xml:4452 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -6396,12 +6402,12 @@ msgstr "" "más alte mientras que <quote>4294967295</quote> es la más baja." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4453 +#: sssd.conf.5.xml:4458 msgid "Default: the lowest priority" msgstr "Predeterminado: la prioridad más baja" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4459 +#: sssd.conf.5.xml:4464 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" @@ -6411,7 +6417,7 @@ msgstr "" "propiedades especiales:" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4465 +#: sssd.conf.5.xml:4470 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" @@ -6420,7 +6426,7 @@ msgstr "" "usuario coincidente" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4471 +#: sssd.conf.5.xml:4476 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -6433,17 +6439,17 @@ msgstr "" "short_name})</quote>" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4480 +#: sssd.conf.5.xml:4485 msgid "the <quote>domains</quote> option is ignored" msgstr "la opción <quote>domains</quote> es ignorada" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4488 +#: sssd.conf.5.xml:4493 msgid "PROMPTING CONFIGURATION SECTION" msgstr "SECCIÓN DE CONFIGURACIÓN INICIAL" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4490 +#: sssd.conf.5.xml:4495 msgid "" "If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" "filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " @@ -6458,7 +6464,7 @@ msgstr "" "al usuario las credenciales apropiadas." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4498 +#: sssd.conf.5.xml:4503 msgid "" "With the growing number of authentication methods and the possibility that " "there are multiple ones for a single user the heuristic used by pam_sss to " @@ -6471,22 +6477,22 @@ msgstr "" "Las siguientes opciones deberían suministrar una mejor flexibilidad aquí." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4510 +#: sssd.conf.5.xml:4515 msgid "[prompting/password]" msgstr "[prompting/password]" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4513 +#: sssd.conf.5.xml:4518 msgid "password_prompt" msgstr "password_prompt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4514 +#: sssd.conf.5.xml:4519 msgid "to change the string of the password prompt" msgstr "cambiar la cadena de solicitud de contraseña" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4512 +#: sssd.conf.5.xml:4517 msgid "" "to configure password prompting, allowed options are: <placeholder " "type=\"variablelist\" id=\"0\"/>" @@ -6495,37 +6501,37 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4522 +#: sssd.conf.5.xml:4527 msgid "[prompting/2fa]" msgstr "[prompting/2fa]" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4526 +#: sssd.conf.5.xml:4531 msgid "first_prompt" msgstr "first_prompt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4527 +#: sssd.conf.5.xml:4532 msgid "to change the string of the prompt for the first factor" msgstr "para cambiar la cadena de la solicitud del primer factor" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4530 +#: sssd.conf.5.xml:4535 msgid "second_prompt" msgstr "second_prompt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4531 +#: sssd.conf.5.xml:4536 msgid "to change the string of the prompt for the second factor" msgstr "para cambiar la cadena de la solicitud para el segundo factor" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4534 +#: sssd.conf.5.xml:4539 msgid "single_prompt" msgstr "single_prompt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4535 +#: sssd.conf.5.xml:4540 #, fuzzy #| msgid "" #| "boolean value, if True there will be only a single prompt using the value " @@ -6542,7 +6548,7 @@ msgstr "" "única cadena" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4524 +#: sssd.conf.5.xml:4529 msgid "" "to configure two-factor authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/> If the second factor is " @@ -6551,7 +6557,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4548 +#: sssd.conf.5.xml:4553 msgid "" "Some clients, such as SSH with 'PasswordAuthentication yes', generate their " "own prompts and do not use prompts provided by SSSD or other PAM modules. " @@ -6562,19 +6568,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4563 +#: sssd.conf.5.xml:4568 #, fuzzy #| msgid "[prompting/password]" msgid "[prompting/passkey]" msgstr "[prompting/password]" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4569 sssd-ad.5.xml:1022 +#: sssd.conf.5.xml:4574 sssd-ad.5.xml:1022 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4571 +#: sssd.conf.5.xml:4576 msgid "" "boolean value, if True prompt a message and wait before testing the presence " "of a passkey device. Recommended if your device doesn’t have a tactile " @@ -6582,47 +6588,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4579 +#: sssd.conf.5.xml:4584 #, fuzzy #| msgid "first_prompt" msgid "interactive_prompt" msgstr "first_prompt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4581 +#: sssd.conf.5.xml:4586 #, fuzzy #| msgid "to change the string of the password prompt" msgid "to change the message of the interactive prompt." msgstr "cambiar la cadena de solicitud de contraseña" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4586 +#: sssd.conf.5.xml:4591 msgid "touch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4588 +#: sssd.conf.5.xml:4593 msgid "" "boolean value, if True prompt a message to remind the user to touch the " "device." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4594 +#: sssd.conf.5.xml:4599 #, fuzzy #| msgid "first_prompt" msgid "touch_prompt" msgstr "first_prompt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4596 +#: sssd.conf.5.xml:4601 #, fuzzy #| msgid "to change the string of the password prompt" msgid "to change the message of the touch prompt." msgstr "cambiar la cadena de solicitud de contraseña" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4565 +#: sssd.conf.5.xml:4570 #, fuzzy #| msgid "" #| "to configure two-factor authentication prompting, allowed options are: " @@ -6635,7 +6641,7 @@ msgstr "" "permitidas son: <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4505 +#: sssd.conf.5.xml:4510 #, fuzzy #| msgid "" #| "Each supported authentication method has its own configuration subsection " @@ -6654,7 +6660,7 @@ msgstr "" "type=\"variablelist\" id=\"1\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4607 +#: sssd.conf.5.xml:4612 msgid "" "It is possible to add a subsection for specific PAM services, e.g. " "<quote>[prompting/password/sshd]</quote> to individual change the prompting " @@ -6665,12 +6671,12 @@ msgstr "" "pregunta para este servicio." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4614 pam_sss_gss.8.xml:157 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:4619 pam_sss_gss.8.xml:157 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "EJEMPLOS" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4620 +#: sssd.conf.5.xml:4625 #, fuzzy, no-wrap #| msgid "" #| "[sssd]\n" @@ -6748,7 +6754,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4616 +#: sssd.conf.5.xml:4621 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -6761,7 +6767,7 @@ msgstr "" "type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4652 +#: sssd.conf.5.xml:4657 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -6771,7 +6777,7 @@ msgstr "" "use_fully_qualified_names = false\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4646 +#: sssd.conf.5.xml:4651 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -6788,7 +6794,7 @@ msgstr "" "type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4663 +#: sssd.conf.5.xml:4668 #, fuzzy, no-wrap #| msgid "" #| "[certmap/my.domain/rule_name]\n" @@ -6816,7 +6822,7 @@ msgstr "" "matchrule = <ISSUER>^CN=My-CA,DC=MY,DC=DOMAIN$<SUBJECT>^CN=User.Name,DC=MY,DC=DOMAIN$\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4657 +#: sssd.conf.5.xml:4662 #, fuzzy #| msgid "" #| "3. The following example shows the configuration for two certificate " @@ -7171,8 +7177,17 @@ msgstr "exop - Operación Extendida de Modificación de Contraseña (RFC 3062)" msgid "ldap_modify - Direct modification of userPassword (not recommended)." msgstr "ldap_modify - Modificación directa de userPassword (no recomendado)." +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:239 +msgid "" +"exop_force - Try Password Modify Extended Operation (RFC 3062) even if there " +"are no grace logins left. Depending on the type and configuration of the " +"LDAP server the password change might fail because an authenticated bind is " +"not possible." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:240 +#: sssd-ldap.5.xml:251 msgid "" "Note: First, a new connection is established to verify current password by " "binding as the user that requested password change. If successful, this " @@ -7185,75 +7200,75 @@ msgstr "" "el usuario debe haber escrito el atributo de acceos a userPassword." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:248 +#: sssd-ldap.5.xml:259 msgid "Default: exop" msgstr "Predeterminado: exop" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:265 msgid "ldap_default_bind_dn (string)" msgstr "ldap_default_bind_dn (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:268 msgid "The default bind DN to use for performing LDAP operations." msgstr "" "El enlazador DN por defecto a usar para llevar a cabo operaciones LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:264 +#: sssd-ldap.5.xml:275 msgid "ldap_default_authtok_type (string)" msgstr "ldap_default_authtok_type (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:267 +#: sssd-ldap.5.xml:278 msgid "The type of the authentication token of the default bind DN." msgstr "El tipo de ficha de autenticación del enlazador DN por defecto." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:271 +#: sssd-ldap.5.xml:282 msgid "The two mechanisms currently supported are:" msgstr "Los dos mecanismos actualmente soportados son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:274 +#: sssd-ldap.5.xml:285 msgid "password" msgstr "contraseña" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:288 msgid "obfuscated_password" msgstr "obfuscated_password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:291 msgid "Default: password" msgstr "Por defecto: contraseña" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:283 +#: sssd-ldap.5.xml:294 msgid "" "See the <citerefentry> <refentrytitle>sss_obfuscate</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> manual page for more information." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:294 +#: sssd-ldap.5.xml:305 msgid "ldap_default_authtok (string)" msgstr "ldap_default_authtok (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 +#: sssd-ldap.5.xml:308 msgid "The authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:314 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:317 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -7266,12 +7281,12 @@ msgstr "" "usar mayúsculas reales." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:319 +#: sssd-ldap.5.xml:330 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:322 +#: sssd-ldap.5.xml:333 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." @@ -7280,12 +7295,12 @@ msgstr "" "escondrijo de los registros enumerados." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:349 msgid "ldap_purge_cache_timeout (integer)" msgstr "ldap_purge_cache_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:341 +#: sssd-ldap.5.xml:352 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -7296,7 +7311,7 @@ msgstr "" "para guardar espacio." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:358 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -7310,12 +7325,12 @@ msgstr "" "correrá cada tres horas con la enumeración habilitada." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:367 +#: sssd-ldap.5.xml:378 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:370 +#: sssd-ldap.5.xml:381 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -7327,7 +7342,7 @@ msgstr "" "esquema RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:377 +#: sssd-ldap.5.xml:388 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -7343,7 +7358,7 @@ msgstr "" "conjunto de resultados de la búsqueda origina si se requiere." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:397 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -7359,12 +7374,12 @@ msgstr "" "grupos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:395 +#: sssd-ldap.5.xml:406 msgid "Default: 2" msgstr "Predeterminado: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 +#: sssd-ldap.5.xml:415 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." @@ -7374,23 +7389,23 @@ msgstr "" "posteriores." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:414 +#: sssd-ldap.5.xml:425 msgid "Default: True for AD and IPA otherwise False." msgstr "Predeterminado: True para AD e IPA en otro caso False." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:420 +#: sssd-ldap.5.xml:431 msgid "ldap_host_search_base (string)" msgstr "ldap_host_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:423 +#: sssd-ldap.5.xml:434 msgid "Optional. Use the given string as search base for host objects." msgstr "Opcional. Usa la cadena dada como base de búsqueda para objetos host." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:427 sssd-ipa.5.xml:462 sssd-ipa.5.xml:481 sssd-ipa.5.xml:500 -#: sssd-ipa.5.xml:519 +#: sssd-ldap.5.xml:438 sssd-ipa.5.xml:526 sssd-ipa.5.xml:545 sssd-ipa.5.xml:564 +#: sssd-ipa.5.xml:583 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " "multiple search bases." @@ -7399,32 +7414,32 @@ msgstr "" "de múltiples bases de búsqueda." #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:432 sssd-ipa.5.xml:467 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:443 sssd-ipa.5.xml:531 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "Predeterminado: el valor de <emphasis>ldap_search_base</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:450 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:444 +#: sssd-ldap.5.xml:455 msgid "ldap_iphost_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:449 +#: sssd-ldap.5.xml:460 msgid "ldap_ipnetwork_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:465 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:468 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -7435,7 +7450,7 @@ msgstr "" "escondidos devueltos (y se entra en modo fuera de línea)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:463 +#: sssd-ldap.5.xml:474 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -7446,12 +7461,12 @@ msgstr "" "espera para tipos específicos de búsqueda." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:480 +#: sssd-ldap.5.xml:491 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:483 +#: sssd-ldap.5.xml:494 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -7463,12 +7478,12 @@ msgstr "" "fuera de línea)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:501 +#: sssd-ldap.5.xml:512 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:504 +#: sssd-ldap.5.xml:515 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -7485,12 +7500,12 @@ msgstr "" "citerefentry> vuelve en caso de no actividad." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:532 +#: sssd-ldap.5.xml:543 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:546 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -7504,12 +7519,12 @@ msgstr "" "cambio extendido de contraseña y las operación StartTLS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:566 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:569 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -7522,7 +7537,7 @@ msgstr "" "temprano (este valor contra el tiempo de vida TGT)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:577 msgid "" "If the connection is idle (not actively running an operation) within " "<emphasis>ldap_opt_timeout</emphasis> seconds of expiration, then it will be " @@ -7533,38 +7548,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:578 +#: sssd-ldap.5.xml:589 msgid "" "This timeout can be extended of a random value specified by " "<emphasis>ldap_connection_expire_offset</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:588 sssd-ldap.5.xml:631 sssd-ldap.5.xml:1749 +#: sssd-ldap.5.xml:599 sssd-ldap.5.xml:642 sssd-ldap.5.xml:1760 msgid "Default: 900 (15 minutes)" msgstr "Predeterminado: 900 (15 minutos)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:594 +#: sssd-ldap.5.xml:605 msgid "ldap_connection_expire_offset (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:597 +#: sssd-ldap.5.xml:608 msgid "" "Random offset between 0 and configured value is added to " "<emphasis>ldap_connection_expire_timeout</emphasis>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:624 #, fuzzy #| msgid "ldap_connection_expire_timeout (integer)" msgid "ldap_connection_idle_timeout (integer)" msgstr "ldap_connection_expire_timeout (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 +#: sssd-ldap.5.xml:627 #, fuzzy #| msgid "" #| "Specifies a timeout (in seconds) that a connection to an LDAP server will " @@ -7582,17 +7597,17 @@ msgstr "" "temprano (este valor contra el tiempo de vida TGT)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:622 +#: sssd-ldap.5.xml:633 msgid "You can disable this timeout by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:648 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:651 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." @@ -7601,12 +7616,12 @@ msgstr "" "Algunos servidores LDAP hacen cumplir un límite máximo por petición." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:662 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:654 +#: sssd-ldap.5.xml:665 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -7617,7 +7632,7 @@ msgstr "" "RootDSE pero no está habilitado o no se comporta apropiadamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:660 +#: sssd-ldap.5.xml:671 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." @@ -7627,7 +7642,7 @@ msgstr "" "pero es incapaz de usarlo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:666 +#: sssd-ldap.5.xml:677 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -7638,17 +7653,17 @@ msgstr "" "puede ocasionar que algunas peticiones sean denegadas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:678 +#: sssd-ldap.5.xml:689 msgid "ldap_disable_range_retrieval (boolean)" msgstr "ldap_disable_range_retrieval (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:681 +#: sssd-ldap.5.xml:692 msgid "Disable Active Directory range retrieval." msgstr "Deshabilitar la recuperación del rango de Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:684 +#: sssd-ldap.5.xml:695 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -7664,12 +7679,12 @@ msgstr "" "miembros." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:699 +#: sssd-ldap.5.xml:710 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 +#: sssd-ldap.5.xml:713 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -7680,19 +7695,19 @@ msgstr "" "de esta opción son definidos por OpenLDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:708 sssd-ldap.5.xml:724 +#: sssd-ldap.5.xml:719 sssd-ldap.5.xml:735 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" "Por defecto: Usa el sistema por defecto (normalmente especificado por ldap." "conf)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:715 +#: sssd-ldap.5.xml:726 msgid "ldap_sasl_maxssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:718 +#: sssd-ldap.5.xml:729 msgid "" "When communicating with an LDAP server using SASL, specify the maximal " "security level necessary to establish the connection. The values of this " @@ -7700,12 +7715,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:742 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:734 +#: sssd-ldap.5.xml:745 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -7716,7 +7731,7 @@ msgstr "" "deference. Si hay menos miembros desaparecidos, se buscarán individualmente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:740 +#: sssd-ldap.5.xml:751 msgid "" "You can turn off dereference lookups completely by setting the value to 0. " "Please note that there are some codepaths in SSSD, like the IPA HBAC " @@ -7733,7 +7748,7 @@ msgstr "" "lo soporta y auncia el control de la desreferencia en el objeto rootDSE." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:751 +#: sssd-ldap.5.xml:762 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -7746,7 +7761,7 @@ msgstr "" "soportados son 389/RHDS, OpenLDAP y Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 +#: sssd-ldap.5.xml:770 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -7757,14 +7772,14 @@ msgstr "" "será deshabilitado sin tener en cuenta este ajuste." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:783 #, fuzzy #| msgid "ad_gpo_ignore_unreadable (boolean)" msgid "ldap_ignore_unreadable_references (bool)" msgstr "ad_gpo_ignore_unreadable (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 +#: sssd-ldap.5.xml:786 msgid "" "Ignore unreadable LDAP entries referenced in group's member attribute. If " "this parameter is set to false an error will be returned and the operation " @@ -7772,7 +7787,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:782 +#: sssd-ldap.5.xml:793 msgid "" "This parameter may be useful when using the AD provider and the computer " "account that sssd uses to connect to AD does not have access to a particular " @@ -7780,12 +7795,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:795 +#: sssd-ldap.5.xml:806 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:798 +#: sssd-ldap.5.xml:809 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -7795,7 +7810,7 @@ msgstr "" "los siguientes valores:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 +#: sssd-ldap.5.xml:815 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -7804,7 +7819,7 @@ msgstr "" "certificado de servidor." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:808 +#: sssd-ldap.5.xml:819 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -7815,7 +7830,7 @@ msgstr "" "certificado malo, será ignorado y la sesión continua normalmente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:826 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -7826,7 +7841,7 @@ msgstr "" "certificado malo, la sesión se termina inmediatamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:821 +#: sssd-ldap.5.xml:832 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -7837,22 +7852,22 @@ msgstr "" "termina inmediatamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:838 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> = Igual que <quote>demand</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:831 +#: sssd-ldap.5.xml:842 msgid "Default: hard" msgstr "Predeterminado: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:837 +#: sssd-ldap.5.xml:848 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:840 +#: sssd-ldap.5.xml:851 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -7861,7 +7876,7 @@ msgstr "" "de Certificación que <command>sssd</command> reconocerá." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 sssd-ldap.5.xml:864 sssd-ldap.5.xml:905 +#: sssd-ldap.5.xml:856 sssd-ldap.5.xml:875 sssd-ldap.5.xml:916 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -7870,12 +7885,12 @@ msgstr "" "etc/openldap/ldap.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:852 +#: sssd-ldap.5.xml:863 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:866 #, fuzzy #| msgid "" #| "Specifies the path of a directory that contains Certificate Authority " @@ -7897,33 +7912,33 @@ msgstr "" "para crear los nombres correctos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:871 +#: sssd-ldap.5.xml:882 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:885 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" "Especifica el fichero que contiene el certificado para la clave del cliente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 +#: sssd-ldap.5.xml:895 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:898 msgid "Specifies the file that contains the client's key." msgstr "Especifica el archivo que contiene la clave del cliente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:907 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:910 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -7934,12 +7949,12 @@ msgstr "" "conf</refentrytitle> <manvolnum>5</manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 +#: sssd-ldap.5.xml:923 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:926 #, fuzzy #| msgid "" #| "Specifies that the id_provider connection must also use <systemitem " @@ -7953,12 +7968,12 @@ msgstr "" "<systemitem class=\"protocol\">tls</systemitem> para proteger el canal." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:937 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:940 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -7969,18 +7984,18 @@ msgstr "" "ldap_user_uid_number y ldap_group_gid_number." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:946 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" "Actualmente está función soporta sólo mapeos de objectSID de ActiveDirectory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:945 +#: sssd-ldap.5.xml:956 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "ldap_min_id, ldap_max_id (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:959 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -7998,17 +8013,17 @@ msgstr "" "el servidor. Los subdominios pueden elegir otros rangos para asignar IDs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:960 +#: sssd-ldap.5.xml:971 msgid "Default: not set (both options are set to 0)" msgstr "Predeterminado: no establecido (ambas opciones se establecen a 0)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:966 +#: sssd-ldap.5.xml:977 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:969 +#: sssd-ldap.5.xml:980 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " "tested and supported." @@ -8017,7 +8032,7 @@ msgstr "" "soportados GSSAPI y GSS-SPNEGO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 +#: sssd-ldap.5.xml:984 msgid "" "If the backend supports sub-domains the value of ldap_sasl_mech is " "automatically inherited to the sub-domains. If a different value is needed " @@ -8034,12 +8049,12 @@ msgstr "" "manvolnum></citerefentry> para más detalles." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:989 +#: sssd-ldap.5.xml:1000 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1001 +#: sssd-ldap.5.xml:1012 #, no-wrap msgid "" "hostname@REALM\n" @@ -8059,7 +8074,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:992 +#: sssd-ldap.5.xml:1003 msgid "" "Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " "this represents the Kerberos principal used for authentication to the " @@ -8079,17 +8094,17 @@ msgstr "" "principal en la pestaña." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1012 +#: sssd-ldap.5.xml:1023 msgid "Default: host/hostname@REALM" msgstr "Por defecto: host/nombre_de_host@REALM" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1018 +#: sssd-ldap.5.xml:1029 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1032 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -8100,17 +8115,17 @@ msgstr "" "reino también, esta opción se ignora." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1038 msgid "Default: the value of krb5_realm." msgstr "Por defecto: el valor de krb5_realm." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 +#: sssd-ldap.5.xml:1044 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 +#: sssd-ldap.5.xml:1047 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." @@ -8119,34 +8134,34 @@ msgstr "" "para para canocalizar el nombre de host durante una unión SASL." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1041 +#: sssd-ldap.5.xml:1052 msgid "Default: false;" msgstr "Predeterminado: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1047 +#: sssd-ldap.5.xml:1058 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1050 +#: sssd-ldap.5.xml:1061 msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "Especifica la pestaña a usar cuando se utiliza SASL/GSSAPI/GSS-SPNEGO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 sssd-krb5.5.xml:247 +#: sssd-ldap.5.xml:1070 sssd-krb5.5.xml:247 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Por defecto: Keytab del sistema, normalmente <filename>/etc/krb5.keytab</" "filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 +#: sssd-ldap.5.xml:1076 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 +#: sssd-ldap.5.xml:1079 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -8157,12 +8172,12 @@ msgstr "" "es GSSAPI o GSS-SPNEGO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1080 +#: sssd-ldap.5.xml:1091 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1094 msgid "" "Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" @@ -8170,17 +8185,17 @@ msgstr "" "SPNEGO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1092 sssd-ad.5.xml:1253 +#: sssd-ldap.5.xml:1103 sssd-ad.5.xml:1256 msgid "Default: 86400 (24 hours)" msgstr "Predeterminado: 86400 (24 horas)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1098 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1109 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1101 +#: sssd-ldap.5.xml:1112 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -8199,7 +8214,7 @@ msgstr "" "información, vea la sección <quote>SERVICE DISCOVERY</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1113 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1124 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -8210,7 +8225,7 @@ msgstr "" "regresa a _tcp si no se encuentra nada." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1118 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1129 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -8222,30 +8237,30 @@ msgstr "" "configuración para usar <quote>krb5_server</quote> en su lugar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1127 sssd-ipa.5.xml:531 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1138 sssd-ipa.5.xml:595 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1130 +#: sssd-ldap.5.xml:1141 msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" "Especifica el REALM Kerberos (para autorización SASL/GSSAPI/GSS-SPNEGO)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1134 +#: sssd-ldap.5.xml:1145 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Predeterminado: Predeterminados del sistema, vea <filename>/etc/krb5.conf</" "filename>" #. type: Content of: <variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1140 include/krb5_options.xml:154 +#: sssd-ldap.5.xml:1151 include/krb5_options.xml:154 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1143 +#: sssd-ldap.5.xml:1154 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" @@ -8254,12 +8269,12 @@ msgstr "" "servidor LDAP. Esta función está disponible con MIT Kerberos >= 1.7" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1155 sssd-krb5.5.xml:336 +#: sssd-ldap.5.xml:1166 sssd-krb5.5.xml:336 msgid "krb5_use_kdcinfo (boolean)" msgstr "krb5_use_kdcinfo (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1158 sssd-krb5.5.xml:339 +#: sssd-ldap.5.xml:1169 sssd-krb5.5.xml:339 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -8274,7 +8289,7 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 sssd-krb5.5.xml:350 +#: sssd-ldap.5.xml:1180 sssd-krb5.5.xml:350 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -8286,12 +8301,12 @@ msgstr "" "localizador." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1183 +#: sssd-ldap.5.xml:1194 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1186 +#: sssd-ldap.5.xml:1197 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -8300,7 +8315,7 @@ msgstr "" "del cliente. Los siguientes valores son permitidos:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1202 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -8309,7 +8324,7 @@ msgstr "" "no puede deshabilitar las políticas de password en el lado servidor." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1196 +#: sssd-ldap.5.xml:1207 #, fuzzy #| msgid "" #| "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" @@ -8326,7 +8341,7 @@ msgstr "" "manvolnum></citerefentry> para evaluar si la contraseña ha expirado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1204 +#: sssd-ldap.5.xml:1215 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -8338,7 +8353,7 @@ msgstr "" "password." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1213 +#: sssd-ldap.5.xml:1224 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." @@ -8348,19 +8363,19 @@ msgstr "" "establecida por esta opción." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1232 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1235 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" "Especifica si el seguimiento de referencias automático debería ser " "habilitado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 +#: sssd-ldap.5.xml:1239 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -8369,7 +8384,7 @@ msgstr "" "está compilado con OpenLDAP versión 2.4.13 o más alta." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1233 +#: sssd-ldap.5.xml:1244 #, fuzzy #| msgid "" #| "Chasing referrals may incur a performance penalty in environments that " @@ -8392,29 +8407,29 @@ msgstr "" "esta opción a false le llevará a una notable mejora de rendimiento." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1263 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1255 +#: sssd-ldap.5.xml:1266 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "Especifica el nombre del servicio para utilizar cuando está habilitado el " "servicio de descubrimiento." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1259 +#: sssd-ldap.5.xml:1270 msgid "Default: ldap" msgstr "Predeterminado: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1265 +#: sssd-ldap.5.xml:1276 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1279 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -8424,17 +8439,17 @@ msgstr "" "descubrimiento." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 +#: sssd-ldap.5.xml:1284 msgid "Default: not set, i.e. service discovery is disabled" msgstr "Por defecto: no fijado, esto es servicio descubridor deshabilitado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1290 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 +#: sssd-ldap.5.xml:1293 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." @@ -8443,7 +8458,7 @@ msgstr "" "desde el Epoch después de una operación de cambio de contraseña." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1288 +#: sssd-ldap.5.xml:1299 msgid "" "It is recommend to set this option explicitly if \"ldap_pwd_policy = " "shadow\" is used to let SSSD know if the LDAP server will update " @@ -8452,12 +8467,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1313 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1305 +#: sssd-ldap.5.xml:1316 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -8485,12 +8500,12 @@ msgstr "" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1336 msgid "Example:" msgstr "Ejemplo:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1328 +#: sssd-ldap.5.xml:1339 #, no-wrap msgid "" "access_provider = ldap\n" @@ -8502,7 +8517,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1332 +#: sssd-ldap.5.xml:1343 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." @@ -8511,7 +8526,7 @@ msgstr "" "usuarios cuyo atributo employeeType esté establecido a \"admin\"." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 +#: sssd-ldap.5.xml:1348 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -8524,17 +8539,17 @@ msgstr "" "se les seguirán otorgando acceso sin conexión y viceversa." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1345 sssd-ldap.5.xml:1401 +#: sssd-ldap.5.xml:1356 sssd-ldap.5.xml:1412 msgid "Default: Empty" msgstr "Predeterminado: vacío" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1351 +#: sssd-ldap.5.xml:1362 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1354 +#: sssd-ldap.5.xml:1365 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -8543,7 +8558,7 @@ msgstr "" "control de acceso del lado cliente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1358 +#: sssd-ldap.5.xml:1369 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -8554,12 +8569,12 @@ msgstr "" "una código de error definible aunque el password sea correcto." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1365 +#: sssd-ldap.5.xml:1376 msgid "The following values are allowed:" msgstr "Los siguientes valores están permitidos:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1368 +#: sssd-ldap.5.xml:1379 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -8568,7 +8583,7 @@ msgstr "" "determinar si la cuenta ha expirado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1373 +#: sssd-ldap.5.xml:1384 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -8581,7 +8596,7 @@ msgstr "" "se comprueba el tiempo de expiración de la cuenta." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1380 +#: sssd-ldap.5.xml:1391 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -8592,7 +8607,7 @@ msgstr "" "el acceso o no." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1386 +#: sssd-ldap.5.xml:1397 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -8605,7 +8620,7 @@ msgstr "" "permitido. Si ambos atributos están desaparecidos se concede el acceso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1394 +#: sssd-ldap.5.xml:1405 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -8616,24 +8631,24 @@ msgstr "" "la opción ldap_account_expire_policy funcione." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1407 +#: sssd-ldap.5.xml:1418 msgid "ldap_access_order (string)" msgstr "ldap_access_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1410 sssd-ipa.5.xml:356 +#: sssd-ldap.5.xml:1421 sssd-ipa.5.xml:420 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "Lista separada por coma de opciones de control de acceso. Los valores " "permitidos son:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 +#: sssd-ldap.5.xml:1425 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filtro</emphasis>: utilizar ldap_access_filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1417 +#: sssd-ldap.5.xml:1428 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -8649,7 +8664,7 @@ msgstr "" "funciones." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1427 +#: sssd-ldap.5.xml:1438 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" @@ -8659,7 +8674,7 @@ msgstr "" "</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1434 +#: sssd-ldap.5.xml:1445 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -8681,12 +8696,12 @@ msgstr "" "estar establecido para que esta característica funcione." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1451 +#: sssd-ldap.5.xml:1462 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>caducar</emphasis>: utilizar ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 sssd-ipa.5.xml:364 +#: sssd-ldap.5.xml:1466 sssd-ipa.5.xml:428 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -8701,31 +8716,31 @@ msgstr "" "método distinto a las contraseñas - por ejemplo claves SSH." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1465 sssd-ipa.5.xml:374 +#: sssd-ldap.5.xml:1476 sssd-ipa.5.xml:438 msgid "" "The difference between these options is the action taken if user password is " "expired:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1470 sssd-ipa.5.xml:379 +#: sssd-ldap.5.xml:1481 sssd-ipa.5.xml:443 msgid "pwd_expire_policy_reject - user is denied to log in," msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1476 sssd-ipa.5.xml:385 +#: sssd-ldap.5.xml:1487 sssd-ipa.5.xml:449 msgid "pwd_expire_policy_warn - user is still able to log in," msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1482 sssd-ipa.5.xml:391 +#: sssd-ldap.5.xml:1493 sssd-ipa.5.xml:455 msgid "" "pwd_expire_policy_renew - user is prompted to change their password " "immediately." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1490 +#: sssd-ldap.5.xml:1501 #, fuzzy #| msgid "" #| "Please note that 'access_provider = ldap' must be set for this feature to " @@ -8741,7 +8756,7 @@ msgstr "" "para una política de contraseña apropiada." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1507 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -8750,13 +8765,13 @@ msgstr "" "autorizedService para determinar el acceso" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1501 +#: sssd-ldap.5.xml:1512 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis>: usa el atributo host para determinar el acceso" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1505 +#: sssd-ldap.5.xml:1516 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" @@ -8765,7 +8780,7 @@ msgstr "" "host remoto puede acceder" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1520 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" @@ -8775,12 +8790,12 @@ msgstr "" "opción de control de acceso" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1514 +#: sssd-ldap.5.xml:1525 msgid "Default: filter" msgstr "Predeterminado: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1528 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -8789,12 +8804,12 @@ msgstr "" "una vez." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1524 +#: sssd-ldap.5.xml:1535 msgid "ldap_pwdlockout_dn (string)" msgstr "ldap_pwdlockout_dn (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 +#: sssd-ldap.5.xml:1538 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -8808,22 +8823,22 @@ msgstr "" "LDAP no pueden verificarse correctamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:1546 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "Ejemplo: cn=ppolicy,ou=policies,dc=example,dc=com" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1538 +#: sssd-ldap.5.xml:1549 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "Predeterminado: cn=ppolicy,ou=policies,$ldap_search_base" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1555 msgid "ldap_deref (string)" msgstr "ldap_deref (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1558 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -8832,13 +8847,13 @@ msgstr "" "lleva a cabo una búsqueda. Están permitidas las siguientes opciones:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1563 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" "<emphasis>never</emphasis>: Nunca serán eliminadas las referencias al alias." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1556 +#: sssd-ldap.5.xml:1567 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -8848,7 +8863,7 @@ msgstr "" "búsqueda." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1561 +#: sssd-ldap.5.xml:1572 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -8857,7 +8872,7 @@ msgstr "" "cuando se localice el objeto base de la búsqueda." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1566 +#: sssd-ldap.5.xml:1577 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -8866,7 +8881,7 @@ msgstr "" "para la búsqueda como en la localización del objeto base de la búsqueda." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 +#: sssd-ldap.5.xml:1582 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -8875,12 +8890,12 @@ msgstr "" "librerías cliente LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1579 +#: sssd-ldap.5.xml:1590 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1593 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." @@ -8889,7 +8904,7 @@ msgstr "" "servidores que usan el esquema RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1586 +#: sssd-ldap.5.xml:1597 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -8907,7 +8922,7 @@ msgstr "" "llamadas getpw*() o initgroups()." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1597 +#: sssd-ldap.5.xml:1608 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -8918,12 +8933,12 @@ msgstr "" "initgroups() aumentará los usuarios locales con los grupos LDAP adicionales." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1609 sssd-ifp.5.xml:152 +#: sssd-ldap.5.xml:1620 sssd-ifp.5.xml:152 msgid "wildcard_limit (integer)" msgstr "wildcard_limit (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1612 +#: sssd-ldap.5.xml:1623 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." @@ -8932,53 +8947,53 @@ msgstr "" "descargadas durante una búsqueda de comodín." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1616 +#: sssd-ldap.5.xml:1627 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" "En este momento solo el respondedor InfoPipe soporta búsqueda de comodín" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1631 msgid "Default: 1000 (often the size of one page)" msgstr "Predeterminado: 1000 (frecuentemente el tamaño de una página)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1626 +#: sssd-ldap.5.xml:1637 #, fuzzy #| msgid "debug_level (integer)" msgid "ldap_library_debug_level (integer)" msgstr "debug_level (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1629 +#: sssd-ldap.5.xml:1640 msgid "" "Switches on libldap debugging with the given level. The libldap debug " "messages will be written independent of the general debug_level." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1634 +#: sssd-ldap.5.xml:1645 msgid "" "OpenLDAP uses a bitmap to enable debugging for specific components, -1 will " "enable full debug output." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1639 +#: sssd-ldap.5.xml:1650 #, fuzzy #| msgid "Default: 0 (disabled)" msgid "Default: 0 (libldap debugging disabled)" msgstr "Predeterminado: 0 (deshabilitado)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1645 +#: sssd-ldap.5.xml:1656 #, fuzzy #| msgid "ldap_id_mapping (boolean)" msgid "ldap_use_ppolicy (boolean)" msgstr "ldap_id_mapping (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1659 msgid "" "Turns on requesting and relying on the server-side password policy controls. " "Disabling this allows interacting with services which send back invalid " @@ -8986,14 +9001,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1671 #, fuzzy #| msgid "ldap_deref_threshold (integer)" msgid "ldap_ppolicy_pwd_change_threshold (integer)" msgstr "ldap_deref_threshold (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1663 +#: sssd-ldap.5.xml:1674 msgid "" "Forces a password change when server side password policy controls are " "enabled and remaining grace logins returned by the server after the " @@ -9024,12 +9039,12 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1683 +#: sssd-ldap.5.xml:1694 msgid "SUDO OPTIONS" msgstr "OPCIONES SUDO" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1685 +#: sssd-ldap.5.xml:1696 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -9040,12 +9055,12 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 +#: sssd-ldap.5.xml:1707 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 +#: sssd-ldap.5.xml:1710 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." @@ -9055,7 +9070,7 @@ msgstr "" "servidor)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1715 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" @@ -9064,24 +9079,24 @@ msgstr "" "emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1709 +#: sssd-ldap.5.xml:1720 msgid "" "You can disable full refresh by setting this option to 0. However, either " "smart or full refresh must be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1725 msgid "Default: 21600 (6 hours)" msgstr "Por defecto: 21600 (6 horas)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1720 +#: sssd-ldap.5.xml:1731 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1734 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest " @@ -9093,7 +9108,7 @@ msgstr "" "actualmente SSSD)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1740 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." @@ -9102,7 +9117,7 @@ msgstr "" "atributo modifyTimestamp." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1733 +#: sssd-ldap.5.xml:1744 msgid "" "<emphasis>Note:</emphasis> the highest USN value can be updated by three " "tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " @@ -9118,21 +9133,21 @@ msgstr "" "<emphasis>ldap_connection_expire_timeout</emphasis>)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1744 +#: sssd-ldap.5.xml:1755 msgid "" "You can disable smart refresh by setting this option to 0. However, either " "smart or full refresh must be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1755 +#: sssd-ldap.5.xml:1766 #, fuzzy #| msgid "ldap_idmap_range_size (integer)" msgid "ldap_sudo_random_offset (integer)" msgstr "ldap_idmap_range_size (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1758 +#: sssd-ldap.5.xml:1769 msgid "" "Random offset between 0 and configured value is added to smart and full " "refresh periods each time the periodic task is scheduled. The value is in " @@ -9140,7 +9155,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 +#: sssd-ldap.5.xml:1775 msgid "" "Note that this random offset is also applied on the first SSSD start which " "delays the first sudo rules refresh. This prolongs the time when the sudo " @@ -9148,17 +9163,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1770 +#: sssd-ldap.5.xml:1781 msgid "You can disable this offset by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1780 +#: sssd-ldap.5.xml:1791 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1794 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." @@ -9167,12 +9182,12 @@ msgstr "" "máquina (usando las direcciones de host/red y nombres de host IPv4 o IPv6)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1794 +#: sssd-ldap.5.xml:1805 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1797 +#: sssd-ldap.5.xml:1808 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." @@ -9181,7 +9196,7 @@ msgstr "" "totalmente cualificados que sería usada para filtrar las reglas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1813 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." @@ -9190,8 +9205,8 @@ msgstr "" "nombre de dominio totalmente cualificado automáticamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1807 sssd-ldap.5.xml:1830 sssd-ldap.5.xml:1848 -#: sssd-ldap.5.xml:1866 +#: sssd-ldap.5.xml:1818 sssd-ldap.5.xml:1841 sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1877 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." @@ -9200,17 +9215,17 @@ msgstr "" "emphasis> esta opción no tiene efecto." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1812 sssd-ldap.5.xml:1835 +#: sssd-ldap.5.xml:1823 sssd-ldap.5.xml:1846 msgid "Default: not specified" msgstr "Por defecto: no especificado" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1818 +#: sssd-ldap.5.xml:1829 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1821 +#: sssd-ldap.5.xml:1832 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." @@ -9219,7 +9234,7 @@ msgstr "" "usada para filtrar las reglas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1826 +#: sssd-ldap.5.xml:1837 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." @@ -9228,12 +9243,12 @@ msgstr "" "automáticamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1841 +#: sssd-ldap.5.xml:1852 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "sudo_include_netgroups (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1855 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." @@ -9242,12 +9257,12 @@ msgstr "" "atributo sudoHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1870 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1862 +#: sssd-ldap.5.xml:1873 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." @@ -9256,7 +9271,7 @@ msgstr "" "atributo sudoHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:1872 +#: sssd-ldap.5.xml:1883 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" @@ -9265,7 +9280,7 @@ msgstr "" "del servidor LDAP!" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1884 +#: sssd-ldap.5.xml:1895 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -9278,12 +9293,12 @@ msgstr "" "manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1894 +#: sssd-ldap.5.xml:1905 msgid "AUTOFS OPTIONS" msgstr "OPCIONES AUTOFS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1896 +#: sssd-ldap.5.xml:1907 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." @@ -9292,47 +9307,47 @@ msgstr "" "esquema LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1913 msgid "ldap_autofs_map_master_name (string)" msgstr "ldap_autofs_map_master_name (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1905 +#: sssd-ldap.5.xml:1916 msgid "The name of the automount master map in LDAP." msgstr "El nombre del mapa maestro de montaje automático en LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1919 msgid "Default: auto.master" msgstr "Pfredeterminado: auto.master" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1919 +#: sssd-ldap.5.xml:1930 msgid "ADVANCED OPTIONS" msgstr "OPCIONES AVANZADAS" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1926 +#: sssd-ldap.5.xml:1937 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1931 +#: sssd-ldap.5.xml:1942 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1936 +#: sssd-ldap.5.xml:1947 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:1941 +#: sssd-ldap.5.xml:1952 msgid "<note>" msgstr "<note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:1943 +#: sssd-ldap.5.xml:1954 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -9345,22 +9360,22 @@ msgstr "" "función, si los nombres de grupo no están siendo visualizados correctamente." #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:1950 +#: sssd-ldap.5.xml:1961 msgid "</note>" msgstr "</note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:1963 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1968 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1921 +#: sssd-ldap.5.xml:1932 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -9373,14 +9388,14 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"1\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1972 sssd-simple.5.xml:131 sssd-ipa.5.xml:930 -#: sssd-ad.5.xml:1392 sssd-krb5.5.xml:483 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:1983 sssd-simple.5.xml:131 sssd-ipa.5.xml:994 +#: sssd-ad.5.xml:1459 sssd-krb5.5.xml:483 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:155 sssd-session-recording.5.xml:176 msgid "EXAMPLE" msgstr "EJEMPLO" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1974 +#: sssd-ldap.5.xml:1985 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -9391,7 +9406,7 @@ msgstr "" "replaceable>." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1980 +#: sssd-ldap.5.xml:1991 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -9411,20 +9426,20 @@ msgstr "" "cache_credentials = true\n" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:1979 sssd-ldap.5.xml:1997 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:938 sssd-ad.5.xml:1400 sssd-sudo.5.xml:56 sssd-krb5.5.xml:492 -#: sssd-files.5.xml:162 sssd-files.5.xml:173 sssd-session-recording.5.xml:182 -#: include/ldap_id_mapping.xml:105 +#: sssd-ldap.5.xml:1990 sssd-ldap.5.xml:2008 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:1002 sssd-ad.5.xml:1467 sssd-sudo.5.xml:56 +#: sssd-krb5.5.xml:492 sssd-files.5.xml:162 sssd-files.5.xml:173 +#: sssd-session-recording.5.xml:182 include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1991 +#: sssd-ldap.5.xml:2002 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "EJEMPLO DE FILTRO DE ACCESO LDAP" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1993 +#: sssd-ldap.5.xml:2004 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." @@ -9433,7 +9448,7 @@ msgstr "" "ldap_access_order=lockout." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1998 +#: sssd-ldap.5.xml:2009 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -9459,13 +9474,13 @@ msgstr "" "cache_credentials = true\n" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2013 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1415 sssd.8.xml:270 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2024 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1482 sssd.8.xml:270 sss_seed.8.xml:163 msgid "NOTES" msgstr "NOTAS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2015 +#: sssd-ldap.5.xml:2026 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -12142,7 +12157,7 @@ msgstr "" "este host. El nombre de host debe ser totalmente cualificado." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 sssd-ad.5.xml:1182 +#: sssd-ipa.5.xml:129 sssd-ad.5.xml:1185 msgid "dyndns_update (boolean)" msgstr "dyndns_update (booleano)" @@ -12162,7 +12177,7 @@ msgstr "" "otra manera utilizando la opción <quote>dyndns_iface</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:141 sssd-ad.5.xml:1196 +#: sssd-ipa.5.xml:141 sssd-ad.5.xml:1199 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -12183,12 +12198,12 @@ msgstr "" "usar <emphasis>dyndns_update</emphasis> en su fichero de configuración." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:158 sssd-ad.5.xml:1207 +#: sssd-ipa.5.xml:158 sssd-ad.5.xml:1210 msgid "dyndns_ttl (integer)" msgstr "dyndns_ttl (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:161 sssd-ad.5.xml:1210 +#: sssd-ipa.5.xml:161 sssd-ad.5.xml:1213 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -12215,12 +12230,12 @@ msgid "Default: 1200 (seconds)" msgstr "Por defecto: 1200 (segundos)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:178 sssd-ad.5.xml:1221 +#: sssd-ipa.5.xml:178 sssd-ad.5.xml:1224 msgid "dyndns_iface (string)" msgstr "dyndns_iface (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:181 sssd-ad.5.xml:1224 +#: sssd-ipa.5.xml:181 sssd-ad.5.xml:1227 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -12253,17 +12268,17 @@ msgstr "" "conexión IPA LDAP" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:198 sssd-ad.5.xml:1235 +#: sssd-ipa.5.xml:198 sssd-ad.5.xml:1238 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "Ejemplo: dyndns_iface = em1, vnet1, vnet2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:204 sssd-ad.5.xml:1291 +#: sssd-ipa.5.xml:204 sssd-ad.5.xml:1294 msgid "dyndns_auth (string)" msgstr "dyndns_auth (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:207 sssd-ad.5.xml:1294 +#: sssd-ipa.5.xml:207 sssd-ad.5.xml:1297 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -12274,19 +12289,19 @@ msgstr "" "se pueden enviar fijando esta opción a 'none'." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:213 sssd-ad.5.xml:1300 +#: sssd-ipa.5.xml:213 sssd-ad.5.xml:1303 msgid "Default: GSS-TSIG" msgstr "Predeterminado: GSS-TSIG" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:219 sssd-ad.5.xml:1306 +#: sssd-ipa.5.xml:219 sssd-ad.5.xml:1309 #, fuzzy #| msgid "dyndns_auth (string)" msgid "dyndns_auth_ptr (string)" msgstr "dyndns_auth (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:222 sssd-ad.5.xml:1309 +#: sssd-ipa.5.xml:222 sssd-ad.5.xml:1312 #, fuzzy #| msgid "" #| "Whether the nsupdate utility should use GSS-TSIG authentication for " @@ -12302,7 +12317,7 @@ msgstr "" "se pueden enviar fijando esta opción a 'none'." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:228 sssd-ad.5.xml:1315 +#: sssd-ipa.5.xml:228 sssd-ad.5.xml:1318 msgid "Default: Same as dyndns_auth" msgstr "" @@ -12339,7 +12354,7 @@ msgstr "" "tradicional SRV son usados como servidores de respaldo" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1241 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1244 msgid "dyndns_refresh_interval (integer)" msgstr "dyndns_refresh_interval (entero)" @@ -12356,12 +12371,12 @@ msgstr "" "dyndns_update está a true." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:276 sssd-ad.5.xml:1259 +#: sssd-ipa.5.xml:276 sssd-ad.5.xml:1262 msgid "dyndns_update_ptr (bool)" msgstr "dyndns_update_ptr (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 sssd-ad.5.xml:1262 +#: sssd-ipa.5.xml:279 sssd-ad.5.xml:1265 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -12381,7 +12396,7 @@ msgstr "" "se cambian los registros que envía." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:290 sssd-ad.5.xml:1267 +#: sssd-ipa.5.xml:290 sssd-ad.5.xml:1270 msgid "" "Note that <emphasis>dyndns_update_per_family</emphasis> parameter does not " "apply for PTR record updates. Those updates are always sent separately." @@ -12393,12 +12408,12 @@ msgid "Default: False (disabled)" msgstr "Predeterminado: False (deshabilitado)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1278 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1281 msgid "dyndns_force_tcp (bool)" msgstr "dyndns_force_tcp (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:304 sssd-ad.5.xml:1281 +#: sssd-ipa.5.xml:304 sssd-ad.5.xml:1284 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." @@ -12407,17 +12422,17 @@ msgstr "" "comunica con el servidor DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:308 sssd-ad.5.xml:1285 +#: sssd-ipa.5.xml:308 sssd-ad.5.xml:1288 msgid "Default: False (let nsupdate choose the protocol)" msgstr "Predeterminado: False (permitir a nsupdate elegir el protocolol)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:314 sssd-ad.5.xml:1321 +#: sssd-ipa.5.xml:314 sssd-ad.5.xml:1324 msgid "dyndns_server (string)" msgstr "dyndns_server (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1324 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1327 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." @@ -12427,35 +12442,60 @@ msgstr "" "establecer." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 sssd-ad.5.xml:1329 +#: sssd-ipa.5.xml:322 sssd-ad.5.xml:1332 +#, fuzzy +#| msgid "" +#| "Setting this option makes sense for environments where the DNS server is " +#| "different from the identity server." msgid "" "Setting this option makes sense for environments where the DNS server is " -"different from the identity server." +"different from the identity server or when we use encrypted DNS." msgstr "" "El establecimiento de esta opción tiene sentido en entornos donde el " "servidor DNS es distinto del servidor de identidad." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:327 sssd-ad.5.xml:1334 +#: sssd-ipa.5.xml:327 sssd-ad.5.xml:1337 +msgid "" +"The parameter can be a simple string containing DNS name or IP address. It " +"can also be an URI. The URI can look like <emphasis>dns://servername/</" +"emphasis> or <emphasis>dns+tls://1.2.3.4:853#servername/</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:334 sssd-ad.5.xml:1344 +msgid "" +"The second example enables DNS-over-TLS protocol for DNS updates. The " +"nsupdate utility must support DoT - check the <emphasis>man nsupdate</" +"emphasis> before enabling it in SSSD." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:340 sssd-ad.5.xml:1350 +#, fuzzy +#| msgid "" +#| "Please note that this option will be only used in fallback attempt when " +#| "previous attempt using autodetected settings failed." msgid "" "Please note that this option will be only used in fallback attempt when " -"previous attempt using autodetected settings failed." +"previous attempt using autodetected settings failed or when DNS-over-TLS is " +"enabled." msgstr "" "Tenga en cuenta que esta opción solo se usará en un intento de recuperación " "cuando el intento anterior de usar la configuración autodetectada falló." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:332 sssd-ad.5.xml:1339 +#: sssd-ipa.5.xml:346 sssd-ad.5.xml:1356 msgid "Default: None (let nsupdate choose the server)" msgstr "Predeterminado: None (permitir a nsupdate elegir el servidor)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:338 sssd-ad.5.xml:1345 +#: sssd-ipa.5.xml:352 sssd-ad.5.xml:1362 msgid "dyndns_update_per_family (boolean)" msgstr "dyndns_update_per_family (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:341 sssd-ad.5.xml:1348 +#: sssd-ipa.5.xml:355 sssd-ad.5.xml:1365 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -12466,21 +12506,88 @@ msgstr "" "ser deseable llevar a cabo la actualización IPv4 e IPv6 en un único paso." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:353 +#: sssd-ipa.5.xml:367 sssd-ad.5.xml:1377 +#, fuzzy +#| msgid "dyndns_iface (string)" +msgid "dyndns_dot_cacert (string)" +msgstr "dyndns_iface (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:370 sssd-ad.5.xml:1380 +msgid "" +"This option specifies the file of the certificate authorities certificates " +"(in PEM format) in order to verify the remote server TLS certificate when " +"using DoT." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:376 sssd-ad.5.xml:1386 +#, fuzzy +#| msgid "Default: None (let nsupdate choose the server)" +msgid "Default: None (use global certificate store)" +msgstr "Predeterminado: None (permitir a nsupdate elegir el servidor)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:382 sssd-ad.5.xml:1392 +#, fuzzy +#| msgid "dyndns_iface (string)" +msgid "dyndns_dot_cert (string)" +msgstr "dyndns_iface (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:385 sssd-ad.5.xml:1395 +msgid "" +"This option sets the certificate(s) file for authentication for the DoT " +"transport to the remote server. The certificate chain file is expected to be " +"in PEM format." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:391 sssd-ad.5.xml:1401 +msgid "" +"The <emphasis>dyndns_dot_cert</emphasis> and <emphasis>dyndns_dot_key</" +"emphasis> options must be both set to achieve mutual TLS authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:396 sssd-ipa.5.xml:411 sssd-ad.5.xml:1406 sssd-ad.5.xml:1421 +#, fuzzy +#| msgid "Default: not set (no substitution for unset home directories)" +msgid "Default: None (Do not use TLS authentication)" +msgstr "" +"Por defecto: no fijado (sin sustitución para los directorios home no fijados)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:402 sssd-ad.5.xml:1412 +#, fuzzy +#| msgid "dyndns_auth (string)" +msgid "dyndns_dot_key (string)" +msgstr "dyndns_auth (cadena)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:405 sssd-ad.5.xml:1415 +msgid "" +"This option sets the key file for authenticated encryption for the DoT " +"transport to the remote server. The private key file is expected to be in " +"PEM format." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:417 #, fuzzy #| msgid "ldap_access_order (string)" msgid "ipa_access_order (string)" msgstr "ldap_access_order (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:360 +#: sssd-ipa.5.xml:424 #, fuzzy #| msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgid "<emphasis>expire</emphasis>: use IPA's account expiration policy." msgstr "<emphasis>caducar</emphasis>: utilizar ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:399 +#: sssd-ipa.5.xml:463 #, fuzzy #| msgid "" #| "Please note that 'access_provider = ldap' must be set for this feature to " @@ -12495,12 +12602,12 @@ msgstr "" "para una política de contraseña apropiada." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:406 +#: sssd-ipa.5.xml:470 msgid "ipa_deskprofile_search_base (string)" msgstr "ipa_deskprofile_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:409 +#: sssd-ipa.5.xml:473 msgid "" "Optional. Use the given string as search base for Desktop Profile related " "objects." @@ -12509,19 +12616,19 @@ msgstr "" "relacionados con Desktop Profile." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:413 sssd-ipa.5.xml:440 +#: sssd-ipa.5.xml:477 sssd-ipa.5.xml:504 msgid "Default: Use base DN" msgstr "Predeterminado: Utilizar DN base" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:419 +#: sssd-ipa.5.xml:483 #, fuzzy #| msgid "ipa_subdomains_search_base (string)" msgid "ipa_subid_ranges_search_base (string)" msgstr "ipa_subdomains_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:422 +#: sssd-ipa.5.xml:486 #, fuzzy #| msgid "" #| "Optional. Use the given string as search base for Desktop Profile related " @@ -12534,98 +12641,98 @@ msgstr "" "relacionados con Desktop Profile." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:426 +#: sssd-ipa.5.xml:490 #, fuzzy #| msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgid "Default: the value of <emphasis>cn=subids,%basedn</emphasis>" msgstr "Por defecto: el valor de <emphasis>cn=trusts,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:433 +#: sssd-ipa.5.xml:497 msgid "ipa_hbac_search_base (string)" msgstr "ipa_hbac_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:436 +#: sssd-ipa.5.xml:500 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" "Opcional. Usa la cadena dada como base de búsqueda para los objetos HBAC " "relacionados." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:446 +#: sssd-ipa.5.xml:510 msgid "ipa_host_search_base (string)" msgstr "ipa_host_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:449 +#: sssd-ipa.5.xml:513 msgid "Deprecated. Use ldap_host_search_base instead." msgstr "Obsoleto. Usa en su lugar ldap_host_search_base." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:455 +#: sssd-ipa.5.xml:519 msgid "ipa_selinux_search_base (string)" msgstr "ipa_selinux_search_base (cadena)Opcional. " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:458 +#: sssd-ipa.5.xml:522 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" "Opcional. Usa la cadena dada como base de búsqueda para los mapas de usuario " "SELinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:474 +#: sssd-ipa.5.xml:538 msgid "ipa_subdomains_search_base (string)" msgstr "ipa_subdomains_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:477 +#: sssd-ipa.5.xml:541 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" "Opcional: Usa la cadena dada como base de búsqueda de dominios de confianza." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 +#: sssd-ipa.5.xml:550 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "Por defecto: el valor de <emphasis>cn=trusts,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:493 +#: sssd-ipa.5.xml:557 msgid "ipa_master_domain_search_base (string)" msgstr "ipa_master_domain_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:496 +#: sssd-ipa.5.xml:560 msgid "Optional. Use the given string as search base for master domain object." msgstr "" "Opcional: Usa la cadena dada como base de búsqueda para el objeto maestro de " "dominio." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:505 +#: sssd-ipa.5.xml:569 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "Por defecto: el valor de <emphasis>cn=ad,cn=etc,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 +#: sssd-ipa.5.xml:576 msgid "ipa_views_search_base (string)" msgstr "ipa_views_search_base (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 +#: sssd-ipa.5.xml:579 msgid "Optional. Use the given string as search base for views containers." msgstr "" "Opcional. Usa la cadena dada como base de búsqueda de contenedores de vista." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:524 +#: sssd-ipa.5.xml:588 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "" "Predeterminado: el valor de <emphasis>cn=views,cn=accounts,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:534 +#: sssd-ipa.5.xml:598 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." @@ -12634,7 +12741,7 @@ msgstr "" "de <quote>ipa_domain</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:538 +#: sssd-ipa.5.xml:602 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." @@ -12643,12 +12750,12 @@ msgstr "" "convertido hacia la base DN para usarlo para llevar a cabo operaciones LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:546 sssd-ad.5.xml:1363 +#: sssd-ipa.5.xml:610 sssd-ad.5.xml:1430 msgid "krb5_confd_path (string)" msgstr "krb5_confd_path (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:549 sssd-ad.5.xml:1366 +#: sssd-ipa.5.xml:613 sssd-ad.5.xml:1433 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." @@ -12657,7 +12764,7 @@ msgstr "" "configuración de Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:553 sssd-ad.5.xml:1370 +#: sssd-ipa.5.xml:617 sssd-ad.5.xml:1437 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." @@ -12666,7 +12773,7 @@ msgstr "" "parámetro a 'none'." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:557 sssd-ad.5.xml:1374 +#: sssd-ipa.5.xml:621 sssd-ad.5.xml:1441 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -12674,12 +12781,12 @@ msgstr "" "pubconf de SSSD)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:564 +#: sssd-ipa.5.xml:628 msgid "ipa_deskprofile_refresh (integer)" msgstr "ipa_deskprofile_refresh (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:567 +#: sssd-ipa.5.xml:631 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server. This will reduce the latency and load on the IPA server if there " @@ -12690,17 +12797,17 @@ msgstr "" "hay muchas solicitudes de perfiles de escritorio en un período corto." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:574 sssd-ipa.5.xml:604 sssd-ipa.5.xml:620 sssd-ad.5.xml:600 +#: sssd-ipa.5.xml:638 sssd-ipa.5.xml:668 sssd-ipa.5.xml:684 sssd-ad.5.xml:600 msgid "Default: 5 (seconds)" msgstr "Predeterminado: 5 (segundos)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:580 +#: sssd-ipa.5.xml:644 msgid "ipa_deskprofile_request_interval (integer)" msgstr "ipa_deskprofile_request_interval (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:583 +#: sssd-ipa.5.xml:647 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server in case the last request did not return any rule." @@ -12710,17 +12817,17 @@ msgstr "" "regla." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:588 +#: sssd-ipa.5.xml:652 msgid "Default: 60 (minutes)" msgstr "Predeterminado: 60 (minutos)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:594 +#: sssd-ipa.5.xml:658 msgid "ipa_hbac_refresh (integer)" msgstr "ipa_hbac_refresh (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:597 +#: sssd-ipa.5.xml:661 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -12731,12 +12838,12 @@ msgstr "" "muchas peticiones de control de acceso hechas en un corto período." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:610 +#: sssd-ipa.5.xml:674 msgid "ipa_hbac_selinux (integer)" msgstr "ipa_hbac_selinux (entero)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:613 +#: sssd-ipa.5.xml:677 msgid "" "The amount of time between lookups of the SELinux maps against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -12747,12 +12854,12 @@ msgstr "" "hay muchas peticiones de acceso de usuario hechas en un corto período." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:626 +#: sssd-ipa.5.xml:690 msgid "ipa_server_mode (boolean)" msgstr "ipa_server_mode (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:629 +#: sssd-ipa.5.xml:693 msgid "" "This option will be set by the IPA installer (ipa-server-install) " "automatically and denotes if SSSD is running on an IPA server or not." @@ -12761,7 +12868,7 @@ msgstr "" "automáticamente y denota si SSSD está corriendo sobre un servidor IPA o no." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:634 +#: sssd-ipa.5.xml:698 msgid "" "On an IPA server SSSD will lookup users and groups from trusted domains " "directly while on a client it will ask an IPA server." @@ -12771,7 +12878,7 @@ msgstr "" "servidor IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:639 +#: sssd-ipa.5.xml:703 msgid "" "NOTE: There are currently some assumptions that must be met when SSSD is " "running on an IPA server." @@ -12780,7 +12887,7 @@ msgstr "" "se ejecuta en un servidor IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:644 +#: sssd-ipa.5.xml:708 msgid "" "The <quote>ipa_server</quote> option must be configured to point to the IPA " "server itself. This is already the default set by the IPA installer, so no " @@ -12791,7 +12898,7 @@ msgstr "" "instalador IPA de modo que no se necesitan cambios manuales." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:653 +#: sssd-ipa.5.xml:717 msgid "" "The <quote>full_name_format</quote> option must not be tweaked to only print " "short names for users from trusted domains." @@ -12800,52 +12907,52 @@ msgstr "" "solo nombres cortos de los usuarios de los dominios de confianza." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:668 +#: sssd-ipa.5.xml:732 msgid "ipa_automount_location (string)" msgstr "ipa_automount_location (cadena)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:671 +#: sssd-ipa.5.xml:735 msgid "The automounter location this IPA client will be using" msgstr "La localización del automontador de este cliente IPA que será usada" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:674 +#: sssd-ipa.5.xml:738 msgid "Default: The location named \"default\"" msgstr "Por defecto: La localización llamada “default”" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:682 +#: sssd-ipa.5.xml:746 msgid "VIEWS AND OVERRIDES" msgstr "VISTAS Y ANULACIONES" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:691 +#: sssd-ipa.5.xml:755 msgid "ipa_view_class (string)" msgstr "ipa_view_class (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:694 +#: sssd-ipa.5.xml:758 msgid "Objectclass of the view container." msgstr "Objectclass del contenedorde vistas." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:697 +#: sssd-ipa.5.xml:761 msgid "Default: nsContainer" msgstr "Predeterminado: nsContainer" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:703 +#: sssd-ipa.5.xml:767 msgid "ipa_view_name (string)" msgstr "ipa_view_name (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:706 +#: sssd-ipa.5.xml:770 msgid "Name of the attribute holding the name of the view." msgstr "Nombre del atributo que contiene el nombre de la vista." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:710 sssd-ldap-attributes.5.xml:496 +#: sssd-ipa.5.xml:774 sssd-ldap-attributes.5.xml:496 #: sssd-ldap-attributes.5.xml:832 sssd-ldap-attributes.5.xml:913 #: sssd-ldap-attributes.5.xml:1010 sssd-ldap-attributes.5.xml:1068 #: sssd-ldap-attributes.5.xml:1226 sssd-ldap-attributes.5.xml:1271 @@ -12853,27 +12960,27 @@ msgid "Default: cn" msgstr "Predeterminado: cn" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:716 +#: sssd-ipa.5.xml:780 msgid "ipa_override_object_class (string)" msgstr "ipa_override_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:719 +#: sssd-ipa.5.xml:783 msgid "Objectclass of the override objects." msgstr "Objectclass de los objetos anulados." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:722 +#: sssd-ipa.5.xml:786 msgid "Default: ipaOverrideAnchor" msgstr "Predeterminado: ipaOverrideAnchor" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:728 +#: sssd-ipa.5.xml:792 msgid "ipa_anchor_uuid (string)" msgstr "ipa_anchor_uuid (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:731 +#: sssd-ipa.5.xml:795 msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." @@ -12882,17 +12989,17 @@ msgstr "" "dominio remoto." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:735 +#: sssd-ipa.5.xml:799 msgid "Default: ipaAnchorUUID" msgstr "Predeterminado: ipaAnchorUUID" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:741 +#: sssd-ipa.5.xml:805 msgid "ipa_user_override_object_class (string)" msgstr "ipa_user_override_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:744 +#: sssd-ipa.5.xml:808 msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." @@ -12901,57 +13008,57 @@ msgstr "" "si el objeto anulado encontrado está relacionado con un usuario o un grupo." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:749 +#: sssd-ipa.5.xml:813 msgid "User overrides can contain attributes given by" msgstr "Las anulaciones de usuario pueden contener atributos dados por" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:752 +#: sssd-ipa.5.xml:816 msgid "ldap_user_name" msgstr "ldap_user_name" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:755 +#: sssd-ipa.5.xml:819 msgid "ldap_user_uid_number" msgstr "ldap_user_uid_number" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:758 +#: sssd-ipa.5.xml:822 msgid "ldap_user_gid_number" msgstr "ldap_user_gid_number" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:761 +#: sssd-ipa.5.xml:825 msgid "ldap_user_gecos" msgstr "ldap_user_gecos" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:764 +#: sssd-ipa.5.xml:828 msgid "ldap_user_home_directory" msgstr "ldap_user_home_directory" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:767 +#: sssd-ipa.5.xml:831 msgid "ldap_user_shell" msgstr "ldap_user_shell" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:770 +#: sssd-ipa.5.xml:834 msgid "ldap_user_ssh_public_key" msgstr "ldap_user_ssh_public_key" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:775 +#: sssd-ipa.5.xml:839 msgid "Default: ipaUserOverride" msgstr "Predeterminado: ipaUserOverride" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:781 +#: sssd-ipa.5.xml:845 msgid "ipa_group_override_object_class (string)" msgstr "ipa_group_override_object_class (cadena)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:784 +#: sssd-ipa.5.xml:848 msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." @@ -12960,27 +13067,27 @@ msgstr "" "objeto anulado encontrado está relacionado con un usuario o un grupo." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:789 +#: sssd-ipa.5.xml:853 msgid "Group overrides can contain attributes given by" msgstr "Las anulaciones de grupo pueden contener atributos dados por" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:792 +#: sssd-ipa.5.xml:856 msgid "ldap_group_name" msgstr "ldap_group_name" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:795 +#: sssd-ipa.5.xml:859 msgid "ldap_group_gid_number" msgstr "ldap_group_gid_number" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:800 +#: sssd-ipa.5.xml:864 msgid "Default: ipaGroupOverride" msgstr "Predeterminado: ipaGroupOverride" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:684 +#: sssd-ipa.5.xml:748 msgid "" "SSSD can handle views and overrides which are offered by FreeIPA 4.1 and " "later version. Since all paths and objectclasses are fixed on the server " @@ -12995,12 +13102,12 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:812 +#: sssd-ipa.5.xml:876 msgid "SUBDOMAINS PROVIDER" msgstr "PROVEEDOR DE SUBDOMINIOS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:814 +#: sssd-ipa.5.xml:878 msgid "" "The IPA subdomains provider behaves slightly differently if it is configured " "explicitly or implicitly." @@ -13009,7 +13116,7 @@ msgstr "" "si está configurado explícitamente o implícitamente." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:818 +#: sssd-ipa.5.xml:882 msgid "" "If the option 'subdomains_provider = ipa' is found in the domain section of " "sssd.conf, the IPA subdomains provider is configured explicitly, and all " @@ -13021,7 +13128,7 @@ msgstr "" "de IPA si es necesario." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:824 +#: sssd-ipa.5.xml:888 msgid "" "If the option 'subdomains_provider' is not set in the domain section of sssd." "conf but there is the option 'id_provider = ipa', the IPA subdomains " @@ -13041,12 +13148,12 @@ msgstr "" "otra vez." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:835 +#: sssd-ipa.5.xml:899 msgid "TRUSTED DOMAINS CONFIGURATION" msgstr "CONFIGURACIÓN DE DOMINIOS DE CONFIANZA" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:843 +#: sssd-ipa.5.xml:907 #, no-wrap msgid "" "[domain/ipa.domain.com/ad.domain.com]\n" @@ -13056,7 +13163,7 @@ msgstr "" "ad_server = dc.ad.domain.com\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:837 +#: sssd-ipa.5.xml:901 msgid "" "Some configuration options can also be set for a trusted domain. A trusted " "domain configuration can be set using the trusted domain subsection as shown " @@ -13066,14 +13173,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:848 +#: sssd-ipa.5.xml:912 msgid "" "For more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:855 +#: sssd-ipa.5.xml:919 msgid "" "Different configuration options are tunable for a trusted domain depending " "on whether you are configuring SSSD on an IPA server or an IPA client." @@ -13083,12 +13190,12 @@ msgstr "" "IPA o un cliente IPA." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:860 +#: sssd-ipa.5.xml:924 msgid "OPTIONS TUNABLE ON IPA MASTERS" msgstr "OPCIONES AJUSTABLES EN IPA MAESTROS" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:862 +#: sssd-ipa.5.xml:926 msgid "" "The following options can be set in a subdomain section on an IPA master:" msgstr "" @@ -13096,42 +13203,42 @@ msgstr "" "un IPA maestro:" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:866 sssd-ipa.5.xml:896 +#: sssd-ipa.5.xml:930 sssd-ipa.5.xml:960 msgid "ad_server" msgstr "ad_server" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:869 +#: sssd-ipa.5.xml:933 msgid "ad_backup_server" msgstr "ad_backup_server" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:872 sssd-ipa.5.xml:899 +#: sssd-ipa.5.xml:936 sssd-ipa.5.xml:963 msgid "ad_site" msgstr "ad_site" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:875 +#: sssd-ipa.5.xml:939 msgid "ldap_search_base" msgstr "ldap_search_base" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:878 +#: sssd-ipa.5.xml:942 msgid "ldap_user_search_base" msgstr "ldap_user_search_base" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:881 +#: sssd-ipa.5.xml:945 msgid "ldap_group_search_base" msgstr "ldap_group_search_base" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:890 +#: sssd-ipa.5.xml:954 msgid "OPTIONS TUNABLE ON IPA CLIENTS" msgstr "OPCIONES AJUSTABLES SOBRE CLIENTES IPA" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:892 +#: sssd-ipa.5.xml:956 msgid "" "The following options can be set in a subdomain section on an IPA client:" msgstr "" @@ -13139,7 +13246,7 @@ msgstr "" "sobre un cliente IPA:" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:904 +#: sssd-ipa.5.xml:968 msgid "" "Note that if both options are set, only <quote>ad_server</quote> is " "evaluated." @@ -13148,7 +13255,7 @@ msgstr "" "<quote>ad_server</quote>." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:908 +#: sssd-ipa.5.xml:972 msgid "" "Since any request for a user or a group identity from a trusted domain " "triggered from an IPA client is resolved by the IPA server, the " @@ -13172,7 +13279,7 @@ msgstr "" "localizador Kerberos." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:932 +#: sssd-ipa.5.xml:996 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -13183,7 +13290,7 @@ msgstr "" "Este ejemplo muestra sólo las opciones específicas del proveedor ipa." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:939 +#: sssd-ipa.5.xml:1003 #, no-wrap msgid "" "[domain/example.com]\n" @@ -14521,6 +14628,13 @@ msgstr "sudo_include_netgroups (booleano)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:1136 +#, fuzzy +#| msgid "This option can also be set per-domain." +msgid "This option is deprecated." +msgstr "Esta opción puede ser también fijada por dominio." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1139 msgid "" "If this option is set to <quote>true</quote> SSSD will not filter out Domain " "Local groups from remote domains in the AD forest. By default they are " @@ -14531,7 +14645,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1146 +#: sssd-ad.5.xml:1149 msgid "" "Please note that setting this option to <quote>true</quote> will be against " "the intention of Domain Local group in Active Directory and <emphasis>SHOULD " @@ -14546,7 +14660,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1162 +#: sssd-ad.5.xml:1165 msgid "" "Given the comments above, if this option is set to <quote>true</quote> the " "tokenGroups request must be disabled by setting <quote>ldap_use_tokengroups</" @@ -14558,7 +14672,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1185 +#: sssd-ad.5.xml:1188 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -14569,19 +14683,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1215 +#: sssd-ad.5.xml:1218 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1231 +#: sssd-ad.5.xml:1234 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1244 +#: sssd-ad.5.xml:1247 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -14591,7 +14705,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1394 +#: sssd-ad.5.xml:1461 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -14602,7 +14716,7 @@ msgstr "" "Este ejemplo muestra sólo las opciones específicas del proveedor AD." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1401 +#: sssd-ad.5.xml:1468 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -14626,7 +14740,7 @@ msgstr "" "ad_domain = example.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1421 +#: sssd-ad.5.xml:1488 #, no-wrap msgid "" "access_provider = ldap\n" @@ -14638,7 +14752,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1417 +#: sssd-ad.5.xml:1484 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -14649,7 +14763,7 @@ msgstr "" "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1427 +#: sssd-ad.5.xml:1494 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -14659,7 +14773,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1435 +#: sssd-ad.5.xml:1502 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -20792,9 +20906,14 @@ msgstr "" #. type: Content of: <refsect1><refsect2><para> #: include/ldap_id_mapping.xml:67 +#, fuzzy +#| msgid "" +#| "The SSSD ID-mapping algorithm takes a range of available UIDs and divides " +#| "it into equally-sized component sections - called \"slices\"-. Each slice " +#| "represents the space available to an Active Directory domain." msgid "" "The SSSD ID-mapping algorithm takes a range of available UIDs and divides it " -"into equally-sized component sections - called \"slices\"-. Each slice " +"into equally-sized component sections - called \"slices\". Each slice " "represents the space available to an Active Directory domain." msgstr "" "El algoritmo de asignación de ID de SSSD tiene un rango de UIDs disponibles " @@ -20982,7 +21101,7 @@ msgid "" "For example, if your most recently-added Active Directory user has " "objectSid=S-1-5-21-2153326666-2176343378-3404031434-1107, " "<quote>ldap_idmap_range_size</quote> must be at least 1108 as range size is " -"equal to maximal SID minus minimal SID plus one (e.g. 1108 = 1107 - 0 + 1)." +"equal to maximal RID minus minimal RID plus one (e.g. 1108 = 1107 - 0 + 1)." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> @@ -21996,6 +22115,13 @@ msgid "" "feature is available with MIT Kerberos 1.7 and later versions." msgstr "" +#~ msgid "" +#~ "The RULE_NAME for the <quote>files</quote> provider which tries to find a " +#~ "user with the same name." +#~ msgstr "" +#~ "El RULE_NAME para el proveedor de <quote>ficheros</quote> que intenta " +#~ "encontrar un usuario con el mismo nombre." + #~ msgid "reconnection_retries (integer)" #~ msgstr "reconnection_retries (entero)" diff --git a/src/man/po/eu.po b/src/man/po/eu.po index 3fffc28975f..a50b655e28a 100644 --- a/src/man/po/eu.po +++ b/src/man/po/eu.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 2.3.0\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2024-10-15 11:44+0200\n" +"POT-Creation-Date: 2024-12-10 14:33+0100\n" "PO-Revision-Date: 2014-12-14 11:55-0500\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: Basque (http://www.transifex.com/projects/p/sssd/language/" @@ -116,17 +116,17 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:60 msgid "" -"<filename>sssd.conf</filename> must be a regular file that is owned, " -"readable, and writeable by the same user as configured to run SSSD service." +"<filename>sssd.conf</filename> must be a regular file that is accessible " +"only by the user used to run SSSD service or root." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:67 +#: sssd.conf.5.xml:66 msgid "CONFIGURATION SNIPPETS FROM INCLUDE DIRECTORY" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:70 +#: sssd.conf.5.xml:69 msgid "" "The configuration file <filename>sssd.conf</filename> will include " "configuration snippets using the include directory <filename>conf.d</" @@ -134,7 +134,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:76 +#: sssd.conf.5.xml:75 msgid "" "Any file placed in <filename>conf.d</filename> that ends in " "<quote><filename>.conf</filename></quote> and does not begin with a dot " @@ -143,7 +143,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:84 +#: sssd.conf.5.xml:83 msgid "" "The configuration snippets from <filename>conf.d</filename> have higher " "priority than <filename>sssd.conf</filename> and will override " @@ -156,39 +156,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:98 +#: sssd.conf.5.xml:97 msgid "" "The snippet files require the same owner and permissions as <filename>sssd." "conf</filename>." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:104 +#: sssd.conf.5.xml:103 msgid "GENERAL OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:106 +#: sssd.conf.5.xml:105 msgid "Following options are usable in more than one configuration sections." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:110 +#: sssd.conf.5.xml:109 msgid "Options usable in all sections" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:114 +#: sssd.conf.5.xml:113 msgid "debug_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:118 +#: sssd.conf.5.xml:117 msgid "debug (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:121 +#: sssd.conf.5.xml:120 msgid "" "SSSD 1.14 and later also includes the <replaceable>debug</replaceable> alias " "for <replaceable>debug_level</replaceable> as a convenience feature. If both " @@ -197,62 +197,62 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:131 +#: sssd.conf.5.xml:130 msgid "debug_timestamps (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:134 +#: sssd.conf.5.xml:133 msgid "" "Add a timestamp to the debug messages. If journald is enabled for SSSD " "debug logging this option is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 sssd.conf.5.xml:176 sssd.conf.5.xml:338 -#: sssd.conf.5.xml:698 sssd.conf.5.xml:713 sssd.conf.5.xml:923 -#: sssd.conf.5.xml:1041 sssd.conf.5.xml:2169 sssd-ldap.5.xml:920 -#: sssd-ldap.5.xml:1074 sssd-ldap.5.xml:1177 sssd-ldap.5.xml:1246 -#: sssd-ldap.5.xml:1654 sssd-ldap.5.xml:1788 sssd-ldap.5.xml:1853 -#: sssd-ipa.5.xml:347 sssd-ad.5.xml:252 sssd-ad.5.xml:367 sssd-ad.5.xml:1201 -#: sssd-ad.5.xml:1354 sssd-krb5.5.xml:358 +#: sssd.conf.5.xml:138 sssd.conf.5.xml:175 sssd.conf.5.xml:337 +#: sssd.conf.5.xml:701 sssd.conf.5.xml:716 sssd.conf.5.xml:926 +#: sssd.conf.5.xml:1044 sssd.conf.5.xml:2172 sssd-ldap.5.xml:931 +#: sssd-ldap.5.xml:1085 sssd-ldap.5.xml:1188 sssd-ldap.5.xml:1257 +#: sssd-ldap.5.xml:1665 sssd-ldap.5.xml:1799 sssd-ldap.5.xml:1864 +#: sssd-ipa.5.xml:361 sssd-ad.5.xml:252 sssd-ad.5.xml:367 sssd-ad.5.xml:1204 +#: sssd-ad.5.xml:1371 sssd-krb5.5.xml:358 msgid "Default: true" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:144 +#: sssd.conf.5.xml:143 msgid "debug_microseconds (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:147 +#: sssd.conf.5.xml:146 msgid "" "Add microseconds to the timestamp in debug messages. If journald is enabled " "for SSSD debug logging this option is ignored." msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:152 sssd.conf.5.xml:636 sssd.conf.5.xml:920 -#: sssd.conf.5.xml:2072 sssd.conf.5.xml:2139 sssd.conf.5.xml:4231 -#: sssd-ldap.5.xml:313 sssd-ldap.5.xml:939 sssd-ldap.5.xml:1149 -#: sssd-ldap.5.xml:1603 sssd-ldap.5.xml:1877 sssd-ipa.5.xml:152 -#: sssd-ipa.5.xml:254 sssd-ipa.5.xml:662 sssd-ad.5.xml:1107 sssd-krb5.5.xml:268 +#: sssd.conf.5.xml:151 sssd.conf.5.xml:639 sssd.conf.5.xml:923 +#: sssd.conf.5.xml:2075 sssd.conf.5.xml:2142 sssd.conf.5.xml:4234 +#: sssd-ldap.5.xml:324 sssd-ldap.5.xml:950 sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1888 sssd-ipa.5.xml:152 +#: sssd-ipa.5.xml:254 sssd-ipa.5.xml:726 sssd-ad.5.xml:1107 sssd-krb5.5.xml:268 #: sssd-krb5.5.xml:330 sssd-krb5.5.xml:432 include/krb5_options.xml:163 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:157 +#: sssd.conf.5.xml:156 msgid "debug_backtrace_enabled (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:160 +#: sssd.conf.5.xml:159 msgid "Enable debug backtrace." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:163 +#: sssd.conf.5.xml:162 msgid "" "In case SSSD is run with debug_level less than 9, everything is logged to a " "ring buffer in memory and flushed to a log file on any error up to and " @@ -262,15 +262,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:172 +#: sssd.conf.5.xml:171 msgid "" "Feature is only supported for `logger == files` (i.e. setting doesn't have " "effect for other logger types)." msgstr "" #. type: Content of: outside any tag (error?) -#: sssd.conf.5.xml:112 sssd.conf.5.xml:187 sssd-ldap.5.xml:1694 -#: sssd-ldap.5.xml:1900 sss-certmap.5.xml:645 sssd-systemtap.5.xml:82 +#: sssd.conf.5.xml:111 sssd.conf.5.xml:186 sssd-ldap.5.xml:1705 +#: sssd-ldap.5.xml:1911 sss-certmap.5.xml:645 sssd-systemtap.5.xml:82 #: sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 #: sssd-systemtap.5.xml:330 sssd-ldap-attributes.5.xml:40 #: sssd-ldap-attributes.5.xml:661 sssd-ldap-attributes.5.xml:803 @@ -282,17 +282,17 @@ msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:185 +#: sssd.conf.5.xml:184 msgid "Options usable in SERVICE and DOMAIN sections" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:189 +#: sssd.conf.5.xml:188 msgid "timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:192 +#: sssd.conf.5.xml:191 msgid "" "Timeout in seconds between heartbeats for this service. This is used to " "ensure that the process is alive and capable of answering requests. Note " @@ -300,33 +300,33 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:199 sssd.conf.5.xml:1261 sssd.conf.5.xml:1738 -#: sssd.conf.5.xml:4247 sssd-ldap.5.xml:766 include/ldap_id_mapping.xml:270 +#: sssd.conf.5.xml:198 sssd.conf.5.xml:1264 sssd.conf.5.xml:1741 +#: sssd.conf.5.xml:4250 sssd-ldap.5.xml:777 include/ldap_id_mapping.xml:270 msgid "Default: 10" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:209 +#: sssd.conf.5.xml:208 msgid "SPECIAL SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:212 +#: sssd.conf.5.xml:211 msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><title> -#: sssd.conf.5.xml:221 +#: sssd.conf.5.xml:220 msgid "Section parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:223 +#: sssd.conf.5.xml:222 msgid "services" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:226 +#: sssd.conf.5.xml:225 msgid "" "Comma separated list of services that are started when sssd itself starts. " "<phrase condition=\"have_systemd\"> The services' list is optional on " @@ -335,7 +335,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:235 +#: sssd.conf.5.xml:234 msgid "" "Supported services: nss, pam, ifp <phrase condition=\"with_sudo\">, sudo</" "phrase> <phrase condition=\"with_autofs\">, autofs</phrase> <phrase " @@ -344,7 +344,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:242 +#: sssd.conf.5.xml:241 msgid "" "<phrase condition=\"have_systemd\"> By default, all services are disabled " "and the administrator must enable the ones allowed to be used by executing: " @@ -352,12 +352,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:251 +#: sssd.conf.5.xml:250 msgid "domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:254 +#: sssd.conf.5.xml:253 msgid "" "A domain is a database containing user information. SSSD can use more " "domains at the same time, but at least one must be configured or SSSD won't " @@ -368,19 +368,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:267 sssd.conf.5.xml:3535 +#: sssd.conf.5.xml:266 sssd.conf.5.xml:3538 msgid "re_expression (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:270 +#: sssd.conf.5.xml:269 msgid "" "Default regular expression that describes how to parse the string containing " "user name and domain into these components." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:275 +#: sssd.conf.5.xml:274 msgid "" "Each domain can have an individual regular expression configured. For some " "ID providers there are also default regular expressions. See DOMAIN SECTIONS " @@ -388,12 +388,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:284 sssd.conf.5.xml:3592 +#: sssd.conf.5.xml:283 sssd.conf.5.xml:3595 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:3595 +#: sssd.conf.5.xml:286 sssd.conf.5.xml:3598 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -401,70 +401,70 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:298 sssd.conf.5.xml:3606 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:3609 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 sssd.conf.5.xml:3607 +#: sssd.conf.5.xml:298 sssd.conf.5.xml:3610 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:302 sssd.conf.5.xml:3610 +#: sssd.conf.5.xml:301 sssd.conf.5.xml:3613 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:305 sssd.conf.5.xml:3613 +#: sssd.conf.5.xml:304 sssd.conf.5.xml:3616 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:311 sssd.conf.5.xml:3619 +#: sssd.conf.5.xml:310 sssd.conf.5.xml:3622 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:314 sssd.conf.5.xml:3622 +#: sssd.conf.5.xml:313 sssd.conf.5.xml:3625 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:295 sssd.conf.5.xml:3603 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:3606 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:324 +#: sssd.conf.5.xml:323 msgid "" "Each domain can have an individual format string configured. See DOMAIN " "SECTIONS for more info on this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:330 +#: sssd.conf.5.xml:329 msgid "monitor_resolv_conf (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:333 +#: sssd.conf.5.xml:332 msgid "" "Controls if SSSD should monitor the state of resolv.conf to identify when it " "needs to update its internal DNS resolver." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:343 +#: sssd.conf.5.xml:342 msgid "try_inotify (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:346 +#: sssd.conf.5.xml:345 msgid "" "By default, SSSD will attempt to use inotify to monitor configuration files " "changes and will fall back to polling every five seconds if inotify cannot " @@ -472,7 +472,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:352 +#: sssd.conf.5.xml:351 msgid "" "There are some limited situations where it is preferred that we should skip " "even trying to use inotify. In these rare cases, this option should be set " @@ -480,52 +480,52 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:358 +#: sssd.conf.5.xml:357 msgid "" "Default: true on platforms where inotify is supported. False on other " "platforms." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:362 +#: sssd.conf.5.xml:361 msgid "" "Note: this option will have no effect on platforms where inotify is " "unavailable. On these platforms, polling will always be used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 +#: sssd.conf.5.xml:368 msgid "krb5_rcache_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 +#: sssd.conf.5.xml:371 msgid "" "Directory on the filesystem where SSSD should store Kerberos replay cache " "files." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:376 +#: sssd.conf.5.xml:375 msgid "" "This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " "SSSD to let libkrb5 decide the appropriate location for the replay cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:382 +#: sssd.conf.5.xml:381 msgid "" "Default: Distribution-specific and specified at build-time. " "(__LIBKRB5_DEFAULTS__ if not configured)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:389 +#: sssd.conf.5.xml:388 msgid "user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:392 +#: sssd.conf.5.xml:391 msgid "" "A legacy (deprecated) method to configure the user to drop the privileges to " "where appropriate to avoid running as the root user. The only supported " @@ -533,14 +533,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 +#: sssd.conf.5.xml:398 msgid "" "This option is ignored if main SSSD process is started under non-root user " "initially (preferred method)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:404 +#: sssd.conf.5.xml:403 msgid "" "This option doesn't apply to socket activated services, as in this case the " "user to run the processes is configured in systemd service files. Keep in " @@ -550,17 +550,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:415 +#: sssd.conf.5.xml:414 msgid "Default: not set, process will run as root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:420 +#: sssd.conf.5.xml:419 msgid "default_domain_suffix (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:423 +#: sssd.conf.5.xml:422 +msgid "" +"Please note that this option is deprecated and domain_resolution_order " +"should be used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:426 msgid "" "This string will be used as a default domain name for all names without a " "domain name component. The main use case is environments where the primary " @@ -570,7 +577,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 +#: sssd.conf.5.xml:436 msgid "" "Please note that if this option is set all users from the primary domain " "have to use their fully qualified name, e.g. user@domain.name, to log in. " @@ -583,8 +590,8 @@ msgid "" msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:450 sssd-ldap.5.xml:878 sssd-ldap.5.xml:890 -#: sssd-ldap.5.xml:983 sssd-ad.5.xml:921 sssd-ad.5.xml:996 sssd-krb5.5.xml:468 +#: sssd.conf.5.xml:453 sssd-ldap.5.xml:889 sssd-ldap.5.xml:901 +#: sssd-ldap.5.xml:994 sssd-ad.5.xml:921 sssd-ad.5.xml:996 sssd-krb5.5.xml:468 #: sssd-ldap-attributes.5.xml:470 sssd-ldap-attributes.5.xml:978 #: include/ldap_id_mapping.xml:211 include/ldap_id_mapping.xml:222 #: include/krb5_options.xml:148 @@ -592,12 +599,12 @@ msgid "Default: not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:455 +#: sssd.conf.5.xml:458 msgid "override_space (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:458 +#: sssd.conf.5.xml:461 msgid "" "This parameter will replace spaces (space bar) with the given character for " "user and group names. e.g. (_). User name "john doe" will be " @@ -607,7 +614,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:467 +#: sssd.conf.5.xml:470 msgid "" "Please note it is a configuration error to use a replacement character that " "might be used in user or group names. If a name contains the replacement " @@ -616,22 +623,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:475 +#: sssd.conf.5.xml:478 msgid "Default: not set (spaces will not be replaced)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:480 +#: sssd.conf.5.xml:483 msgid "certificate_verification (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:488 +#: sssd.conf.5.xml:491 msgid "no_ocsp" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:490 +#: sssd.conf.5.xml:493 msgid "" "Disables Online Certificate Status Protocol (OCSP) checks. This might be " "needed if the OCSP servers defined in the certificate are not reachable from " @@ -639,12 +646,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:498 +#: sssd.conf.5.xml:501 msgid "soft_ocsp" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:500 +#: sssd.conf.5.xml:503 msgid "" "If a connection cannot be established to an OCSP responder the OCSP check is " "skipped. This option should be used to allow authentication when the system " @@ -652,61 +659,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:510 +#: sssd.conf.5.xml:513 msgid "ocsp_dgst" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:512 +#: sssd.conf.5.xml:515 msgid "" "Digest (hash) function used to create the certificate ID for the OCSP " "request. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:516 +#: sssd.conf.5.xml:519 msgid "sha1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:517 +#: sssd.conf.5.xml:520 msgid "sha256" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:518 +#: sssd.conf.5.xml:521 msgid "sha384" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:519 +#: sssd.conf.5.xml:522 msgid "sha512" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:522 +#: sssd.conf.5.xml:525 msgid "Default: sha1 (to allow compatibility with RFC5019-compliant responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:528 +#: sssd.conf.5.xml:531 msgid "no_verification" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:530 +#: sssd.conf.5.xml:533 msgid "" "Disables verification completely. This option should only be used for " "testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:536 +#: sssd.conf.5.xml:539 msgid "partial_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:538 +#: sssd.conf.5.xml:541 msgid "" "Allow verification to succeed even if a <replaceable>complete</replaceable> " "chain cannot be built to a self-signed trust-anchor, provided it is possible " @@ -714,12 +721,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:547 +#: sssd.conf.5.xml:550 msgid "ocsp_default_responder=URL" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:549 +#: sssd.conf.5.xml:552 msgid "" "Sets the OCSP default responder which should be used instead of the one " "mentioned in the certificate. URL must be replaced with the URL of the OCSP " @@ -727,24 +734,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:559 +#: sssd.conf.5.xml:562 msgid "ocsp_default_responder_signing_cert=NAME" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:561 +#: sssd.conf.5.xml:564 msgid "" "This option is currently ignored. All needed certificates must be available " "in the PEM file given by pam_cert_db_path." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:569 +#: sssd.conf.5.xml:572 msgid "crl_file=/PATH/TO/CRL/FILE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:571 +#: sssd.conf.5.xml:574 msgid "" "Use the Certificate Revocation List (CRL) from the given file during the " "verification of the certificate. The CRL must be given in PEM format, see " @@ -753,12 +760,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:584 +#: sssd.conf.5.xml:587 msgid "soft_crl" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:587 +#: sssd.conf.5.xml:590 msgid "" "If a Certificate Revocation List (CRL) is expired ignore the expiration " "time of the CRL and check the related certificates with the expired CRL. " @@ -767,7 +774,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:483 +#: sssd.conf.5.xml:486 msgid "" "With this parameter the certificate verification can be tuned with a comma " "separated list of options. Supported options are: <placeholder " @@ -775,58 +782,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 +#: sssd.conf.5.xml:603 msgid "Unknown options are reported but ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:603 +#: sssd.conf.5.xml:606 msgid "Default: not set, i.e. do not restrict certificate verification" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:609 +#: sssd.conf.5.xml:612 msgid "disable_netlink (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:612 +#: sssd.conf.5.xml:615 msgid "" "SSSD hooks into the netlink interface to monitor changes to routes, " "addresses, links and trigger certain actions." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 +#: sssd.conf.5.xml:620 msgid "" "The SSSD state changes caused by netlink events may be undesirable and can " "be disabled by setting this option to 'true'" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:622 +#: sssd.conf.5.xml:625 msgid "Default: false (netlink changes are detected)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:627 +#: sssd.conf.5.xml:630 msgid "enable_files_domain (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:630 +#: sssd.conf.5.xml:633 msgid "" "When this option is enabled, SSSD prepends an implicit domain with " "<quote>id_provider=files</quote> before any explicitly configured domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:641 +#: sssd.conf.5.xml:644 msgid "domain_resolution_order" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:644 +#: sssd.conf.5.xml:647 msgid "" "Comma separated list of domains and subdomains representing the lookup order " "that will be followed. The list doesn't have to include all possible " @@ -837,7 +844,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:656 +#: sssd.conf.5.xml:659 msgid "" "Please, note that when this option is set the output format of all commands " "is always fully-qualified even when using short names for input <phrase " @@ -855,18 +862,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:684 sssd.conf.5.xml:1762 sssd.conf.5.xml:4297 +#: sssd.conf.5.xml:687 sssd.conf.5.xml:1765 sssd.conf.5.xml:4300 #: sssd-ad.5.xml:187 sssd-ad.5.xml:328 sssd-ad.5.xml:342 msgid "Default: Not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:692 msgid "implicit_pac_responder (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 +#: sssd.conf.5.xml:695 msgid "" "The PAC responder is enabled automatically for the IPA and AD provider to " "evaluate and check the PAC. If it has to be disabled set this option to " @@ -874,12 +881,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:703 +#: sssd.conf.5.xml:706 msgid "core_dumpable (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:706 +#: sssd.conf.5.xml:709 msgid "" "This option can be used for general system hardening: setting it to 'false' " "forbids core dumps for all SSSD processes to avoid leaking plain text " @@ -887,24 +894,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:718 +#: sssd.conf.5.xml:721 msgid "passkey_verification (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:726 +#: sssd.conf.5.xml:729 msgid "user_verification (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 +#: sssd.conf.5.xml:731 msgid "" "Enable or disable the user verification (i.e. PIN, fingerprint) during " "authentication. If enabled, the PIN will always be requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 +#: sssd.conf.5.xml:737 msgid "" "The default is that the key settings decide what to do. In the IPA or " "kerberos pre-authentication case, this value will be overwritten by the " @@ -912,7 +919,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:721 +#: sssd.conf.5.xml:724 msgid "" "With this parameter the passkey verification can be tuned with a comma " "separated list of options. Supported options are: <placeholder " @@ -920,7 +927,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:214 +#: sssd.conf.5.xml:213 msgid "" "Individual pieces of SSSD functionality are provided by special SSSD " "services that are started and stopped together with SSSD. The services are " @@ -931,12 +938,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:753 +#: sssd.conf.5.xml:756 msgid "SERVICES SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:755 +#: sssd.conf.5.xml:758 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -945,22 +952,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:762 +#: sssd.conf.5.xml:765 msgid "General service configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:764 +#: sssd.conf.5.xml:767 msgid "These options can be used to configure any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:768 +#: sssd.conf.5.xml:771 msgid "fd_limit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:771 +#: sssd.conf.5.xml:774 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -970,17 +977,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:780 +#: sssd.conf.5.xml:783 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:785 +#: sssd.conf.5.xml:788 msgid "client_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:788 +#: sssd.conf.5.xml:791 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " @@ -990,17 +997,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:797 +#: sssd.conf.5.xml:800 msgid "Default: 60, KCM: 300" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 +#: sssd.conf.5.xml:805 msgid "offline_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 +#: sssd.conf.5.xml:808 msgid "" "When SSSD switches to offline mode the amount of time before it tries to go " "back online will increase based upon the time spent disconnected. By " @@ -1011,14 +1018,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:816 sssd.conf.5.xml:872 +#: sssd.conf.5.xml:819 sssd.conf.5.xml:875 msgid "" "new_delay = Minimum(old_delay * 2, offline_timeout_max) + random[0..." "offline_timeout_random_offset]" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:822 msgid "" "The offline_timeout default value is 60. The offline_timeout_max default " "value is 3600. The offline_timeout_random_offset default value is 30. The " @@ -1026,44 +1033,44 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:825 +#: sssd.conf.5.xml:828 msgid "" "Note that the maximum length of each interval is defined by " "offline_timeout_max (apart of random part)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:829 sssd.conf.5.xml:1172 sssd.conf.5.xml:1555 -#: sssd.conf.5.xml:1851 sssd-ldap.5.xml:495 +#: sssd.conf.5.xml:832 sssd.conf.5.xml:1175 sssd.conf.5.xml:1558 +#: sssd.conf.5.xml:1854 sssd-ldap.5.xml:506 msgid "Default: 60" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:834 +#: sssd.conf.5.xml:837 msgid "offline_timeout_max (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:837 +#: sssd.conf.5.xml:840 msgid "" "Controls by how much the time between attempts to go online can be " "incremented following unsuccessful attempts to go online." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:842 +#: sssd.conf.5.xml:845 msgid "A value of 0 disables the incrementing behaviour." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:845 +#: sssd.conf.5.xml:848 msgid "" "The value of this parameter should be set in correlation to offline_timeout " "parameter value." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:849 +#: sssd.conf.5.xml:852 msgid "" "With offline_timeout set to 60 (default value) there is no point in setting " "offlinet_timeout_max to less than 120 as it will saturate instantly. General " @@ -1072,58 +1079,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:858 msgid "" "Although a value between 0 and offline_timeout may be specified, it has the " "effect of overriding the offline_timeout value so is of little use." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:863 msgid "Default: 3600" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:865 +#: sssd.conf.5.xml:868 msgid "offline_timeout_random_offset (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:868 +#: sssd.conf.5.xml:871 msgid "" "When SSSD is in offline mode it keeps probing backend servers in specified " "time intervals:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:875 +#: sssd.conf.5.xml:878 msgid "" "This parameter controls the value of the random offset used for the above " "equation. Final random_offset value will be random number in range:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:880 +#: sssd.conf.5.xml:883 msgid "[0 - offline_timeout_random_offset]" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:883 +#: sssd.conf.5.xml:886 msgid "A value of 0 disables the random offset addition." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:886 +#: sssd.conf.5.xml:889 msgid "Default: 30" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:894 msgid "responder_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:894 +#: sssd.conf.5.xml:897 msgid "" "This option specifies the number of seconds that an SSSD responder process " "can be up without being used. This value is limited in order to avoid " @@ -1135,58 +1142,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:908 sssd.conf.5.xml:1185 sssd.conf.5.xml:2304 -#: sssd-ldap.5.xml:332 +#: sssd.conf.5.xml:911 sssd.conf.5.xml:1188 sssd.conf.5.xml:2307 +#: sssd-ldap.5.xml:343 msgid "Default: 300" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:913 +#: sssd.conf.5.xml:916 msgid "cache_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:916 +#: sssd.conf.5.xml:919 msgid "" "This option specifies whether the responder should query all caches before " "querying the Data Providers." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:934 msgid "NSS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:933 +#: sssd.conf.5.xml:936 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:938 +#: sssd.conf.5.xml:941 msgid "enum_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:941 +#: sssd.conf.5.xml:944 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:945 +#: sssd.conf.5.xml:948 msgid "Default: 120" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:950 +#: sssd.conf.5.xml:953 msgid "entry_cache_nowait_percentage (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:956 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -1194,7 +1201,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:959 +#: sssd.conf.5.xml:962 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -1204,7 +1211,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:969 +#: sssd.conf.5.xml:972 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -1213,17 +1220,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:977 sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:980 sssd.conf.5.xml:2096 msgid "Default: 50" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:985 msgid "entry_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:985 +#: sssd.conf.5.xml:988 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -1231,17 +1238,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:991 sssd.conf.5.xml:1750 sssd.conf.5.xml:2117 +#: sssd.conf.5.xml:994 sssd.conf.5.xml:1753 sssd.conf.5.xml:2120 msgid "Default: 15" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:996 +#: sssd.conf.5.xml:999 msgid "local_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:999 +#: sssd.conf.5.xml:1002 msgid "" "Specifies for how many seconds nss_sss should keep local users and groups in " "negative cache before trying to look it up in the back end again. Setting " @@ -1249,17 +1256,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1005 +#: sssd.conf.5.xml:1008 msgid "Default: 14400 (4 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1013 msgid "filter_users, filter_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1013 +#: sssd.conf.5.xml:1016 msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " @@ -1268,7 +1275,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1024 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1277,41 +1284,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1029 +#: sssd.conf.5.xml:1032 msgid "Default: root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1037 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1037 +#: sssd.conf.5.xml:1040 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1048 +#: sssd.conf.5.xml:1051 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 +#: sssd.conf.5.xml:1054 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1056 +#: sssd.conf.5.xml:1059 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1062 +#: sssd.conf.5.xml:1065 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1319,23 +1326,23 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 sssd.conf.5.xml:1622 sssd.conf.5.xml:1641 -#: sssd.conf.5.xml:1718 sssd-krb5.5.xml:451 include/override_homedir.xml:66 +#: sssd.conf.5.xml:1063 sssd.conf.5.xml:1625 sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1721 sssd-krb5.5.xml:451 include/override_homedir.xml:66 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1069 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1072 +#: sssd.conf.5.xml:1075 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 +#: sssd.conf.5.xml:1078 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1343,47 +1350,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1084 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1090 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1093 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:1096 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1097 +#: sssd.conf.5.xml:1100 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1105 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 +#: sssd.conf.5.xml:1110 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1110 +#: sssd.conf.5.xml:1113 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1391,113 +1398,113 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1117 +#: sssd.conf.5.xml:1120 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1123 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1127 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1132 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1132 +#: sssd.conf.5.xml:1135 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1140 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1143 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1147 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1152 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1155 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1161 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 sssd.conf.5.xml:1548 +#: sssd.conf.5.xml:1168 sssd.conf.5.xml:1551 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 sssd.conf.5.xml:1551 +#: sssd.conf.5.xml:1171 sssd.conf.5.xml:1554 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1180 msgid "memcache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1180 +#: sssd.conf.5.xml:1183 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1191 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 sssd.conf.5.xml:1219 sssd.conf.5.xml:1244 -#: sssd.conf.5.xml:1269 sssd.conf.5.xml:1296 +#: sssd.conf.5.xml:1197 sssd.conf.5.xml:1222 sssd.conf.5.xml:1247 +#: sssd.conf.5.xml:1272 sssd.conf.5.xml:1299 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1202 +#: sssd.conf.5.xml:1205 msgid "memcache_size_passwd (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1205 +#: sssd.conf.5.xml:1208 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for passwd requests. Setting the size to 0 will disable the passwd in-" @@ -1505,25 +1512,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:2963 sssd-ldap.5.xml:549 +#: sssd.conf.5.xml:1214 sssd.conf.5.xml:2966 sssd-ldap.5.xml:560 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1214 sssd.conf.5.xml:1239 sssd.conf.5.xml:1264 -#: sssd.conf.5.xml:1291 +#: sssd.conf.5.xml:1217 sssd.conf.5.xml:1242 sssd.conf.5.xml:1267 +#: sssd.conf.5.xml:1294 msgid "" "WARNING: Disabled or too small in-memory cache can have significant negative " "impact on SSSD's performance." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1230 msgid "memcache_size_group (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1233 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for group requests. Setting the size to 0 will disable the group in-memory " @@ -1531,19 +1538,19 @@ msgid "" msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1236 sssd.conf.5.xml:1288 sssd.conf.5.xml:3724 -#: sssd-ldap.5.xml:474 sssd-ldap.5.xml:526 include/failover.xml:116 +#: sssd.conf.5.xml:1239 sssd.conf.5.xml:1291 sssd.conf.5.xml:3727 +#: sssd-ldap.5.xml:485 sssd-ldap.5.xml:537 include/failover.xml:116 #: include/krb5_options.xml:11 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1252 +#: sssd.conf.5.xml:1255 msgid "memcache_size_initgroups (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1255 +#: sssd.conf.5.xml:1258 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for initgroups requests. Setting the size to 0 will disable the initgroups " @@ -1551,12 +1558,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 +#: sssd.conf.5.xml:1280 msgid "memcache_size_sid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 +#: sssd.conf.5.xml:1283 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for SID related requests. Only SID-by-ID and ID-by-SID requests are " @@ -1565,12 +1572,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1304 sssd-ifp.5.xml:90 +#: sssd.conf.5.xml:1307 sssd-ifp.5.xml:90 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1307 +#: sssd.conf.5.xml:1310 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1581,43 +1588,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1320 +#: sssd.conf.5.xml:1323 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1325 +#: sssd.conf.5.xml:1328 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1330 +#: sssd.conf.5.xml:1333 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1336 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1341 msgid "Default: <quote>*</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1341 +#: sssd.conf.5.xml:1344 msgid "" "Note: This option can also be set per-domain which overwrites the value in " "[nss] section." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1348 msgid "" "Default: <quote>not set</quote> (remote domains), <phrase " "condition=\"with_files_provider\"> <quote>x</quote> (the files domain), </" @@ -1626,60 +1633,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1360 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1359 +#: sssd.conf.5.xml:1362 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1364 +#: sssd.conf.5.xml:1367 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1367 +#: sssd.conf.5.xml:1370 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1372 sssd.conf.5.xml:1385 +#: sssd.conf.5.xml:1375 sssd.conf.5.xml:1388 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1381 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1384 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1391 +#: sssd.conf.5.xml:1394 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1394 +#: sssd.conf.5.xml:1397 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1399 +#: sssd.conf.5.xml:1402 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1687,59 +1694,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1405 sssd.conf.5.xml:1515 +#: sssd.conf.5.xml:1408 sssd.conf.5.xml:1518 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1411 +#: sssd.conf.5.xml:1414 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1414 +#: sssd.conf.5.xml:1417 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1422 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1422 +#: sssd.conf.5.xml:1425 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1425 +#: sssd.conf.5.xml:1428 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1432 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1435 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1436 sssd.8.xml:63 +#: sssd.conf.5.xml:1439 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1442 +#: sssd.conf.5.xml:1445 msgid "pam_response_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:1448 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1748,51 +1755,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1453 +#: sssd.conf.5.xml:1456 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1463 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1461 +#: sssd.conf.5.xml:1464 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1464 +#: sssd.conf.5.xml:1467 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1465 +#: sssd.conf.5.xml:1468 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:1472 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1470 +#: sssd.conf.5.xml:1473 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1458 +#: sssd.conf.5.xml:1461 msgid "" "Currently the following filters are supported: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1477 +#: sssd.conf.5.xml:1480 msgid "" "The list of strings can either be the list of filters which would set this " "list of filters and overwrite the defaults. Or each element of the list can " @@ -1803,23 +1810,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1488 +#: sssd.conf.5.xml:1491 msgid "Default: ENV:KRB5CCNAME:sudo, ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1491 +#: sssd.conf.5.xml:1494 msgid "" "Example: -ENV:KRB5CCNAME:sudo-i will remove the filter from the default list" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1498 +#: sssd.conf.5.xml:1501 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1501 +#: sssd.conf.5.xml:1504 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1827,7 +1834,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1507 +#: sssd.conf.5.xml:1510 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1836,17 +1843,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1521 +#: sssd.conf.5.xml:1524 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1524 sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:1527 sssd.conf.5.xml:2990 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1527 +#: sssd.conf.5.xml:1530 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1854,32 +1861,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1533 sssd.conf.5.xml:2990 +#: sssd.conf.5.xml:1536 sssd.conf.5.xml:2993 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1541 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1543 sssd.conf.5.xml:3990 sssd-ldap.5.xml:607 -#: sssd-ldap.5.xml:1673 sssd.8.xml:79 +#: sssd.conf.5.xml:1546 sssd.conf.5.xml:3993 sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:1684 sssd.8.xml:79 msgid "Default: 0" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1560 +#: sssd.conf.5.xml:1563 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1563 +#: sssd.conf.5.xml:1566 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1889,75 +1896,75 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1573 +#: sssd.conf.5.xml:1576 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1577 +#: sssd.conf.5.xml:1580 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1584 +#: sssd.conf.5.xml:1587 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1587 +#: sssd.conf.5.xml:1590 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1591 +#: sssd.conf.5.xml:1594 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1595 +#: sssd.conf.5.xml:1598 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1602 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1603 sssd.conf.5.xml:1628 sssd.conf.5.xml:1647 -#: sssd.conf.5.xml:1884 sssd.conf.5.xml:2725 sssd.conf.5.xml:3919 -#: sssd-ldap.5.xml:1210 +#: sssd.conf.5.xml:1606 sssd.conf.5.xml:1631 sssd.conf.5.xml:1650 +#: sssd.conf.5.xml:1887 sssd.conf.5.xml:2728 sssd.conf.5.xml:3922 +#: sssd-ldap.5.xml:1221 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1611 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1611 +#: sssd.conf.5.xml:1614 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1616 +#: sssd.conf.5.xml:1619 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1627 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1965,19 +1972,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1633 +#: sssd.conf.5.xml:1636 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1639 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1643 +#: sssd.conf.5.xml:1646 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1985,46 +1992,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1652 +#: sssd.conf.5.xml:1655 msgid "pam_passkey_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1655 +#: sssd.conf.5.xml:1658 msgid "Enable passkey device based authentication." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1658 sssd.conf.5.xml:1970 sssd-ad.5.xml:1272 +#: sssd.conf.5.xml:1661 sssd.conf.5.xml:1973 sssd-ad.5.xml:1275 #: sss_rpcidmapd.5.xml:76 sssd-files.5.xml:145 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1663 +#: sssd.conf.5.xml:1666 msgid "passkey_debug_libfido2 (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1666 +#: sssd.conf.5.xml:1669 msgid "Enable libfido2 library debug messages." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1669 sssd.conf.5.xml:1683 sssd-ldap.5.xml:672 -#: sssd-ldap.5.xml:693 sssd-ldap.5.xml:789 sssd-ldap.5.xml:1296 -#: sssd-ad.5.xml:506 sssd-ad.5.xml:582 sssd-ad.5.xml:1127 sssd-ad.5.xml:1176 +#: sssd.conf.5.xml:1672 sssd.conf.5.xml:1686 sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:704 sssd-ldap.5.xml:800 sssd-ldap.5.xml:1307 +#: sssd-ad.5.xml:506 sssd-ad.5.xml:582 sssd-ad.5.xml:1127 sssd-ad.5.xml:1179 #: include/ldap_id_mapping.xml:250 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1674 +#: sssd.conf.5.xml:1677 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1677 +#: sssd.conf.5.xml:1680 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -2032,34 +2039,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1688 +#: sssd.conf.5.xml:1691 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1691 +#: sssd.conf.5.xml:1694 msgid "The path to the certificate database." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1694 sssd.conf.5.xml:2219 sssd.conf.5.xml:4411 +#: sssd.conf.5.xml:1697 sssd.conf.5.xml:2222 sssd.conf.5.xml:4414 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1696 sssd.conf.5.xml:2221 +#: sssd.conf.5.xml:1699 sssd.conf.5.xml:2224 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (path to a file with trusted CA " "certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:1709 msgid "pam_cert_verification (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:1712 msgid "" "With this parameter the PAM certificate verification can be tuned with a " "comma separated list of options that override the " @@ -2069,7 +2076,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:1723 #, no-wrap msgid "" "pam_cert_verification = partial_chain\n" @@ -2077,59 +2084,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:1727 msgid "" "Default: not set, i.e. use default <quote>certificate_verification</quote> " "option defined in <quote>[sssd]</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1731 +#: sssd.conf.5.xml:1734 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1734 +#: sssd.conf.5.xml:1737 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1743 +#: sssd.conf.5.xml:1746 msgid "passkey_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 +#: sssd.conf.5.xml:1749 msgid "" "How many seconds will the PAM responder wait for passkey_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1758 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1761 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1767 +#: sssd.conf.5.xml:1770 msgid "pam_p11_allowed_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1770 +#: sssd.conf.5.xml:1773 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1785 +#: sssd.conf.5.xml:1788 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -2137,7 +2144,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1774 +#: sssd.conf.5.xml:1777 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -2149,63 +2156,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1789 sssd-ad.5.xml:645 sssd-ad.5.xml:754 sssd-ad.5.xml:812 +#: sssd.conf.5.xml:1792 sssd-ad.5.xml:645 sssd-ad.5.xml:754 sssd-ad.5.xml:812 #: sssd-ad.5.xml:870 sssd-ad.5.xml:948 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1794 sssd-ad.5.xml:649 +#: sssd.conf.5.xml:1797 sssd-ad.5.xml:649 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1799 sssd-ad.5.xml:654 +#: sssd.conf.5.xml:1802 sssd-ad.5.xml:654 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1804 sssd-ad.5.xml:659 +#: sssd.conf.5.xml:1807 sssd-ad.5.xml:659 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1809 sssd-ad.5.xml:674 +#: sssd.conf.5.xml:1812 sssd-ad.5.xml:674 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1814 sssd-ad.5.xml:669 +#: sssd.conf.5.xml:1817 sssd-ad.5.xml:669 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1819 sssd-ad.5.xml:679 +#: sssd.conf.5.xml:1822 sssd-ad.5.xml:679 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1824 sssd-ad.5.xml:957 +#: sssd.conf.5.xml:1827 sssd-ad.5.xml:957 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1829 sssd-ad.5.xml:962 +#: sssd.conf.5.xml:1832 sssd-ad.5.xml:962 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1837 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1845 msgid "p11_wait_for_card_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1845 +#: sssd.conf.5.xml:1848 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2213,12 +2220,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1856 +#: sssd.conf.5.xml:1859 msgid "p11_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1859 +#: sssd.conf.5.xml:1862 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " @@ -2229,7 +2236,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1872 +#: sssd.conf.5.xml:1875 #, no-wrap msgid "" "p11_uri = pkcs11:slot-description=My%20Smartcard%20Reader\n" @@ -2237,7 +2244,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1876 +#: sssd.conf.5.xml:1879 #, no-wrap msgid "" "p11_uri = pkcs11:library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2245,7 +2252,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1870 +#: sssd.conf.5.xml:1873 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2254,47 +2261,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1892 msgid "pam_initgroups_scheme" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1897 +#: sssd.conf.5.xml:1900 msgid "always" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1898 +#: sssd.conf.5.xml:1901 msgid "" "Always do an online lookup, please note that pam_id_timeout still applies" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1902 +#: sssd.conf.5.xml:1905 msgid "no_session" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1903 +#: sssd.conf.5.xml:1906 msgid "" "Only do an online lookup if there is no active session of the user, i.e. if " "the user is currently not logged in" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1908 +#: sssd.conf.5.xml:1911 msgid "never" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1909 +#: sssd.conf.5.xml:1912 msgid "" "Never force an online lookup, use the data from the cache as long as they " "are not expired" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1892 +#: sssd.conf.5.xml:1895 msgid "" "The PAM responder can force an online lookup to get the current group " "memberships of the user trying to log in. This option controls when this " @@ -2303,30 +2310,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1916 +#: sssd.conf.5.xml:1919 msgid "Default: no_session" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1921 sssd.conf.5.xml:4350 +#: sssd.conf.5.xml:1924 sssd.conf.5.xml:4353 msgid "pam_gssapi_services" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1924 +#: sssd.conf.5.xml:1927 msgid "" "Comma separated list of PAM services that are allowed to try GSSAPI " "authentication using pam_sss_gss.so module." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:1932 msgid "" "To disable GSSAPI authentication, set this option to <quote>-</quote> (dash)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1933 sssd.conf.5.xml:1964 sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:1936 sssd.conf.5.xml:1967 sssd.conf.5.xml:2005 msgid "" "Note: This option can also be set per-domain which overwrites the value in " "[pam] section. It can also be set for trusted domain which overwrites the " @@ -2334,7 +2341,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1941 +#: sssd.conf.5.xml:1944 #, no-wrap msgid "" "pam_gssapi_services = sudo, sudo-i\n" @@ -2342,22 +2349,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1939 sssd.conf.5.xml:3913 +#: sssd.conf.5.xml:1942 sssd.conf.5.xml:3916 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1945 +#: sssd.conf.5.xml:1948 msgid "Default: - (GSSAPI authentication is disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1950 sssd.conf.5.xml:4351 +#: sssd.conf.5.xml:1953 sssd.conf.5.xml:4354 msgid "pam_gssapi_check_upn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1953 +#: sssd.conf.5.xml:1956 msgid "" "If True, SSSD will require that the Kerberos user principal that " "successfully authenticated through GSSAPI can be associated with the user " @@ -2365,19 +2372,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1960 +#: sssd.conf.5.xml:1963 msgid "" "If False, every user that is able to obtained required service ticket will " "be authenticated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:1978 msgid "pam_gssapi_indicators_map" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1978 +#: sssd.conf.5.xml:1981 msgid "" "Comma separated list of authentication indicators required to be present in " "a Kerberos ticket to access a PAM service that is allowed to try GSSAPI " @@ -2385,7 +2392,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1984 +#: sssd.conf.5.xml:1987 msgid "" "Each element of the list can be either an authentication indicator name or a " "pair <quote>service:indicator</quote>. Indicators not prefixed with the PAM " @@ -2400,7 +2407,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1997 +#: sssd.conf.5.xml:2000 msgid "" "To disable GSSAPI authentication indicator check, set this option to <quote>-" "</quote> (dash). To disable the check for a specific PAM service, add " @@ -2408,45 +2415,45 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2008 +#: sssd.conf.5.xml:2011 msgid "" "Following authentication indicators are supported by IPA Kerberos " "deployments:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2011 +#: sssd.conf.5.xml:2014 msgid "" "pkinit -- pre-authentication using X.509 certificates -- whether stored in " "files or on smart cards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2014 +#: sssd.conf.5.xml:2017 msgid "" "hardened -- SPAKE pre-authentication or any pre-authentication wrapped in a " "FAST channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2017 +#: sssd.conf.5.xml:2020 msgid "radius -- pre-authentication with the help of a RADIUS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2020 +#: sssd.conf.5.xml:2023 msgid "" "otp -- pre-authentication using integrated two-factor authentication (2FA or " "one-time password, OTP) in IPA." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2023 +#: sssd.conf.5.xml:2026 msgid "idp -- pre-authentication using external identity provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2033 +#: sssd.conf.5.xml:2036 #, no-wrap msgid "" "pam_gssapi_indicators_map = sudo:pkinit, sudo-i:pkinit\n" @@ -2454,7 +2461,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2028 +#: sssd.conf.5.xml:2031 msgid "" "Example: to require access to SUDO services only for users which obtained " "their Kerberos tickets with a X.509 certificate pre-authentication (PKINIT), " @@ -2462,17 +2469,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2037 +#: sssd.conf.5.xml:2040 msgid "Default: not set (use of authentication indicators is not required)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2048 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2047 +#: sssd.conf.5.xml:2050 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2483,24 +2490,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2064 +#: sssd.conf.5.xml:2067 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2067 +#: sssd.conf.5.xml:2070 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2079 +#: sssd.conf.5.xml:2082 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2082 +#: sssd.conf.5.xml:2085 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2510,22 +2517,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2101 +#: sssd.conf.5.xml:2104 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2103 +#: sssd.conf.5.xml:2106 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2107 +#: sssd.conf.5.xml:2110 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2110 +#: sssd.conf.5.xml:2113 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2533,51 +2540,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2126 +#: sssd.conf.5.xml:2129 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2128 +#: sssd.conf.5.xml:2131 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:2135 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2135 +#: sssd.conf.5.xml:2138 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2144 +#: sssd.conf.5.xml:2147 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2147 +#: sssd.conf.5.xml:2150 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2154 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2156 +#: sssd.conf.5.xml:2159 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2159 +#: sssd.conf.5.xml:2162 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2586,12 +2593,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2174 +#: sssd.conf.5.xml:2177 msgid "ssh_use_certificate_matching_rules (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2177 +#: sssd.conf.5.xml:2180 msgid "" "By default the ssh responder will use all available certificate matching " "rules to filter the certificates so that ssh keys are only derived from the " @@ -2601,7 +2608,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2186 +#: sssd.conf.5.xml:2189 msgid "" "There are two special key words 'all_rules' and 'no_rules' which will enable " "all or no rules, respectively. The latter means that no certificates will be " @@ -2609,7 +2616,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2193 +#: sssd.conf.5.xml:2196 msgid "" "If no rules are configured using 'all_rules' will enable a default rule " "which enables all certificates suitable for client authentication. This is " @@ -2618,38 +2625,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2200 +#: sssd.conf.5.xml:2203 msgid "" "A non-existing rule name is considered an error. If as a result no rule is " "selected all certificates will be ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2205 +#: sssd.conf.5.xml:2208 msgid "" "Default: not set, equivalent to 'all_rules', all found rules or the default " "rule are used" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2211 +#: sssd.conf.5.xml:2214 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2214 +#: sssd.conf.5.xml:2217 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2234 +#: sssd.conf.5.xml:2237 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2239 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2660,7 +2667,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2245 +#: sssd.conf.5.xml:2248 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2671,24 +2678,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2253 +#: sssd.conf.5.xml:2256 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2259 +#: sssd.conf.5.xml:2262 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2263 sssd-ifp.5.xml:66 +#: sssd.conf.5.xml:2266 sssd-ifp.5.xml:66 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2266 +#: sssd.conf.5.xml:2269 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2696,19 +2703,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2272 +#: sssd.conf.5.xml:2275 msgid "" "Default: 0, &sssd_user_name; (only root and SSSD service users are allowed " "to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2279 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2280 +#: sssd.conf.5.xml:2283 msgid "" "Please note that defaults will be overwritten with this option. If you still " "want to allow the root and/or '&sssd_user_name;' user to access the PAC " @@ -2717,7 +2724,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2287 +#: sssd.conf.5.xml:2290 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2726,24 +2733,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2296 +#: sssd.conf.5.xml:2299 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2299 +#: sssd.conf.5.xml:2302 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2309 +#: sssd.conf.5.xml:2312 msgid "pac_check (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2312 +#: sssd.conf.5.xml:2315 msgid "" "Apply additional checks on the PAC of the Kerberos ticket which is available " "in Active Directory and FreeIPA domains, if configured. Please note that " @@ -2754,24 +2761,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2326 +#: sssd.conf.5.xml:2329 msgid "no_check" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2328 +#: sssd.conf.5.xml:2331 msgid "" "The PAC must not be present and even if it is present no additional checks " "will be done." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2334 +#: sssd.conf.5.xml:2337 msgid "pac_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:2339 msgid "" "The PAC must be present in the service ticket which SSSD will request with " "the help of the user's TGT. If the PAC is not available the authentication " @@ -2779,24 +2786,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2344 +#: sssd.conf.5.xml:2347 msgid "check_upn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2346 +#: sssd.conf.5.xml:2349 msgid "" "If the PAC is present check if the user principal name (UPN) information is " "consistent." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2352 +#: sssd.conf.5.xml:2355 msgid "check_upn_allow_missing" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2357 msgid "" "This option should be used together with 'check_upn' and handles the case " "where a UPN is set on the server-side but is not read by SSSD. The typical " @@ -2808,7 +2815,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2366 +#: sssd.conf.5.xml:2369 msgid "" "Currently this option is set by default to avoid regressions in such " "environments. A log message will be added to the system log and SSSD's debug " @@ -2819,60 +2826,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2380 +#: sssd.conf.5.xml:2383 msgid "upn_dns_info_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2382 +#: sssd.conf.5.xml:2385 msgid "The PAC must contain the UPN-DNS-INFO buffer, implies 'check_upn'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2387 +#: sssd.conf.5.xml:2390 msgid "check_upn_dns_info_ex" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2389 +#: sssd.conf.5.xml:2392 msgid "" "If the PAC is present and the extension to the UPN-DNS-INFO buffer is " "available check if the information in the extension is consistent." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2396 +#: sssd.conf.5.xml:2399 msgid "upn_dns_info_ex_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2401 msgid "" "The PAC must contain the extension of the UPN-DNS-INFO buffer, implies " "'check_upn_dns_info_ex', 'upn_dns_info_present' and 'check_upn'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2325 msgid "" "The following options can be used alone or in a comma-separated list: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2408 +#: sssd.conf.5.xml:2411 msgid "" "Default: no_check (AD and IPA provider 'check_upn, check_upn_allow_missing, " "check_upn_dns_info_ex')" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2417 +#: sssd.conf.5.xml:2420 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2419 +#: sssd.conf.5.xml:2422 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2882,66 +2889,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2432 +#: sssd.conf.5.xml:2435 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2436 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:2439 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2443 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:2446 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2446 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:2449 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2451 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:2454 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2454 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:2457 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2463 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:2466 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2466 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:2469 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2439 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:2442 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:2476 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2478 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:2481 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2481 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:2484 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2949,17 +2956,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2487 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:2490 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2492 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:2495 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2495 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:2498 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2967,7 +2974,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2501 sssd.conf.5.xml:2533 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:2504 sssd.conf.5.xml:2536 sssd-session-recording.5.xml:129 #: sssd-session-recording.5.xml:161 msgid "" "NOTE: using this option (having it set to anything) has a considerable " @@ -2976,57 +2983,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2508 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:2511 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2513 sssd-session-recording.5.xml:141 +#: sssd.conf.5.xml:2516 sssd-session-recording.5.xml:141 msgid "exclude_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2516 sssd-session-recording.5.xml:144 +#: sssd.conf.5.xml:2519 sssd-session-recording.5.xml:144 msgid "" "A comma-separated list of users to be excluded from recording, only " "applicable with 'scope=all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2520 sssd-session-recording.5.xml:148 +#: sssd.conf.5.xml:2523 sssd-session-recording.5.xml:148 msgid "Default: Empty. No users excluded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2525 sssd-session-recording.5.xml:153 +#: sssd.conf.5.xml:2528 sssd-session-recording.5.xml:153 msgid "exclude_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2528 sssd-session-recording.5.xml:156 +#: sssd.conf.5.xml:2531 sssd-session-recording.5.xml:156 msgid "" "A comma-separated list of groups, members of which should be excluded from " "recording. Only applicable with 'scope=all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2540 sssd-session-recording.5.xml:168 +#: sssd.conf.5.xml:2543 sssd-session-recording.5.xml:168 msgid "Default: Empty. No groups excluded." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:2550 +#: sssd.conf.5.xml:2553 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para> -#: sssd.conf.5.xml:2557 sssd.conf.5.xml:4041 sssd.conf.5.xml:4042 -#: sssd.conf.5.xml:4045 +#: sssd.conf.5.xml:2560 sssd.conf.5.xml:4044 sssd.conf.5.xml:4045 +#: sssd.conf.5.xml:4048 msgid "enabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2560 +#: sssd.conf.5.xml:2563 msgid "" "Explicitly enable or disable the domain. If <quote>true</quote>, the domain " "is always <quote>enabled</quote>. If <quote>false</quote>, the domain is " @@ -3036,12 +3043,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2572 +#: sssd.conf.5.xml:2575 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2578 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -3050,14 +3057,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2583 +#: sssd.conf.5.xml:2586 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2587 +#: sssd.conf.5.xml:2590 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -3066,38 +3073,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2595 +#: sssd.conf.5.xml:2598 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2602 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2603 +#: sssd.conf.5.xml:2606 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2609 +#: sssd.conf.5.xml:2612 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2615 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2617 +#: sssd.conf.5.xml:2620 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -3106,24 +3113,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2627 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2631 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2637 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2637 +#: sssd.conf.5.xml:2640 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -3132,36 +3139,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:2648 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:2651 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2651 sssd.conf.5.xml:2942 sssd.conf.5.xml:3119 +#: sssd.conf.5.xml:2654 sssd.conf.5.xml:2945 sssd.conf.5.xml:3122 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2654 +#: sssd.conf.5.xml:2657 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2659 +#: sssd.conf.5.xml:2662 msgid "" "Feature is only supported for domains with id_provider = ldap or id_provider " "= proxy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2663 +#: sssd.conf.5.xml:2666 msgid "" "Note: Enabling enumeration has a severe performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -3175,14 +3182,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2678 +#: sssd.conf.5.xml:2681 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2683 +#: sssd.conf.5.xml:2686 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -3191,14 +3198,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2694 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2696 +#: sssd.conf.5.xml:2699 msgid "" "Note: the proxy provider is tested with open source modules like " "'libnss_files' and 'libnss_ldap'. 3rd party modules must follow the " @@ -3206,32 +3213,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2705 +#: sssd.conf.5.xml:2708 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2712 +#: sssd.conf.5.xml:2715 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2716 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2716 +#: sssd.conf.5.xml:2719 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2717 +#: sssd.conf.5.xml:2720 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2708 +#: sssd.conf.5.xml:2711 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -3240,19 +3247,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2731 +#: sssd.conf.5.xml:2734 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2734 +#: sssd.conf.5.xml:2737 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2738 +#: sssd.conf.5.xml:2741 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -3263,139 +3270,139 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2751 +#: sssd.conf.5.xml:2754 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2757 +#: sssd.conf.5.xml:2760 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2760 +#: sssd.conf.5.xml:2763 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2764 sssd.conf.5.xml:2777 sssd.conf.5.xml:2790 -#: sssd.conf.5.xml:2803 sssd.conf.5.xml:2817 sssd.conf.5.xml:2830 -#: sssd.conf.5.xml:2844 sssd.conf.5.xml:2858 sssd.conf.5.xml:2871 +#: sssd.conf.5.xml:2767 sssd.conf.5.xml:2780 sssd.conf.5.xml:2793 +#: sssd.conf.5.xml:2806 sssd.conf.5.xml:2820 sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2847 sssd.conf.5.xml:2861 sssd.conf.5.xml:2874 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2773 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2776 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2783 +#: sssd.conf.5.xml:2786 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2786 +#: sssd.conf.5.xml:2789 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2796 +#: sssd.conf.5.xml:2799 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2799 +#: sssd.conf.5.xml:2802 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2812 msgid "entry_cache_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2812 +#: sssd.conf.5.xml:2815 msgid "" "How many seconds should nss_sss consider hosts and networks entries valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:2826 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2826 +#: sssd.conf.5.xml:2829 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2836 +#: sssd.conf.5.xml:2839 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2839 +#: sssd.conf.5.xml:2842 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2850 +#: sssd.conf.5.xml:2853 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2853 +#: sssd.conf.5.xml:2856 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2867 msgid "entry_cache_computer_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2867 +#: sssd.conf.5.xml:2870 msgid "" "How many seconds to keep the local computer entry before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2877 +#: sssd.conf.5.xml:2880 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2880 +#: sssd.conf.5.xml:2883 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2885 +#: sssd.conf.5.xml:2888 msgid "" "The background refresh will process users, groups and netgroups in the " "cache. For users who have performed the initgroups (get group membership for " @@ -3404,17 +3411,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2893 +#: sssd.conf.5.xml:2896 msgid "This option is automatically inherited for all trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2897 +#: sssd.conf.5.xml:2900 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2901 +#: sssd.conf.5.xml:2904 msgid "" "Cache entry will be refreshed by background task when 2/3 of cache timeout " "has already passed. If there are existing cached entries, the background " @@ -3426,18 +3433,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2914 sssd-ldap.5.xml:361 sssd-ldap.5.xml:1774 +#: sssd.conf.5.xml:2917 sssd-ldap.5.xml:372 sssd-ldap.5.xml:1785 #: sssd-ipa.5.xml:270 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2920 +#: sssd.conf.5.xml:2923 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:2926 msgid "" "Determines if user credentials are also cached in the local LDB cache. The " "cached credentials refer to passwords, which includes the first (long term) " @@ -3448,7 +3455,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2934 +#: sssd.conf.5.xml:2937 msgid "" "Take a note that while credentials are stored as a salted SHA512 hash, this " "still potentially poses some security risk in case an attacker manages to " @@ -3457,12 +3464,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:2951 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2951 +#: sssd.conf.5.xml:2954 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -3470,19 +3477,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2958 +#: sssd.conf.5.xml:2961 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:2972 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:2975 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -3491,17 +3498,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2979 +#: sssd.conf.5.xml:2982 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:2987 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2995 +#: sssd.conf.5.xml:2998 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -3510,28 +3517,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3002 +#: sssd.conf.5.xml:3005 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3008 +#: sssd.conf.5.xml:3011 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3011 +#: sssd.conf.5.xml:3014 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3015 +#: sssd.conf.5.xml:3018 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3018 +#: sssd.conf.5.xml:3021 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3539,7 +3546,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3026 +#: sssd.conf.5.xml:3029 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3547,8 +3554,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3034 sssd.conf.5.xml:3145 sssd.conf.5.xml:3196 -#: sssd.conf.5.xml:3259 +#: sssd.conf.5.xml:3037 sssd.conf.5.xml:3148 sssd.conf.5.xml:3199 +#: sssd.conf.5.xml:3262 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Identity Management provider. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3556,8 +3563,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3043 sssd.conf.5.xml:3154 sssd.conf.5.xml:3205 -#: sssd.conf.5.xml:3268 +#: sssd.conf.5.xml:3046 sssd.conf.5.xml:3157 sssd.conf.5.xml:3208 +#: sssd.conf.5.xml:3271 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3565,19 +3572,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3054 +#: sssd.conf.5.xml:3057 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3057 +#: sssd.conf.5.xml:3060 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3062 +#: sssd.conf.5.xml:3065 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -3586,7 +3593,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3070 +#: sssd.conf.5.xml:3073 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -3594,24 +3601,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3077 +#: sssd.conf.5.xml:3080 msgid "" "Default: FALSE (TRUE for trusted domain/sub-domains or if " "default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3084 +#: sssd.conf.5.xml:3087 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3087 +#: sssd.conf.5.xml:3090 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3090 +#: sssd.conf.5.xml:3093 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -3623,7 +3630,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3111 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -3631,30 +3638,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3114 sssd.conf.5.xml:3835 sssd-ldap.5.xml:327 -#: sssd-ldap.5.xml:356 sssd-ldap.5.xml:409 sssd-ldap.5.xml:469 -#: sssd-ldap.5.xml:490 sssd-ldap.5.xml:521 sssd-ldap.5.xml:544 -#: sssd-ldap.5.xml:583 sssd-ldap.5.xml:602 sssd-ldap.5.xml:626 -#: sssd-ldap.5.xml:1054 sssd-ldap.5.xml:1087 +#: sssd.conf.5.xml:3117 sssd.conf.5.xml:3838 sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:367 sssd-ldap.5.xml:420 sssd-ldap.5.xml:480 +#: sssd-ldap.5.xml:501 sssd-ldap.5.xml:532 sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:594 sssd-ldap.5.xml:613 sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:1065 sssd-ldap.5.xml:1098 msgid "" "This option can be also set per subdomain or inherited via " "<emphasis>subdomain_inherit</emphasis>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3124 +#: sssd.conf.5.xml:3127 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3127 +#: sssd.conf.5.xml:3130 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3131 sssd.conf.5.xml:3189 +#: sssd.conf.5.xml:3134 sssd.conf.5.xml:3192 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3662,7 +3669,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3138 +#: sssd.conf.5.xml:3141 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3670,30 +3677,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3162 +#: sssd.conf.5.xml:3165 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3168 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3168 +#: sssd.conf.5.xml:3171 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3174 +#: sssd.conf.5.xml:3177 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3177 +#: sssd.conf.5.xml:3180 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3701,19 +3708,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3183 +#: sssd.conf.5.xml:3186 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3186 +#: sssd.conf.5.xml:3189 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3213 +#: sssd.conf.5.xml:3216 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3722,7 +3729,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3223 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3730,29 +3737,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3227 +#: sssd.conf.5.xml:3230 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3230 +#: sssd.conf.5.xml:3233 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3235 +#: sssd.conf.5.xml:3238 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3238 +#: sssd.conf.5.xml:3241 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3243 +#: sssd.conf.5.xml:3246 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3760,7 +3767,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3251 +#: sssd.conf.5.xml:3254 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3768,35 +3775,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3276 +#: sssd.conf.5.xml:3279 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3280 +#: sssd.conf.5.xml:3283 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3283 +#: sssd.conf.5.xml:3286 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3290 +#: sssd.conf.5.xml:3293 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3293 +#: sssd.conf.5.xml:3296 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3297 +#: sssd.conf.5.xml:3300 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3804,32 +3811,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3305 +#: sssd.conf.5.xml:3308 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3309 +#: sssd.conf.5.xml:3312 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3313 +#: sssd.conf.5.xml:3316 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3316 sssd.conf.5.xml:3402 sssd.conf.5.xml:3467 -#: sssd.conf.5.xml:3492 sssd.conf.5.xml:3528 +#: sssd.conf.5.xml:3319 sssd.conf.5.xml:3405 sssd.conf.5.xml:3470 +#: sssd.conf.5.xml:3495 sssd.conf.5.xml:3531 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3320 +#: sssd.conf.5.xml:3323 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3840,7 +3847,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3335 +#: sssd.conf.5.xml:3338 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3849,12 +3856,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3345 +#: sssd.conf.5.xml:3348 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3348 +#: sssd.conf.5.xml:3351 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3862,7 +3869,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3354 +#: sssd.conf.5.xml:3357 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3870,31 +3877,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3362 +#: sssd.conf.5.xml:3365 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3365 +#: sssd.conf.5.xml:3368 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3371 +#: sssd.conf.5.xml:3374 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3374 +#: sssd.conf.5.xml:3377 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3380 +#: sssd.conf.5.xml:3383 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3902,7 +3909,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3389 +#: sssd.conf.5.xml:3392 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3911,17 +3918,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3398 +#: sssd.conf.5.xml:3401 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3408 +#: sssd.conf.5.xml:3411 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3411 +#: sssd.conf.5.xml:3414 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3929,36 +3936,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3418 +#: sssd.conf.5.xml:3421 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3422 +#: sssd.conf.5.xml:3425 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3426 +#: sssd.conf.5.xml:3429 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3433 +#: sssd.conf.5.xml:3436 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3436 +#: sssd.conf.5.xml:3439 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3440 +#: sssd.conf.5.xml:3443 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3966,7 +3973,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3447 +#: sssd.conf.5.xml:3450 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3974,7 +3981,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3455 +#: sssd.conf.5.xml:3458 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3982,24 +3989,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3464 +#: sssd.conf.5.xml:3467 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3474 +#: sssd.conf.5.xml:3477 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3477 +#: sssd.conf.5.xml:3480 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3481 +#: sssd.conf.5.xml:3484 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -4007,31 +4014,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3492 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3499 +#: sssd.conf.5.xml:3502 msgid "resolver_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3502 +#: sssd.conf.5.xml:3505 msgid "" "The provider which should handle hosts and networks lookups. Supported " "resolver providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3506 +#: sssd.conf.5.xml:3509 msgid "" "<quote>proxy</quote> to forward lookups to another NSS library. See " "<quote>proxy_resolver_lib_name</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3510 +#: sssd.conf.5.xml:3513 msgid "" "<quote>ldap</quote> to fetch hosts and networks stored in LDAP. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -4039,7 +4046,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3517 +#: sssd.conf.5.xml:3520 msgid "" "<quote>ad</quote> to fetch hosts and networks stored in AD. See " "<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" @@ -4048,12 +4055,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3525 +#: sssd.conf.5.xml:3528 msgid "<quote>none</quote> disallows fetching hosts and networks explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3538 +#: sssd.conf.5.xml:3541 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -4063,24 +4070,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3547 +#: sssd.conf.5.xml:3550 msgid "" "Default: <quote>^((?P<name>.+)@(?P<domain>[^@]*)|(?P<name>" "[^@]+))$</quote> which allows two different styles for user names:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3552 sssd.conf.5.xml:3566 +#: sssd.conf.5.xml:3555 sssd.conf.5.xml:3569 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3555 sssd.conf.5.xml:3569 +#: sssd.conf.5.xml:3558 sssd.conf.5.xml:3572 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3560 +#: sssd.conf.5.xml:3563 msgid "" "Default for the AD and IPA provider: <quote>^(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+))|((?P<name>.+)@(?P<domain>[^@]+))|((?P<" @@ -4089,19 +4096,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3572 +#: sssd.conf.5.xml:3575 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3575 +#: sssd.conf.5.xml:3578 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3580 +#: sssd.conf.5.xml:3583 msgid "" "The default re_expression uses the <quote>@</quote> character as a separator " "between the name and the domain. As a result of this setting the default " @@ -4111,89 +4118,89 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3632 +#: sssd.conf.5.xml:3635 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3638 +#: sssd.conf.5.xml:3641 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3641 +#: sssd.conf.5.xml:3644 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3645 +#: sssd.conf.5.xml:3648 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3648 +#: sssd.conf.5.xml:3651 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3651 +#: sssd.conf.5.xml:3654 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3654 +#: sssd.conf.5.xml:3657 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3657 +#: sssd.conf.5.xml:3660 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3660 +#: sssd.conf.5.xml:3663 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3666 +#: sssd.conf.5.xml:3669 msgid "dns_resolver_server_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3669 +#: sssd.conf.5.xml:3672 msgid "" "Defines the amount of time (in milliseconds) SSSD would try to talk to DNS " "server before trying next DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3674 +#: sssd.conf.5.xml:3677 msgid "" "The AD provider will use this option for the CLDAP ping timeouts as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3678 sssd.conf.5.xml:3698 sssd.conf.5.xml:3719 +#: sssd.conf.5.xml:3681 sssd.conf.5.xml:3701 sssd.conf.5.xml:3722 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3683 sssd-ldap.5.xml:645 include/failover.xml:84 +#: sssd.conf.5.xml:3686 sssd-ldap.5.xml:656 include/failover.xml:84 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3689 +#: sssd.conf.5.xml:3692 msgid "dns_resolver_op_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3692 +#: sssd.conf.5.xml:3695 msgid "" "Defines the amount of time (in seconds) to wait to resolve single DNS query " "(e.g. resolution of a hostname or an SRV record) before trying the next " @@ -4201,17 +4208,17 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3703 include/failover.xml:100 +#: sssd.conf.5.xml:3706 include/failover.xml:100 msgid "Default: 3" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3709 +#: sssd.conf.5.xml:3712 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3712 +#: sssd.conf.5.xml:3715 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -4220,12 +4227,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3730 +#: sssd.conf.5.xml:3733 msgid "dns_resolver_use_search_list (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3733 +#: sssd.conf.5.xml:3736 msgid "" "Normally, the DNS resolver searches the domain list defined in the " "\"search\" directive from the resolv.conf file. This can lead to delays in " @@ -4233,7 +4240,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3739 +#: sssd.conf.5.xml:3742 msgid "" "If fully qualified domain names (or _srv_) are used in the SSSD " "configuration, setting this option to FALSE can prevent unnecessary DNS " @@ -4241,34 +4248,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3745 +#: sssd.conf.5.xml:3748 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3751 +#: sssd.conf.5.xml:3754 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3754 +#: sssd.conf.5.xml:3757 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3758 +#: sssd.conf.5.xml:3761 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3764 +#: sssd.conf.5.xml:3767 msgid "failover_primary_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3767 +#: sssd.conf.5.xml:3770 msgid "" "When no primary server is available, SSSD fails over to a backup server. " "This option defines the number of seconds SSSD waits before attempting to " @@ -4276,57 +4283,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3774 +#: sssd.conf.5.xml:3777 msgid "Note: The minimum value is 31." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3777 +#: sssd.conf.5.xml:3780 msgid "Default: 31" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3783 +#: sssd.conf.5.xml:3786 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3786 +#: sssd.conf.5.xml:3789 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3792 +#: sssd.conf.5.xml:3795 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3799 +#: sssd.conf.5.xml:3802 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3802 +#: sssd.conf.5.xml:3805 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3808 +#: sssd.conf.5.xml:3811 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3810 +#: sssd.conf.5.xml:3813 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3814 +#: sssd.conf.5.xml:3817 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3817 +#: sssd.conf.5.xml:3820 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -4334,31 +4341,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3825 +#: sssd.conf.5.xml:3828 msgid "" "If you want to set this value for trusted domain with IPA provider, you need " "to set it on both the client and SSSD on the server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3795 +#: sssd.conf.5.xml:3798 msgid "" "Treat user and group names as case sensitive. Possible option values are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3840 +#: sssd.conf.5.xml:3843 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3846 +#: sssd.conf.5.xml:3849 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3849 +#: sssd.conf.5.xml:3852 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -4366,104 +4373,104 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3855 +#: sssd.conf.5.xml:3858 msgid "ldap_search_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3858 +#: sssd.conf.5.xml:3861 msgid "ldap_network_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3861 +#: sssd.conf.5.xml:3864 msgid "ldap_opt_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3864 +#: sssd.conf.5.xml:3867 msgid "ldap_offline_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3867 +#: sssd.conf.5.xml:3870 msgid "ldap_enumeration_refresh_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3870 +#: sssd.conf.5.xml:3873 msgid "ldap_enumeration_refresh_offset" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3873 +#: sssd.conf.5.xml:3876 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3876 +#: sssd.conf.5.xml:3879 msgid "ldap_purge_cache_offset" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3879 +#: sssd.conf.5.xml:3882 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3883 +#: sssd.conf.5.xml:3886 msgid "ldap_krb5_ticket_lifetime" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3886 +#: sssd.conf.5.xml:3889 msgid "ldap_enumeration_search_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3889 +#: sssd.conf.5.xml:3892 msgid "ldap_connection_expire_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3892 +#: sssd.conf.5.xml:3895 msgid "ldap_connection_expire_offset" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3895 +#: sssd.conf.5.xml:3898 msgid "ldap_connection_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3898 sssd-ldap.5.xml:401 +#: sssd.conf.5.xml:3901 sssd-ldap.5.xml:412 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3901 +#: sssd.conf.5.xml:3904 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3904 +#: sssd.conf.5.xml:3907 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3907 +#: sssd.conf.5.xml:3910 msgid "auto_private_groups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3910 +#: sssd.conf.5.xml:3913 msgid "case_sensitive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3915 +#: sssd.conf.5.xml:3918 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -4471,27 +4478,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3922 +#: sssd.conf.5.xml:3925 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3929 +#: sssd.conf.5.xml:3932 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3940 +#: sssd.conf.5.xml:3943 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3941 +#: sssd.conf.5.xml:3944 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3932 +#: sssd.conf.5.xml:3935 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -4501,34 +4508,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3946 +#: sssd.conf.5.xml:3949 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3950 +#: sssd.conf.5.xml:3953 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3955 +#: sssd.conf.5.xml:3958 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3958 +#: sssd.conf.5.xml:3961 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3964 +#: sssd.conf.5.xml:3967 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3967 +#: sssd.conf.5.xml:3970 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -4537,19 +4544,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3975 +#: sssd.conf.5.xml:3978 msgid "" "This option's value is inherited by all trusted domains. At the moment it is " "not possible to set a different value per trusted domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3980 +#: sssd.conf.5.xml:3983 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3984 +#: sssd.conf.5.xml:3987 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -4557,12 +4564,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3995 +#: sssd.conf.5.xml:3998 msgid "local_auth_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3998 +#: sssd.conf.5.xml:4001 msgid "" "Local authentication methods policy. Some backends (i.e. LDAP, proxy " "provider) only support a password based authentication, while others can " @@ -4574,7 +4581,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4010 +#: sssd.conf.5.xml:4013 msgid "" "There are three possible values for this option: match, only, enable. " "<quote>match</quote> is used to match offline and online states for Kerberos " @@ -4586,7 +4593,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4023 +#: sssd.conf.5.xml:4026 msgid "" "The following table shows which authentication methods, if configured " "properly, are currently enabled or disabled for each backend, with the " @@ -4594,42 +4601,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4036 +#: sssd.conf.5.xml:4039 msgid "local_auth_policy = match (default)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4037 +#: sssd.conf.5.xml:4040 msgid "Passkey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4038 +#: sssd.conf.5.xml:4041 msgid "Smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4041 sssd-ldap.5.xml:189 +#: sssd.conf.5.xml:4044 sssd-ldap.5.xml:189 msgid "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4044 sssd-ldap.5.xml:194 +#: sssd.conf.5.xml:4047 sssd-ldap.5.xml:194 msgid "AD" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para> -#: sssd.conf.5.xml:4044 sssd.conf.5.xml:4047 sssd.conf.5.xml:4048 +#: sssd.conf.5.xml:4047 sssd.conf.5.xml:4050 sssd.conf.5.xml:4051 msgid "disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry> -#: sssd.conf.5.xml:4047 +#: sssd.conf.5.xml:4050 msgid "LDAP" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4052 +#: sssd.conf.5.xml:4055 msgid "" "Please note that if local Smartcard authentication is enabled and a " "Smartcard is present, Smartcard authentication will be preferred over the " @@ -4638,7 +4645,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4064 +#: sssd.conf.5.xml:4067 #, no-wrap msgid "" "[domain/shadowutils]\n" @@ -4649,7 +4656,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4060 +#: sssd.conf.5.xml:4063 msgid "" "The following configuration example allows local users to authenticate " "locally using any enabled method (i.e. smartcard, passkey). <placeholder " @@ -4657,36 +4664,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4072 +#: sssd.conf.5.xml:4075 msgid "" "It is expected that the <quote>files</quote> provider ignores the " "local_auth_policy option and supports Smartcard authentication by default." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4077 +#: sssd.conf.5.xml:4080 msgid "Default: match" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4082 +#: sssd.conf.5.xml:4085 msgid "auto_private_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4088 +#: sssd.conf.5.xml:4091 msgid "true" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4091 +#: sssd.conf.5.xml:4094 msgid "" "Create user's private group unconditionally from user's UID number. The GID " "number is ignored in this case." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4095 +#: sssd.conf.5.xml:4098 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -4695,24 +4702,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4104 +#: sssd.conf.5.xml:4107 msgid "false" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4107 +#: sssd.conf.5.xml:4110 msgid "" "Always use the user's primary GID number. The GID number must refer to a " "group object in the LDAP database." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4113 +#: sssd.conf.5.xml:4116 msgid "hybrid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4116 +#: sssd.conf.5.xml:4119 msgid "" "A primary group is autogenerated for user entries whose UID and GID numbers " "have the same value and at the same time the GID number does not correspond " @@ -4722,14 +4729,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4129 +#: sssd.conf.5.xml:4132 msgid "" "If the UID and GID of a user are different, then the GID must correspond to " "a group entry, otherwise the GID is simply not resolvable." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4136 +#: sssd.conf.5.xml:4139 msgid "" "This feature is useful for environments that wish to stop maintaining a " "separate group objects for the user private groups, but also wish to retain " @@ -4737,21 +4744,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4085 +#: sssd.conf.5.xml:4088 msgid "" "This option takes any of three available values: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4148 +#: sssd.conf.5.xml:4151 msgid "" "For subdomains, the default value is False for subdomains that use assigned " "POSIX IDs and True for subdomains that use automatic ID-mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4156 +#: sssd.conf.5.xml:4159 #, no-wrap msgid "" "[domain/forest.domain/sub.domain]\n" @@ -4759,7 +4766,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4162 +#: sssd.conf.5.xml:4165 #, no-wrap msgid "" "[domain/forest.domain]\n" @@ -4768,7 +4775,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4153 +#: sssd.conf.5.xml:4156 msgid "" "The value of auto_private_groups can either be set per subdomains in a " "subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " @@ -4777,7 +4784,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2552 +#: sssd.conf.5.xml:2555 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -4785,17 +4792,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4177 +#: sssd.conf.5.xml:4180 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4180 +#: sssd.conf.5.xml:4183 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4183 +#: sssd.conf.5.xml:4186 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here. As an alternative you can " @@ -4803,12 +4810,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4193 +#: sssd.conf.5.xml:4196 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4196 +#: sssd.conf.5.xml:4199 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -4816,12 +4823,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4206 +#: sssd.conf.5.xml:4209 msgid "proxy_resolver_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4209 +#: sssd.conf.5.xml:4212 msgid "" "The name of the NSS library to use for hosts and networks lookups in proxy " "domains. The NSS functions searched for in the library are in the form of " @@ -4829,12 +4836,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4220 +#: sssd.conf.5.xml:4223 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4223 +#: sssd.conf.5.xml:4226 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -4843,12 +4850,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4237 +#: sssd.conf.5.xml:4240 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4240 +#: sssd.conf.5.xml:4243 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -4856,19 +4863,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4173 +#: sssd.conf.5.xml:4176 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" " "id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:4256 +#: sssd.conf.5.xml:4259 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4258 +#: sssd.conf.5.xml:4261 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -4885,7 +4892,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4278 +#: sssd.conf.5.xml:4281 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -4893,17 +4900,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:4284 +#: sssd.conf.5.xml:4287 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4286 +#: sssd.conf.5.xml:4289 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4289 +#: sssd.conf.5.xml:4292 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -4912,7 +4919,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4303 +#: sssd.conf.5.xml:4306 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -4922,7 +4929,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:4311 +#: sssd.conf.5.xml:4314 #, no-wrap msgid "" "[sssd]\n" @@ -4942,12 +4949,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4331 +#: sssd.conf.5.xml:4334 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4333 +#: sssd.conf.5.xml:4336 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -4958,69 +4965,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4340 +#: sssd.conf.5.xml:4343 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4341 +#: sssd.conf.5.xml:4344 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4342 +#: sssd.conf.5.xml:4345 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4343 +#: sssd.conf.5.xml:4346 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4344 +#: sssd.conf.5.xml:4347 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4345 +#: sssd.conf.5.xml:4348 msgid "ldap_sasl_mech," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4346 +#: sssd.conf.5.xml:4349 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4347 +#: sssd.conf.5.xml:4350 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4348 +#: sssd.conf.5.xml:4351 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4349 sssd-ipa.5.xml:884 +#: sssd.conf.5.xml:4352 sssd-ipa.5.xml:948 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4353 +#: sssd.conf.5.xml:4356 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4359 +#: sssd.conf.5.xml:4362 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4361 +#: sssd.conf.5.xml:4364 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -5033,7 +5040,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4375 +#: sssd.conf.5.xml:4378 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -5041,7 +5048,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4384 +#: sssd.conf.5.xml:4387 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -5050,55 +5057,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4391 +#: sssd.conf.5.xml:4394 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4394 +#: sssd.conf.5.xml:4397 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4398 +#: sssd.conf.5.xml:4401 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4405 +#: sssd.conf.5.xml:4408 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4408 +#: sssd.conf.5.xml:4411 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4414 +#: sssd.conf.5.xml:4417 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4420 +#: sssd.conf.5.xml:4423 msgid "" -"The RULE_NAME for the <quote>files</quote> provider which tries to find a " -"user with the same name." +"If maprule is not set and provider is <quote>proxy</quote><phrase " +"condition=\"with_files_provider\">  or <quote>files</quote></phrase>, " +"the RULE_NAME name is assumed to be the name of the matching user." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4429 +#: sssd.conf.5.xml:4434 msgid "domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4432 +#: sssd.conf.5.xml:4437 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -5107,17 +5115,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4439 +#: sssd.conf.5.xml:4444 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4444 +#: sssd.conf.5.xml:4449 msgid "priority (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4447 +#: sssd.conf.5.xml:4452 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -5125,26 +5133,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4453 +#: sssd.conf.5.xml:4458 msgid "Default: the lowest priority" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4459 +#: sssd.conf.5.xml:4464 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4465 +#: sssd.conf.5.xml:4470 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4471 +#: sssd.conf.5.xml:4476 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -5153,17 +5161,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4480 +#: sssd.conf.5.xml:4485 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4488 +#: sssd.conf.5.xml:4493 msgid "PROMPTING CONFIGURATION SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4490 +#: sssd.conf.5.xml:4495 msgid "" "If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" "filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " @@ -5173,7 +5181,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4498 +#: sssd.conf.5.xml:4503 msgid "" "With the growing number of authentication methods and the possibility that " "there are multiple ones for a single user the heuristic used by pam_sss to " @@ -5182,59 +5190,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4510 +#: sssd.conf.5.xml:4515 msgid "[prompting/password]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4513 +#: sssd.conf.5.xml:4518 msgid "password_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4514 +#: sssd.conf.5.xml:4519 msgid "to change the string of the password prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4512 +#: sssd.conf.5.xml:4517 msgid "" "to configure password prompting, allowed options are: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4522 +#: sssd.conf.5.xml:4527 msgid "[prompting/2fa]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4526 +#: sssd.conf.5.xml:4531 msgid "first_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4527 +#: sssd.conf.5.xml:4532 msgid "to change the string of the prompt for the first factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4530 +#: sssd.conf.5.xml:4535 msgid "second_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4531 +#: sssd.conf.5.xml:4536 msgid "to change the string of the prompt for the second factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4534 +#: sssd.conf.5.xml:4539 msgid "single_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4535 +#: sssd.conf.5.xml:4540 msgid "" "boolean value, if True there will be only a single prompt using the value of " "first_prompt where it is expected that both factors are entered as a single " @@ -5243,7 +5251,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4524 +#: sssd.conf.5.xml:4529 msgid "" "to configure two-factor authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/> If the second factor is " @@ -5252,7 +5260,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4548 +#: sssd.conf.5.xml:4553 msgid "" "Some clients, such as SSH with 'PasswordAuthentication yes', generate their " "own prompts and do not use prompts provided by SSSD or other PAM modules. " @@ -5263,17 +5271,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4563 +#: sssd.conf.5.xml:4568 msgid "[prompting/passkey]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4569 sssd-ad.5.xml:1022 +#: sssd.conf.5.xml:4574 sssd-ad.5.xml:1022 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4571 +#: sssd.conf.5.xml:4576 msgid "" "boolean value, if True prompt a message and wait before testing the presence " "of a passkey device. Recommended if your device doesn’t have a tactile " @@ -5281,46 +5289,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4579 +#: sssd.conf.5.xml:4584 msgid "interactive_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4581 +#: sssd.conf.5.xml:4586 msgid "to change the message of the interactive prompt." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4586 +#: sssd.conf.5.xml:4591 msgid "touch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4588 +#: sssd.conf.5.xml:4593 msgid "" "boolean value, if True prompt a message to remind the user to touch the " "device." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4594 +#: sssd.conf.5.xml:4599 msgid "touch_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4596 +#: sssd.conf.5.xml:4601 msgid "to change the message of the touch prompt." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4565 +#: sssd.conf.5.xml:4570 msgid "" "to configure passkey authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4505 +#: sssd.conf.5.xml:4510 msgid "" "Each supported authentication method has its own configuration subsection " "under <quote>[prompting/...]</quote>. Currently there are: <placeholder " @@ -5329,7 +5337,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4607 +#: sssd.conf.5.xml:4612 msgid "" "It is possible to add a subsection for specific PAM services, e.g. " "<quote>[prompting/password/sshd]</quote> to individual change the prompting " @@ -5337,12 +5345,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4614 pam_sss_gss.8.xml:157 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:4619 pam_sss_gss.8.xml:157 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4620 +#: sssd.conf.5.xml:4625 #, no-wrap msgid "" "[sssd]\n" @@ -5371,7 +5379,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4616 +#: sssd.conf.5.xml:4621 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -5380,7 +5388,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4652 +#: sssd.conf.5.xml:4657 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -5388,7 +5396,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4646 +#: sssd.conf.5.xml:4651 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -5399,7 +5407,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4663 +#: sssd.conf.5.xml:4668 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -5410,7 +5418,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4657 +#: sssd.conf.5.xml:4662 msgid "" "3. The following example shows the configuration of a certificate mapping " "rule. It is valid for the configured domain <quote>my.domain</quote> and " @@ -5680,8 +5688,17 @@ msgstr "" msgid "ldap_modify - Direct modification of userPassword (not recommended)." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:239 +msgid "" +"exop_force - Try Password Modify Extended Operation (RFC 3062) even if there " +"are no grace logins left. Depending on the type and configuration of the " +"LDAP server the password change might fail because an authenticated bind is " +"not possible." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:240 +#: sssd-ldap.5.xml:251 msgid "" "Note: First, a new connection is established to verify current password by " "binding as the user that requested password change. If successful, this " @@ -5690,74 +5707,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:248 +#: sssd-ldap.5.xml:259 msgid "Default: exop" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:265 msgid "ldap_default_bind_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:268 msgid "The default bind DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:264 +#: sssd-ldap.5.xml:275 msgid "ldap_default_authtok_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:267 +#: sssd-ldap.5.xml:278 msgid "The type of the authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:271 +#: sssd-ldap.5.xml:282 msgid "The two mechanisms currently supported are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:274 +#: sssd-ldap.5.xml:285 msgid "password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:288 msgid "obfuscated_password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:291 msgid "Default: password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:283 +#: sssd-ldap.5.xml:294 msgid "" "See the <citerefentry> <refentrytitle>sss_obfuscate</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> manual page for more information." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:294 +#: sssd-ldap.5.xml:305 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 +#: sssd-ldap.5.xml:308 msgid "The authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:314 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:317 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -5766,24 +5783,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:319 +#: sssd-ldap.5.xml:330 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:322 +#: sssd-ldap.5.xml:333 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:349 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:341 +#: sssd-ldap.5.xml:352 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -5791,7 +5808,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:358 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -5800,12 +5817,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:367 +#: sssd-ldap.5.xml:378 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:370 +#: sssd-ldap.5.xml:381 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5813,7 +5830,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:377 +#: sssd-ldap.5.xml:388 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5823,7 +5840,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:397 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5833,67 +5850,67 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:395 +#: sssd-ldap.5.xml:406 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 +#: sssd-ldap.5.xml:415 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:414 +#: sssd-ldap.5.xml:425 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:420 +#: sssd-ldap.5.xml:431 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:423 +#: sssd-ldap.5.xml:434 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:427 sssd-ipa.5.xml:462 sssd-ipa.5.xml:481 sssd-ipa.5.xml:500 -#: sssd-ipa.5.xml:519 +#: sssd-ldap.5.xml:438 sssd-ipa.5.xml:526 sssd-ipa.5.xml:545 sssd-ipa.5.xml:564 +#: sssd-ipa.5.xml:583 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " "multiple search bases." msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:432 sssd-ipa.5.xml:467 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:443 sssd-ipa.5.xml:531 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:450 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:444 +#: sssd-ldap.5.xml:455 msgid "ldap_iphost_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:449 +#: sssd-ldap.5.xml:460 msgid "ldap_ipnetwork_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:465 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:468 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5901,7 +5918,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:463 +#: sssd-ldap.5.xml:474 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5909,12 +5926,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:480 +#: sssd-ldap.5.xml:491 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:483 +#: sssd-ldap.5.xml:494 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5922,12 +5939,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:501 +#: sssd-ldap.5.xml:512 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:504 +#: sssd-ldap.5.xml:515 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5938,12 +5955,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:532 +#: sssd-ldap.5.xml:543 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:546 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5952,12 +5969,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:566 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:569 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5966,7 +5983,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:577 msgid "" "If the connection is idle (not actively running an operation) within " "<emphasis>ldap_opt_timeout</emphasis> seconds of expiration, then it will be " @@ -5977,36 +5994,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:578 +#: sssd-ldap.5.xml:589 msgid "" "This timeout can be extended of a random value specified by " "<emphasis>ldap_connection_expire_offset</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:588 sssd-ldap.5.xml:631 sssd-ldap.5.xml:1749 +#: sssd-ldap.5.xml:599 sssd-ldap.5.xml:642 sssd-ldap.5.xml:1760 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:594 +#: sssd-ldap.5.xml:605 msgid "ldap_connection_expire_offset (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:597 +#: sssd-ldap.5.xml:608 msgid "" "Random offset between 0 and configured value is added to " "<emphasis>ldap_connection_expire_timeout</emphasis>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:624 msgid "ldap_connection_idle_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 +#: sssd-ldap.5.xml:627 msgid "" "Specifies a timeout (in seconds) that an idle connection to an LDAP server " "will be maintained. If the connection is idle for more than this time then " @@ -6014,29 +6031,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:622 +#: sssd-ldap.5.xml:633 msgid "You can disable this timeout by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:648 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:651 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:662 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:654 +#: sssd-ldap.5.xml:665 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -6044,14 +6061,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:660 +#: sssd-ldap.5.xml:671 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:666 +#: sssd-ldap.5.xml:677 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -6059,17 +6076,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:678 +#: sssd-ldap.5.xml:689 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:681 +#: sssd-ldap.5.xml:692 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:684 +#: sssd-ldap.5.xml:695 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -6079,12 +6096,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:699 +#: sssd-ldap.5.xml:710 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 +#: sssd-ldap.5.xml:713 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -6092,17 +6109,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:708 sssd-ldap.5.xml:724 +#: sssd-ldap.5.xml:719 sssd-ldap.5.xml:735 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:715 +#: sssd-ldap.5.xml:726 msgid "ldap_sasl_maxssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:718 +#: sssd-ldap.5.xml:729 msgid "" "When communicating with an LDAP server using SASL, specify the maximal " "security level necessary to establish the connection. The values of this " @@ -6110,12 +6127,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:742 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:734 +#: sssd-ldap.5.xml:745 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -6123,7 +6140,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:740 +#: sssd-ldap.5.xml:751 msgid "" "You can turn off dereference lookups completely by setting the value to 0. " "Please note that there are some codepaths in SSSD, like the IPA HBAC " @@ -6134,7 +6151,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:751 +#: sssd-ldap.5.xml:762 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -6143,7 +6160,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 +#: sssd-ldap.5.xml:770 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -6151,12 +6168,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:783 msgid "ldap_ignore_unreadable_references (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 +#: sssd-ldap.5.xml:786 msgid "" "Ignore unreadable LDAP entries referenced in group's member attribute. If " "this parameter is set to false an error will be returned and the operation " @@ -6164,7 +6181,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:782 +#: sssd-ldap.5.xml:793 msgid "" "This parameter may be useful when using the AD provider and the computer " "account that sssd uses to connect to AD does not have access to a particular " @@ -6172,26 +6189,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:795 +#: sssd-ldap.5.xml:806 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:798 +#: sssd-ldap.5.xml:809 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 +#: sssd-ldap.5.xml:815 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:808 +#: sssd-ldap.5.xml:819 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6199,7 +6216,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:826 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6207,7 +6224,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:821 +#: sssd-ldap.5.xml:832 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -6215,41 +6232,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:838 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:831 +#: sssd-ldap.5.xml:842 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:837 +#: sssd-ldap.5.xml:848 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:840 +#: sssd-ldap.5.xml:851 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 sssd-ldap.5.xml:864 sssd-ldap.5.xml:905 +#: sssd-ldap.5.xml:856 sssd-ldap.5.xml:875 sssd-ldap.5.xml:916 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:852 +#: sssd-ldap.5.xml:863 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:866 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -6259,32 +6276,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:871 +#: sssd-ldap.5.xml:882 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:885 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 +#: sssd-ldap.5.xml:895 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:898 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:907 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:910 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -6292,12 +6309,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 +#: sssd-ldap.5.xml:923 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:926 msgid "" "Specifies that the id_provider connection must also use <systemitem " "class=\"protocol\">tls</systemitem> to protect the channel. <emphasis>true</" @@ -6305,12 +6322,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:937 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:940 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -6318,17 +6335,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:946 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:945 +#: sssd-ldap.5.xml:956 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:959 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -6339,24 +6356,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:960 +#: sssd-ldap.5.xml:971 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:966 +#: sssd-ldap.5.xml:977 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:969 +#: sssd-ldap.5.xml:980 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " "tested and supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 +#: sssd-ldap.5.xml:984 msgid "" "If the backend supports sub-domains the value of ldap_sasl_mech is " "automatically inherited to the sub-domains. If a different value is needed " @@ -6367,12 +6384,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:989 +#: sssd-ldap.5.xml:1000 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1001 +#: sssd-ldap.5.xml:1012 #, no-wrap msgid "" "hostname@REALM\n" @@ -6385,7 +6402,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:992 +#: sssd-ldap.5.xml:1003 msgid "" "Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " "this represents the Kerberos principal used for authentication to the " @@ -6397,17 +6414,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1012 +#: sssd-ldap.5.xml:1023 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1018 +#: sssd-ldap.5.xml:1029 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1032 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6415,49 +6432,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1038 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 +#: sssd-ldap.5.xml:1044 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 +#: sssd-ldap.5.xml:1047 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1041 +#: sssd-ldap.5.xml:1052 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1047 +#: sssd-ldap.5.xml:1058 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1050 +#: sssd-ldap.5.xml:1061 msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 sssd-krb5.5.xml:247 +#: sssd-ldap.5.xml:1070 sssd-krb5.5.xml:247 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 +#: sssd-ldap.5.xml:1076 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 +#: sssd-ldap.5.xml:1079 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -6465,28 +6482,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1080 +#: sssd-ldap.5.xml:1091 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1094 msgid "" "Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1092 sssd-ad.5.xml:1253 +#: sssd-ldap.5.xml:1103 sssd-ad.5.xml:1256 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1098 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1109 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1101 +#: sssd-ldap.5.xml:1112 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6498,7 +6515,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1113 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1124 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6506,7 +6523,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1118 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1129 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -6514,39 +6531,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1127 sssd-ipa.5.xml:531 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1138 sssd-ipa.5.xml:595 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1130 +#: sssd-ldap.5.xml:1141 msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1134 +#: sssd-ldap.5.xml:1145 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1140 include/krb5_options.xml:154 +#: sssd-ldap.5.xml:1151 include/krb5_options.xml:154 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1143 +#: sssd-ldap.5.xml:1154 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1155 sssd-krb5.5.xml:336 +#: sssd-ldap.5.xml:1166 sssd-krb5.5.xml:336 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1158 sssd-krb5.5.xml:339 +#: sssd-ldap.5.xml:1169 sssd-krb5.5.xml:339 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -6556,7 +6573,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 sssd-krb5.5.xml:350 +#: sssd-ldap.5.xml:1180 sssd-krb5.5.xml:350 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -6564,26 +6581,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1183 +#: sssd-ldap.5.xml:1194 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1186 +#: sssd-ldap.5.xml:1197 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1202 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1196 +#: sssd-ldap.5.xml:1207 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -6592,7 +6609,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1204 +#: sssd-ldap.5.xml:1215 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -6600,31 +6617,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1213 +#: sssd-ldap.5.xml:1224 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1232 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1235 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 +#: sssd-ldap.5.xml:1239 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1233 +#: sssd-ldap.5.xml:1244 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6637,51 +6654,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1263 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1255 +#: sssd-ldap.5.xml:1266 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1259 +#: sssd-ldap.5.xml:1270 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1265 +#: sssd-ldap.5.xml:1276 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1279 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 +#: sssd-ldap.5.xml:1284 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1290 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 +#: sssd-ldap.5.xml:1293 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1288 +#: sssd-ldap.5.xml:1299 msgid "" "It is recommend to set this option explicitly if \"ldap_pwd_policy = " "shadow\" is used to let SSSD know if the LDAP server will update " @@ -6690,12 +6707,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1313 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1305 +#: sssd-ldap.5.xml:1316 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6711,12 +6728,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1336 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1328 +#: sssd-ldap.5.xml:1339 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6725,14 +6742,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1332 +#: sssd-ldap.5.xml:1343 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 +#: sssd-ldap.5.xml:1348 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6741,24 +6758,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1345 sssd-ldap.5.xml:1401 +#: sssd-ldap.5.xml:1356 sssd-ldap.5.xml:1412 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1351 +#: sssd-ldap.5.xml:1362 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1354 +#: sssd-ldap.5.xml:1365 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1358 +#: sssd-ldap.5.xml:1369 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6766,19 +6783,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1365 +#: sssd-ldap.5.xml:1376 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1368 +#: sssd-ldap.5.xml:1379 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1373 +#: sssd-ldap.5.xml:1384 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6787,7 +6804,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1380 +#: sssd-ldap.5.xml:1391 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6795,7 +6812,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1386 +#: sssd-ldap.5.xml:1397 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6804,7 +6821,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1394 +#: sssd-ldap.5.xml:1405 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6812,22 +6829,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1407 +#: sssd-ldap.5.xml:1418 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1410 sssd-ipa.5.xml:356 +#: sssd-ldap.5.xml:1421 sssd-ipa.5.xml:420 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 +#: sssd-ldap.5.xml:1425 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1417 +#: sssd-ldap.5.xml:1428 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6837,14 +6854,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1427 +#: sssd-ldap.5.xml:1438 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1434 +#: sssd-ldap.5.xml:1445 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6857,12 +6874,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1451 +#: sssd-ldap.5.xml:1462 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 sssd-ipa.5.xml:364 +#: sssd-ldap.5.xml:1466 sssd-ipa.5.xml:428 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6872,31 +6889,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1465 sssd-ipa.5.xml:374 +#: sssd-ldap.5.xml:1476 sssd-ipa.5.xml:438 msgid "" "The difference between these options is the action taken if user password is " "expired:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1470 sssd-ipa.5.xml:379 +#: sssd-ldap.5.xml:1481 sssd-ipa.5.xml:443 msgid "pwd_expire_policy_reject - user is denied to log in," msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1476 sssd-ipa.5.xml:385 +#: sssd-ldap.5.xml:1487 sssd-ipa.5.xml:449 msgid "pwd_expire_policy_warn - user is still able to log in," msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1482 sssd-ipa.5.xml:391 +#: sssd-ldap.5.xml:1493 sssd-ipa.5.xml:455 msgid "" "pwd_expire_policy_renew - user is prompted to change their password " "immediately." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1490 +#: sssd-ldap.5.xml:1501 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to shadow or mit_kerberos, these " @@ -6904,50 +6921,50 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1507 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1501 +#: sssd-ldap.5.xml:1512 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1505 +#: sssd-ldap.5.xml:1516 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1520 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1514 +#: sssd-ldap.5.xml:1525 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1528 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1524 +#: sssd-ldap.5.xml:1535 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 +#: sssd-ldap.5.xml:1538 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6956,74 +6973,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:1546 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1538 +#: sssd-ldap.5.xml:1549 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1555 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1558 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1563 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1556 +#: sssd-ldap.5.xml:1567 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1561 +#: sssd-ldap.5.xml:1572 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1566 +#: sssd-ldap.5.xml:1577 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 +#: sssd-ldap.5.xml:1582 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1579 +#: sssd-ldap.5.xml:1590 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1593 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1586 +#: sssd-ldap.5.xml:1597 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -7034,7 +7051,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1597 +#: sssd-ldap.5.xml:1608 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -7042,58 +7059,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1609 sssd-ifp.5.xml:152 +#: sssd-ldap.5.xml:1620 sssd-ifp.5.xml:152 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1612 +#: sssd-ldap.5.xml:1623 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1616 +#: sssd-ldap.5.xml:1627 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1631 msgid "Default: 1000 (often the size of one page)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1626 +#: sssd-ldap.5.xml:1637 msgid "ldap_library_debug_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1629 +#: sssd-ldap.5.xml:1640 msgid "" "Switches on libldap debugging with the given level. The libldap debug " "messages will be written independent of the general debug_level." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1634 +#: sssd-ldap.5.xml:1645 msgid "" "OpenLDAP uses a bitmap to enable debugging for specific components, -1 will " "enable full debug output." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1639 +#: sssd-ldap.5.xml:1650 msgid "Default: 0 (libldap debugging disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1645 +#: sssd-ldap.5.xml:1656 msgid "ldap_use_ppolicy (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1659 msgid "" "Turns on requesting and relying on the server-side password policy controls. " "Disabling this allows interacting with services which send back invalid " @@ -7101,12 +7118,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1671 msgid "ldap_ppolicy_pwd_change_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1663 +#: sssd-ldap.5.xml:1674 msgid "" "Forces a password change when server side password policy controls are " "enabled and remaining grace logins returned by the server after the " @@ -7129,12 +7146,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1683 +#: sssd-ldap.5.xml:1694 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1685 +#: sssd-ldap.5.xml:1696 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -7142,43 +7159,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 +#: sssd-ldap.5.xml:1707 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 +#: sssd-ldap.5.xml:1710 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1715 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1709 +#: sssd-ldap.5.xml:1720 msgid "" "You can disable full refresh by setting this option to 0. However, either " "smart or full refresh must be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1725 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1720 +#: sssd-ldap.5.xml:1731 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1734 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest " @@ -7186,14 +7203,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1740 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1733 +#: sssd-ldap.5.xml:1744 msgid "" "<emphasis>Note:</emphasis> the highest USN value can be updated by three " "tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " @@ -7203,19 +7220,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1744 +#: sssd-ldap.5.xml:1755 msgid "" "You can disable smart refresh by setting this option to 0. However, either " "smart or full refresh must be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1755 +#: sssd-ldap.5.xml:1766 msgid "ldap_sudo_random_offset (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1758 +#: sssd-ldap.5.xml:1769 msgid "" "Random offset between 0 and configured value is added to smart and full " "refresh periods each time the periodic task is scheduled. The value is in " @@ -7223,7 +7240,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 +#: sssd-ldap.5.xml:1775 msgid "" "Note that this random offset is also applied on the first SSSD start which " "delays the first sudo rules refresh. This prolongs the time when the sudo " @@ -7231,106 +7248,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1770 +#: sssd-ldap.5.xml:1781 msgid "You can disable this offset by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1780 +#: sssd-ldap.5.xml:1791 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1794 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1794 +#: sssd-ldap.5.xml:1805 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1797 +#: sssd-ldap.5.xml:1808 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1813 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1807 sssd-ldap.5.xml:1830 sssd-ldap.5.xml:1848 -#: sssd-ldap.5.xml:1866 +#: sssd-ldap.5.xml:1818 sssd-ldap.5.xml:1841 sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1877 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1812 sssd-ldap.5.xml:1835 +#: sssd-ldap.5.xml:1823 sssd-ldap.5.xml:1846 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1818 +#: sssd-ldap.5.xml:1829 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1821 +#: sssd-ldap.5.xml:1832 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1826 +#: sssd-ldap.5.xml:1837 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1841 +#: sssd-ldap.5.xml:1852 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1855 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1870 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1862 +#: sssd-ldap.5.xml:1873 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:1872 +#: sssd-ldap.5.xml:1883 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1884 +#: sssd-ldap.5.xml:1895 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7339,59 +7356,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1894 +#: sssd-ldap.5.xml:1905 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1896 +#: sssd-ldap.5.xml:1907 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1913 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1905 +#: sssd-ldap.5.xml:1916 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1919 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1919 +#: sssd-ldap.5.xml:1930 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1926 +#: sssd-ldap.5.xml:1937 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1931 +#: sssd-ldap.5.xml:1942 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1936 +#: sssd-ldap.5.xml:1947 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:1941 +#: sssd-ldap.5.xml:1952 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:1943 +#: sssd-ldap.5.xml:1954 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -7400,22 +7417,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:1950 +#: sssd-ldap.5.xml:1961 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:1963 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1968 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1921 +#: sssd-ldap.5.xml:1932 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -7424,14 +7441,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1972 sssd-simple.5.xml:131 sssd-ipa.5.xml:930 -#: sssd-ad.5.xml:1392 sssd-krb5.5.xml:483 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:1983 sssd-simple.5.xml:131 sssd-ipa.5.xml:994 +#: sssd-ad.5.xml:1459 sssd-krb5.5.xml:483 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:155 sssd-session-recording.5.xml:176 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1974 +#: sssd-ldap.5.xml:1985 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -7439,7 +7456,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1980 +#: sssd-ldap.5.xml:1991 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7452,27 +7469,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:1979 sssd-ldap.5.xml:1997 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:938 sssd-ad.5.xml:1400 sssd-sudo.5.xml:56 sssd-krb5.5.xml:492 -#: sssd-files.5.xml:162 sssd-files.5.xml:173 sssd-session-recording.5.xml:182 -#: include/ldap_id_mapping.xml:105 +#: sssd-ldap.5.xml:1990 sssd-ldap.5.xml:2008 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:1002 sssd-ad.5.xml:1467 sssd-sudo.5.xml:56 +#: sssd-krb5.5.xml:492 sssd-files.5.xml:162 sssd-files.5.xml:173 +#: sssd-session-recording.5.xml:182 include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1991 +#: sssd-ldap.5.xml:2002 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1993 +#: sssd-ldap.5.xml:2004 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1998 +#: sssd-ldap.5.xml:2009 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7488,13 +7505,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2013 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1415 sssd.8.xml:270 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2024 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1482 sssd.8.xml:270 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2015 +#: sssd-ldap.5.xml:2026 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -9733,7 +9750,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 sssd-ad.5.xml:1182 +#: sssd-ipa.5.xml:129 sssd-ad.5.xml:1185 msgid "dyndns_update (boolean)" msgstr "" @@ -9748,7 +9765,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:141 sssd-ad.5.xml:1196 +#: sssd-ipa.5.xml:141 sssd-ad.5.xml:1199 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -9763,12 +9780,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:158 sssd-ad.5.xml:1207 +#: sssd-ipa.5.xml:158 sssd-ad.5.xml:1210 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:161 sssd-ad.5.xml:1210 +#: sssd-ipa.5.xml:161 sssd-ad.5.xml:1213 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -9789,12 +9806,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:178 sssd-ad.5.xml:1221 +#: sssd-ipa.5.xml:178 sssd-ad.5.xml:1224 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:181 sssd-ad.5.xml:1224 +#: sssd-ipa.5.xml:181 sssd-ad.5.xml:1227 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -9818,17 +9835,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:198 sssd-ad.5.xml:1235 +#: sssd-ipa.5.xml:198 sssd-ad.5.xml:1238 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:204 sssd-ad.5.xml:1291 +#: sssd-ipa.5.xml:204 sssd-ad.5.xml:1294 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:207 sssd-ad.5.xml:1294 +#: sssd-ipa.5.xml:207 sssd-ad.5.xml:1297 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -9836,17 +9853,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:213 sssd-ad.5.xml:1300 +#: sssd-ipa.5.xml:213 sssd-ad.5.xml:1303 msgid "Default: GSS-TSIG" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:219 sssd-ad.5.xml:1306 +#: sssd-ipa.5.xml:219 sssd-ad.5.xml:1309 msgid "dyndns_auth_ptr (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:222 sssd-ad.5.xml:1309 +#: sssd-ipa.5.xml:222 sssd-ad.5.xml:1312 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "PTR updates with the DNS server, insecure updates can be sent by setting " @@ -9854,7 +9871,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:228 sssd-ad.5.xml:1315 +#: sssd-ipa.5.xml:228 sssd-ad.5.xml:1318 msgid "Default: Same as dyndns_auth" msgstr "" @@ -9881,7 +9898,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1241 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1244 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -9894,12 +9911,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:276 sssd-ad.5.xml:1259 +#: sssd-ipa.5.xml:276 sssd-ad.5.xml:1262 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 sssd-ad.5.xml:1262 +#: sssd-ipa.5.xml:279 sssd-ad.5.xml:1265 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -9913,7 +9930,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:290 sssd-ad.5.xml:1267 +#: sssd-ipa.5.xml:290 sssd-ad.5.xml:1270 msgid "" "Note that <emphasis>dyndns_update_per_family</emphasis> parameter does not " "apply for PTR record updates. Those updates are always sent separately." @@ -9925,60 +9942,77 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1278 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1281 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:304 sssd-ad.5.xml:1281 +#: sssd-ipa.5.xml:304 sssd-ad.5.xml:1284 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:308 sssd-ad.5.xml:1285 +#: sssd-ipa.5.xml:308 sssd-ad.5.xml:1288 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:314 sssd-ad.5.xml:1321 +#: sssd-ipa.5.xml:314 sssd-ad.5.xml:1324 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1324 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1327 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 sssd-ad.5.xml:1329 +#: sssd-ipa.5.xml:322 sssd-ad.5.xml:1332 msgid "" "Setting this option makes sense for environments where the DNS server is " -"different from the identity server." +"different from the identity server or when we use encrypted DNS." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:327 sssd-ad.5.xml:1337 +msgid "" +"The parameter can be a simple string containing DNS name or IP address. It " +"can also be an URI. The URI can look like <emphasis>dns://servername/</" +"emphasis> or <emphasis>dns+tls://1.2.3.4:853#servername/</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:334 sssd-ad.5.xml:1344 +msgid "" +"The second example enables DNS-over-TLS protocol for DNS updates. The " +"nsupdate utility must support DoT - check the <emphasis>man nsupdate</" +"emphasis> before enabling it in SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:327 sssd-ad.5.xml:1334 +#: sssd-ipa.5.xml:340 sssd-ad.5.xml:1350 msgid "" "Please note that this option will be only used in fallback attempt when " -"previous attempt using autodetected settings failed." +"previous attempt using autodetected settings failed or when DNS-over-TLS is " +"enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:332 sssd-ad.5.xml:1339 +#: sssd-ipa.5.xml:346 sssd-ad.5.xml:1356 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:338 sssd-ad.5.xml:1345 +#: sssd-ipa.5.xml:352 sssd-ad.5.xml:1362 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:341 sssd-ad.5.xml:1348 +#: sssd-ipa.5.xml:355 sssd-ad.5.xml:1365 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -9986,177 +10020,233 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:353 +#: sssd-ipa.5.xml:367 sssd-ad.5.xml:1377 +msgid "dyndns_dot_cacert (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:370 sssd-ad.5.xml:1380 +msgid "" +"This option specifies the file of the certificate authorities certificates " +"(in PEM format) in order to verify the remote server TLS certificate when " +"using DoT." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:376 sssd-ad.5.xml:1386 +msgid "Default: None (use global certificate store)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:382 sssd-ad.5.xml:1392 +msgid "dyndns_dot_cert (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:385 sssd-ad.5.xml:1395 +msgid "" +"This option sets the certificate(s) file for authentication for the DoT " +"transport to the remote server. The certificate chain file is expected to be " +"in PEM format." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:391 sssd-ad.5.xml:1401 +msgid "" +"The <emphasis>dyndns_dot_cert</emphasis> and <emphasis>dyndns_dot_key</" +"emphasis> options must be both set to achieve mutual TLS authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:396 sssd-ipa.5.xml:411 sssd-ad.5.xml:1406 sssd-ad.5.xml:1421 +msgid "Default: None (Do not use TLS authentication)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:402 sssd-ad.5.xml:1412 +msgid "dyndns_dot_key (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:405 sssd-ad.5.xml:1415 +msgid "" +"This option sets the key file for authenticated encryption for the DoT " +"transport to the remote server. The private key file is expected to be in " +"PEM format." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:417 msgid "ipa_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:360 +#: sssd-ipa.5.xml:424 msgid "<emphasis>expire</emphasis>: use IPA's account expiration policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:399 +#: sssd-ipa.5.xml:463 msgid "" "Please note that 'access_provider = ipa' must be set for this feature to " "work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:406 +#: sssd-ipa.5.xml:470 msgid "ipa_deskprofile_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:409 +#: sssd-ipa.5.xml:473 msgid "" "Optional. Use the given string as search base for Desktop Profile related " "objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:413 sssd-ipa.5.xml:440 +#: sssd-ipa.5.xml:477 sssd-ipa.5.xml:504 msgid "Default: Use base DN" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:419 +#: sssd-ipa.5.xml:483 msgid "ipa_subid_ranges_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:422 +#: sssd-ipa.5.xml:486 msgid "" "Optional. Use the given string as search base for subordinate ranges related " "objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:426 +#: sssd-ipa.5.xml:490 msgid "Default: the value of <emphasis>cn=subids,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:433 +#: sssd-ipa.5.xml:497 msgid "ipa_hbac_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:436 +#: sssd-ipa.5.xml:500 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:446 +#: sssd-ipa.5.xml:510 msgid "ipa_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:449 +#: sssd-ipa.5.xml:513 msgid "Deprecated. Use ldap_host_search_base instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:455 +#: sssd-ipa.5.xml:519 msgid "ipa_selinux_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:458 +#: sssd-ipa.5.xml:522 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:474 +#: sssd-ipa.5.xml:538 msgid "ipa_subdomains_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:477 +#: sssd-ipa.5.xml:541 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 +#: sssd-ipa.5.xml:550 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:493 +#: sssd-ipa.5.xml:557 msgid "ipa_master_domain_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:496 +#: sssd-ipa.5.xml:560 msgid "Optional. Use the given string as search base for master domain object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:505 +#: sssd-ipa.5.xml:569 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 +#: sssd-ipa.5.xml:576 msgid "ipa_views_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 +#: sssd-ipa.5.xml:579 msgid "Optional. Use the given string as search base for views containers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:524 +#: sssd-ipa.5.xml:588 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:534 +#: sssd-ipa.5.xml:598 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:538 +#: sssd-ipa.5.xml:602 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:546 sssd-ad.5.xml:1363 +#: sssd-ipa.5.xml:610 sssd-ad.5.xml:1430 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:549 sssd-ad.5.xml:1366 +#: sssd-ipa.5.xml:613 sssd-ad.5.xml:1433 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:553 sssd-ad.5.xml:1370 +#: sssd-ipa.5.xml:617 sssd-ad.5.xml:1437 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:557 sssd-ad.5.xml:1374 +#: sssd-ipa.5.xml:621 sssd-ad.5.xml:1441 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:564 +#: sssd-ipa.5.xml:628 msgid "ipa_deskprofile_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:567 +#: sssd-ipa.5.xml:631 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server. This will reduce the latency and load on the IPA server if there " @@ -10164,34 +10254,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:574 sssd-ipa.5.xml:604 sssd-ipa.5.xml:620 sssd-ad.5.xml:600 +#: sssd-ipa.5.xml:638 sssd-ipa.5.xml:668 sssd-ipa.5.xml:684 sssd-ad.5.xml:600 msgid "Default: 5 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:580 +#: sssd-ipa.5.xml:644 msgid "ipa_deskprofile_request_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:583 +#: sssd-ipa.5.xml:647 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server in case the last request did not return any rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:588 +#: sssd-ipa.5.xml:652 msgid "Default: 60 (minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:594 +#: sssd-ipa.5.xml:658 msgid "ipa_hbac_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:597 +#: sssd-ipa.5.xml:661 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -10199,12 +10289,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:610 +#: sssd-ipa.5.xml:674 msgid "ipa_hbac_selinux (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:613 +#: sssd-ipa.5.xml:677 msgid "" "The amount of time between lookups of the SELinux maps against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -10212,33 +10302,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:626 +#: sssd-ipa.5.xml:690 msgid "ipa_server_mode (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:629 +#: sssd-ipa.5.xml:693 msgid "" "This option will be set by the IPA installer (ipa-server-install) " "automatically and denotes if SSSD is running on an IPA server or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:634 +#: sssd-ipa.5.xml:698 msgid "" "On an IPA server SSSD will lookup users and groups from trusted domains " "directly while on a client it will ask an IPA server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:639 +#: sssd-ipa.5.xml:703 msgid "" "NOTE: There are currently some assumptions that must be met when SSSD is " "running on an IPA server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:644 +#: sssd-ipa.5.xml:708 msgid "" "The <quote>ipa_server</quote> option must be configured to point to the IPA " "server itself. This is already the default set by the IPA installer, so no " @@ -10246,59 +10336,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:653 +#: sssd-ipa.5.xml:717 msgid "" "The <quote>full_name_format</quote> option must not be tweaked to only print " "short names for users from trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:668 +#: sssd-ipa.5.xml:732 msgid "ipa_automount_location (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:671 +#: sssd-ipa.5.xml:735 msgid "The automounter location this IPA client will be using" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:674 +#: sssd-ipa.5.xml:738 msgid "Default: The location named \"default\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:682 +#: sssd-ipa.5.xml:746 msgid "VIEWS AND OVERRIDES" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:691 +#: sssd-ipa.5.xml:755 msgid "ipa_view_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:694 +#: sssd-ipa.5.xml:758 msgid "Objectclass of the view container." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:697 +#: sssd-ipa.5.xml:761 msgid "Default: nsContainer" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:703 +#: sssd-ipa.5.xml:767 msgid "ipa_view_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:706 +#: sssd-ipa.5.xml:770 msgid "Name of the attribute holding the name of the view." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:710 sssd-ldap-attributes.5.xml:496 +#: sssd-ipa.5.xml:774 sssd-ldap-attributes.5.xml:496 #: sssd-ldap-attributes.5.xml:832 sssd-ldap-attributes.5.xml:913 #: sssd-ldap-attributes.5.xml:1010 sssd-ldap-attributes.5.xml:1068 #: sssd-ldap-attributes.5.xml:1226 sssd-ldap-attributes.5.xml:1271 @@ -10306,128 +10396,128 @@ msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:716 +#: sssd-ipa.5.xml:780 msgid "ipa_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:719 +#: sssd-ipa.5.xml:783 msgid "Objectclass of the override objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:722 +#: sssd-ipa.5.xml:786 msgid "Default: ipaOverrideAnchor" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:728 +#: sssd-ipa.5.xml:792 msgid "ipa_anchor_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:731 +#: sssd-ipa.5.xml:795 msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:735 +#: sssd-ipa.5.xml:799 msgid "Default: ipaAnchorUUID" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:741 +#: sssd-ipa.5.xml:805 msgid "ipa_user_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:744 +#: sssd-ipa.5.xml:808 msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:749 +#: sssd-ipa.5.xml:813 msgid "User overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:752 +#: sssd-ipa.5.xml:816 msgid "ldap_user_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:755 +#: sssd-ipa.5.xml:819 msgid "ldap_user_uid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:758 +#: sssd-ipa.5.xml:822 msgid "ldap_user_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:761 +#: sssd-ipa.5.xml:825 msgid "ldap_user_gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:764 +#: sssd-ipa.5.xml:828 msgid "ldap_user_home_directory" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:767 +#: sssd-ipa.5.xml:831 msgid "ldap_user_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:770 +#: sssd-ipa.5.xml:834 msgid "ldap_user_ssh_public_key" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:775 +#: sssd-ipa.5.xml:839 msgid "Default: ipaUserOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:781 +#: sssd-ipa.5.xml:845 msgid "ipa_group_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:784 +#: sssd-ipa.5.xml:848 msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:789 +#: sssd-ipa.5.xml:853 msgid "Group overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:792 +#: sssd-ipa.5.xml:856 msgid "ldap_group_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:795 +#: sssd-ipa.5.xml:859 msgid "ldap_group_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:800 +#: sssd-ipa.5.xml:864 msgid "Default: ipaGroupOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:684 +#: sssd-ipa.5.xml:748 msgid "" "SSSD can handle views and overrides which are offered by FreeIPA 4.1 and " "later version. Since all paths and objectclasses are fixed on the server " @@ -10437,19 +10527,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:812 +#: sssd-ipa.5.xml:876 msgid "SUBDOMAINS PROVIDER" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:814 +#: sssd-ipa.5.xml:878 msgid "" "The IPA subdomains provider behaves slightly differently if it is configured " "explicitly or implicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:818 +#: sssd-ipa.5.xml:882 msgid "" "If the option 'subdomains_provider = ipa' is found in the domain section of " "sssd.conf, the IPA subdomains provider is configured explicitly, and all " @@ -10457,7 +10547,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:824 +#: sssd-ipa.5.xml:888 msgid "" "If the option 'subdomains_provider' is not set in the domain section of sssd." "conf but there is the option 'id_provider = ipa', the IPA subdomains " @@ -10469,12 +10559,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:835 +#: sssd-ipa.5.xml:899 msgid "TRUSTED DOMAINS CONFIGURATION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:843 +#: sssd-ipa.5.xml:907 #, no-wrap msgid "" "[domain/ipa.domain.com/ad.domain.com]\n" @@ -10482,7 +10572,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:837 +#: sssd-ipa.5.xml:901 msgid "" "Some configuration options can also be set for a trusted domain. A trusted " "domain configuration can be set using the trusted domain subsection as shown " @@ -10492,80 +10582,80 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:848 +#: sssd-ipa.5.xml:912 msgid "" "For more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:855 +#: sssd-ipa.5.xml:919 msgid "" "Different configuration options are tunable for a trusted domain depending " "on whether you are configuring SSSD on an IPA server or an IPA client." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:860 +#: sssd-ipa.5.xml:924 msgid "OPTIONS TUNABLE ON IPA MASTERS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:862 +#: sssd-ipa.5.xml:926 msgid "" "The following options can be set in a subdomain section on an IPA master:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:866 sssd-ipa.5.xml:896 +#: sssd-ipa.5.xml:930 sssd-ipa.5.xml:960 msgid "ad_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:869 +#: sssd-ipa.5.xml:933 msgid "ad_backup_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:872 sssd-ipa.5.xml:899 +#: sssd-ipa.5.xml:936 sssd-ipa.5.xml:963 msgid "ad_site" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:875 +#: sssd-ipa.5.xml:939 msgid "ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:878 +#: sssd-ipa.5.xml:942 msgid "ldap_user_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:881 +#: sssd-ipa.5.xml:945 msgid "ldap_group_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:890 +#: sssd-ipa.5.xml:954 msgid "OPTIONS TUNABLE ON IPA CLIENTS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:892 +#: sssd-ipa.5.xml:956 msgid "" "The following options can be set in a subdomain section on an IPA client:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:904 +#: sssd-ipa.5.xml:968 msgid "" "Note that if both options are set, only <quote>ad_server</quote> is " "evaluated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:908 +#: sssd-ipa.5.xml:972 msgid "" "Since any request for a user or a group identity from a trusted domain " "triggered from an IPA client is resolved by the IPA server, the " @@ -10579,7 +10669,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:932 +#: sssd-ipa.5.xml:996 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10587,7 +10677,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:939 +#: sssd-ipa.5.xml:1003 #, no-wrap msgid "" "[domain/example.com]\n" @@ -11713,6 +11803,11 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:1136 +msgid "This option is deprecated." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1139 msgid "" "If this option is set to <quote>true</quote> SSSD will not filter out Domain " "Local groups from remote domains in the AD forest. By default they are " @@ -11723,7 +11818,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1146 +#: sssd-ad.5.xml:1149 msgid "" "Please note that setting this option to <quote>true</quote> will be against " "the intention of Domain Local group in Active Directory and <emphasis>SHOULD " @@ -11738,7 +11833,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1162 +#: sssd-ad.5.xml:1165 msgid "" "Given the comments above, if this option is set to <quote>true</quote> the " "tokenGroups request must be disabled by setting <quote>ldap_use_tokengroups</" @@ -11750,7 +11845,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1185 +#: sssd-ad.5.xml:1188 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -11761,19 +11856,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1215 +#: sssd-ad.5.xml:1218 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1231 +#: sssd-ad.5.xml:1234 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1244 +#: sssd-ad.5.xml:1247 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -11783,7 +11878,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1394 +#: sssd-ad.5.xml:1461 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -11791,7 +11886,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1401 +#: sssd-ad.5.xml:1468 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -11806,7 +11901,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1421 +#: sssd-ad.5.xml:1488 #, no-wrap msgid "" "access_provider = ldap\n" @@ -11815,7 +11910,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1417 +#: sssd-ad.5.xml:1484 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -11823,7 +11918,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1427 +#: sssd-ad.5.xml:1494 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -11833,7 +11928,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1435 +#: sssd-ad.5.xml:1502 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -17392,7 +17487,7 @@ msgstr "" #: include/ldap_id_mapping.xml:67 msgid "" "The SSSD ID-mapping algorithm takes a range of available UIDs and divides it " -"into equally-sized component sections - called \"slices\"-. Each slice " +"into equally-sized component sections - called \"slices\". Each slice " "represents the space available to an Active Directory domain." msgstr "" @@ -17537,7 +17632,7 @@ msgid "" "For example, if your most recently-added Active Directory user has " "objectSid=S-1-5-21-2153326666-2176343378-3404031434-1107, " "<quote>ldap_idmap_range_size</quote> must be at least 1108 as range size is " -"equal to maximal SID minus minimal SID plus one (e.g. 1108 = 1107 - 0 + 1)." +"equal to maximal RID minus minimal RID plus one (e.g. 1108 = 1107 - 0 + 1)." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> diff --git a/src/man/po/fi.po b/src/man/po/fi.po index 9201be2ddf5..d4d5694bea8 100644 --- a/src/man/po/fi.po +++ b/src/man/po/fi.po @@ -3,7 +3,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 2.3.0\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2024-10-15 11:44+0200\n" +"POT-Creation-Date: 2024-12-10 14:33+0100\n" "PO-Revision-Date: 2022-03-20 19:16+0000\n" "Last-Translator: Jan Kuparinen <copper_fin@hotmail.com>\n" "Language-Team: Finnish <https://translate.fedoraproject.org/projects/sssd/" @@ -112,17 +112,17 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:60 msgid "" -"<filename>sssd.conf</filename> must be a regular file that is owned, " -"readable, and writeable by the same user as configured to run SSSD service." +"<filename>sssd.conf</filename> must be a regular file that is accessible " +"only by the user used to run SSSD service or root." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:67 +#: sssd.conf.5.xml:66 msgid "CONFIGURATION SNIPPETS FROM INCLUDE DIRECTORY" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:70 +#: sssd.conf.5.xml:69 msgid "" "The configuration file <filename>sssd.conf</filename> will include " "configuration snippets using the include directory <filename>conf.d</" @@ -130,7 +130,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:76 +#: sssd.conf.5.xml:75 msgid "" "Any file placed in <filename>conf.d</filename> that ends in " "<quote><filename>.conf</filename></quote> and does not begin with a dot " @@ -139,7 +139,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:84 +#: sssd.conf.5.xml:83 msgid "" "The configuration snippets from <filename>conf.d</filename> have higher " "priority than <filename>sssd.conf</filename> and will override " @@ -152,39 +152,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:98 +#: sssd.conf.5.xml:97 msgid "" "The snippet files require the same owner and permissions as <filename>sssd." "conf</filename>." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:104 +#: sssd.conf.5.xml:103 msgid "GENERAL OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:106 +#: sssd.conf.5.xml:105 msgid "Following options are usable in more than one configuration sections." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:110 +#: sssd.conf.5.xml:109 msgid "Options usable in all sections" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:114 +#: sssd.conf.5.xml:113 msgid "debug_level (integer)" msgstr "debug_level (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:118 +#: sssd.conf.5.xml:117 msgid "debug (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:121 +#: sssd.conf.5.xml:120 msgid "" "SSSD 1.14 and later also includes the <replaceable>debug</replaceable> alias " "for <replaceable>debug_level</replaceable> as a convenience feature. If both " @@ -193,62 +193,62 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:131 +#: sssd.conf.5.xml:130 msgid "debug_timestamps (bool)" msgstr "debug_timestamps (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:134 +#: sssd.conf.5.xml:133 msgid "" "Add a timestamp to the debug messages. If journald is enabled for SSSD " "debug logging this option is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 sssd.conf.5.xml:176 sssd.conf.5.xml:338 -#: sssd.conf.5.xml:698 sssd.conf.5.xml:713 sssd.conf.5.xml:923 -#: sssd.conf.5.xml:1041 sssd.conf.5.xml:2169 sssd-ldap.5.xml:920 -#: sssd-ldap.5.xml:1074 sssd-ldap.5.xml:1177 sssd-ldap.5.xml:1246 -#: sssd-ldap.5.xml:1654 sssd-ldap.5.xml:1788 sssd-ldap.5.xml:1853 -#: sssd-ipa.5.xml:347 sssd-ad.5.xml:252 sssd-ad.5.xml:367 sssd-ad.5.xml:1201 -#: sssd-ad.5.xml:1354 sssd-krb5.5.xml:358 +#: sssd.conf.5.xml:138 sssd.conf.5.xml:175 sssd.conf.5.xml:337 +#: sssd.conf.5.xml:701 sssd.conf.5.xml:716 sssd.conf.5.xml:926 +#: sssd.conf.5.xml:1044 sssd.conf.5.xml:2172 sssd-ldap.5.xml:931 +#: sssd-ldap.5.xml:1085 sssd-ldap.5.xml:1188 sssd-ldap.5.xml:1257 +#: sssd-ldap.5.xml:1665 sssd-ldap.5.xml:1799 sssd-ldap.5.xml:1864 +#: sssd-ipa.5.xml:361 sssd-ad.5.xml:252 sssd-ad.5.xml:367 sssd-ad.5.xml:1204 +#: sssd-ad.5.xml:1371 sssd-krb5.5.xml:358 msgid "Default: true" msgstr "Oletus:tosi" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:144 +#: sssd.conf.5.xml:143 msgid "debug_microseconds (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:147 +#: sssd.conf.5.xml:146 msgid "" "Add microseconds to the timestamp in debug messages. If journald is enabled " "for SSSD debug logging this option is ignored." msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:152 sssd.conf.5.xml:636 sssd.conf.5.xml:920 -#: sssd.conf.5.xml:2072 sssd.conf.5.xml:2139 sssd.conf.5.xml:4231 -#: sssd-ldap.5.xml:313 sssd-ldap.5.xml:939 sssd-ldap.5.xml:1149 -#: sssd-ldap.5.xml:1603 sssd-ldap.5.xml:1877 sssd-ipa.5.xml:152 -#: sssd-ipa.5.xml:254 sssd-ipa.5.xml:662 sssd-ad.5.xml:1107 sssd-krb5.5.xml:268 +#: sssd.conf.5.xml:151 sssd.conf.5.xml:639 sssd.conf.5.xml:923 +#: sssd.conf.5.xml:2075 sssd.conf.5.xml:2142 sssd.conf.5.xml:4234 +#: sssd-ldap.5.xml:324 sssd-ldap.5.xml:950 sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1888 sssd-ipa.5.xml:152 +#: sssd-ipa.5.xml:254 sssd-ipa.5.xml:726 sssd-ad.5.xml:1107 sssd-krb5.5.xml:268 #: sssd-krb5.5.xml:330 sssd-krb5.5.xml:432 include/krb5_options.xml:163 msgid "Default: false" msgstr "Oletus:epätosi" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:157 +#: sssd.conf.5.xml:156 msgid "debug_backtrace_enabled (bool)" msgstr "debug_backtrace_enabled (boolean)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:160 +#: sssd.conf.5.xml:159 msgid "Enable debug backtrace." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:163 +#: sssd.conf.5.xml:162 msgid "" "In case SSSD is run with debug_level less than 9, everything is logged to a " "ring buffer in memory and flushed to a log file on any error up to and " @@ -258,15 +258,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:172 +#: sssd.conf.5.xml:171 msgid "" "Feature is only supported for `logger == files` (i.e. setting doesn't have " "effect for other logger types)." msgstr "" #. type: Content of: outside any tag (error?) -#: sssd.conf.5.xml:112 sssd.conf.5.xml:187 sssd-ldap.5.xml:1694 -#: sssd-ldap.5.xml:1900 sss-certmap.5.xml:645 sssd-systemtap.5.xml:82 +#: sssd.conf.5.xml:111 sssd.conf.5.xml:186 sssd-ldap.5.xml:1705 +#: sssd-ldap.5.xml:1911 sss-certmap.5.xml:645 sssd-systemtap.5.xml:82 #: sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 #: sssd-systemtap.5.xml:330 sssd-ldap-attributes.5.xml:40 #: sssd-ldap-attributes.5.xml:661 sssd-ldap-attributes.5.xml:803 @@ -278,17 +278,17 @@ msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:185 +#: sssd.conf.5.xml:184 msgid "Options usable in SERVICE and DOMAIN sections" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:189 +#: sssd.conf.5.xml:188 msgid "timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:192 +#: sssd.conf.5.xml:191 msgid "" "Timeout in seconds between heartbeats for this service. This is used to " "ensure that the process is alive and capable of answering requests. Note " @@ -296,33 +296,33 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:199 sssd.conf.5.xml:1261 sssd.conf.5.xml:1738 -#: sssd.conf.5.xml:4247 sssd-ldap.5.xml:766 include/ldap_id_mapping.xml:270 +#: sssd.conf.5.xml:198 sssd.conf.5.xml:1264 sssd.conf.5.xml:1741 +#: sssd.conf.5.xml:4250 sssd-ldap.5.xml:777 include/ldap_id_mapping.xml:270 msgid "Default: 10" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:209 +#: sssd.conf.5.xml:208 msgid "SPECIAL SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:212 +#: sssd.conf.5.xml:211 msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><title> -#: sssd.conf.5.xml:221 +#: sssd.conf.5.xml:220 msgid "Section parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:223 +#: sssd.conf.5.xml:222 msgid "services" msgstr "palvelut" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:226 +#: sssd.conf.5.xml:225 msgid "" "Comma separated list of services that are started when sssd itself starts. " "<phrase condition=\"have_systemd\"> The services' list is optional on " @@ -331,7 +331,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:235 +#: sssd.conf.5.xml:234 msgid "" "Supported services: nss, pam, ifp <phrase condition=\"with_sudo\">, sudo</" "phrase> <phrase condition=\"with_autofs\">, autofs</phrase> <phrase " @@ -340,7 +340,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:242 +#: sssd.conf.5.xml:241 msgid "" "<phrase condition=\"have_systemd\"> By default, all services are disabled " "and the administrator must enable the ones allowed to be used by executing: " @@ -348,12 +348,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:251 +#: sssd.conf.5.xml:250 msgid "domains" msgstr "toimialueet" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:254 +#: sssd.conf.5.xml:253 msgid "" "A domain is a database containing user information. SSSD can use more " "domains at the same time, but at least one must be configured or SSSD won't " @@ -364,19 +364,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:267 sssd.conf.5.xml:3535 +#: sssd.conf.5.xml:266 sssd.conf.5.xml:3538 msgid "re_expression (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:270 +#: sssd.conf.5.xml:269 msgid "" "Default regular expression that describes how to parse the string containing " "user name and domain into these components." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:275 +#: sssd.conf.5.xml:274 msgid "" "Each domain can have an individual regular expression configured. For some " "ID providers there are also default regular expressions. See DOMAIN SECTIONS " @@ -384,12 +384,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:284 sssd.conf.5.xml:3592 +#: sssd.conf.5.xml:283 sssd.conf.5.xml:3595 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:3595 +#: sssd.conf.5.xml:286 sssd.conf.5.xml:3598 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -397,58 +397,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:298 sssd.conf.5.xml:3606 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:3609 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 sssd.conf.5.xml:3607 +#: sssd.conf.5.xml:298 sssd.conf.5.xml:3610 msgid "user name" msgstr "käyttäjänimi" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:302 sssd.conf.5.xml:3610 +#: sssd.conf.5.xml:301 sssd.conf.5.xml:3613 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:305 sssd.conf.5.xml:3613 +#: sssd.conf.5.xml:304 sssd.conf.5.xml:3616 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:311 sssd.conf.5.xml:3619 +#: sssd.conf.5.xml:310 sssd.conf.5.xml:3622 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:314 sssd.conf.5.xml:3622 +#: sssd.conf.5.xml:313 sssd.conf.5.xml:3625 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:295 sssd.conf.5.xml:3603 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:3606 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:324 +#: sssd.conf.5.xml:323 msgid "" "Each domain can have an individual format string configured. See DOMAIN " "SECTIONS for more info on this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:330 +#: sssd.conf.5.xml:329 msgid "monitor_resolv_conf (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:333 +#: sssd.conf.5.xml:332 msgid "" "Controls if SSSD should monitor the state of resolv.conf to identify when it " "needs to update its internal DNS resolver." @@ -457,12 +457,12 @@ msgstr "" "tunnistaakseen, milloin sen on päivitettävä sisäinen DNS-selvittäjä." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:343 +#: sssd.conf.5.xml:342 msgid "try_inotify (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:346 +#: sssd.conf.5.xml:345 msgid "" "By default, SSSD will attempt to use inotify to monitor configuration files " "changes and will fall back to polling every five seconds if inotify cannot " @@ -470,7 +470,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:352 +#: sssd.conf.5.xml:351 msgid "" "There are some limited situations where it is preferred that we should skip " "even trying to use inotify. In these rare cases, this option should be set " @@ -478,26 +478,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:358 +#: sssd.conf.5.xml:357 msgid "" "Default: true on platforms where inotify is supported. False on other " "platforms." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:362 +#: sssd.conf.5.xml:361 msgid "" "Note: this option will have no effect on platforms where inotify is " "unavailable. On these platforms, polling will always be used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 +#: sssd.conf.5.xml:368 msgid "krb5_rcache_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 +#: sssd.conf.5.xml:371 msgid "" "Directory on the filesystem where SSSD should store Kerberos replay cache " "files." @@ -506,26 +506,26 @@ msgstr "" "toiston välimuistitiedostot." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:376 +#: sssd.conf.5.xml:375 msgid "" "This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " "SSSD to let libkrb5 decide the appropriate location for the replay cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:382 +#: sssd.conf.5.xml:381 msgid "" "Default: Distribution-specific and specified at build-time. " "(__LIBKRB5_DEFAULTS__ if not configured)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:389 +#: sssd.conf.5.xml:388 msgid "user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:392 +#: sssd.conf.5.xml:391 msgid "" "A legacy (deprecated) method to configure the user to drop the privileges to " "where appropriate to avoid running as the root user. The only supported " @@ -533,14 +533,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 +#: sssd.conf.5.xml:398 msgid "" "This option is ignored if main SSSD process is started under non-root user " "initially (preferred method)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:404 +#: sssd.conf.5.xml:403 msgid "" "This option doesn't apply to socket activated services, as in this case the " "user to run the processes is configured in systemd service files. Keep in " @@ -550,17 +550,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:415 +#: sssd.conf.5.xml:414 msgid "Default: not set, process will run as root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:420 +#: sssd.conf.5.xml:419 msgid "default_domain_suffix (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:423 +#: sssd.conf.5.xml:422 +msgid "" +"Please note that this option is deprecated and domain_resolution_order " +"should be used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:426 msgid "" "This string will be used as a default domain name for all names without a " "domain name component. The main use case is environments where the primary " @@ -570,7 +577,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 +#: sssd.conf.5.xml:436 msgid "" "Please note that if this option is set all users from the primary domain " "have to use their fully qualified name, e.g. user@domain.name, to log in. " @@ -583,8 +590,8 @@ msgid "" msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:450 sssd-ldap.5.xml:878 sssd-ldap.5.xml:890 -#: sssd-ldap.5.xml:983 sssd-ad.5.xml:921 sssd-ad.5.xml:996 sssd-krb5.5.xml:468 +#: sssd.conf.5.xml:453 sssd-ldap.5.xml:889 sssd-ldap.5.xml:901 +#: sssd-ldap.5.xml:994 sssd-ad.5.xml:921 sssd-ad.5.xml:996 sssd-krb5.5.xml:468 #: sssd-ldap-attributes.5.xml:470 sssd-ldap-attributes.5.xml:978 #: include/ldap_id_mapping.xml:211 include/ldap_id_mapping.xml:222 #: include/krb5_options.xml:148 @@ -592,12 +599,12 @@ msgid "Default: not set" msgstr "Oletus: ei asetettu" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:455 +#: sssd.conf.5.xml:458 msgid "override_space (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:458 +#: sssd.conf.5.xml:461 msgid "" "This parameter will replace spaces (space bar) with the given character for " "user and group names. e.g. (_). User name "john doe" will be " @@ -607,7 +614,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:467 +#: sssd.conf.5.xml:470 msgid "" "Please note it is a configuration error to use a replacement character that " "might be used in user or group names. If a name contains the replacement " @@ -616,22 +623,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:475 +#: sssd.conf.5.xml:478 msgid "Default: not set (spaces will not be replaced)" msgstr "Oletus: ei asetettu(välilyöntejä ei korvata)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:480 +#: sssd.conf.5.xml:483 msgid "certificate_verification (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:488 +#: sssd.conf.5.xml:491 msgid "no_ocsp" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:490 +#: sssd.conf.5.xml:493 msgid "" "Disables Online Certificate Status Protocol (OCSP) checks. This might be " "needed if the OCSP servers defined in the certificate are not reachable from " @@ -639,12 +646,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:498 +#: sssd.conf.5.xml:501 msgid "soft_ocsp" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:500 +#: sssd.conf.5.xml:503 msgid "" "If a connection cannot be established to an OCSP responder the OCSP check is " "skipped. This option should be used to allow authentication when the system " @@ -652,61 +659,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:510 +#: sssd.conf.5.xml:513 msgid "ocsp_dgst" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:512 +#: sssd.conf.5.xml:515 msgid "" "Digest (hash) function used to create the certificate ID for the OCSP " "request. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:516 +#: sssd.conf.5.xml:519 msgid "sha1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:517 +#: sssd.conf.5.xml:520 msgid "sha256" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:518 +#: sssd.conf.5.xml:521 msgid "sha384" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:519 +#: sssd.conf.5.xml:522 msgid "sha512" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:522 +#: sssd.conf.5.xml:525 msgid "Default: sha1 (to allow compatibility with RFC5019-compliant responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:528 +#: sssd.conf.5.xml:531 msgid "no_verification" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:530 +#: sssd.conf.5.xml:533 msgid "" "Disables verification completely. This option should only be used for " "testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:536 +#: sssd.conf.5.xml:539 msgid "partial_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:538 +#: sssd.conf.5.xml:541 msgid "" "Allow verification to succeed even if a <replaceable>complete</replaceable> " "chain cannot be built to a self-signed trust-anchor, provided it is possible " @@ -714,12 +721,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:547 +#: sssd.conf.5.xml:550 msgid "ocsp_default_responder=URL" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:549 +#: sssd.conf.5.xml:552 msgid "" "Sets the OCSP default responder which should be used instead of the one " "mentioned in the certificate. URL must be replaced with the URL of the OCSP " @@ -727,24 +734,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:559 +#: sssd.conf.5.xml:562 msgid "ocsp_default_responder_signing_cert=NAME" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:561 +#: sssd.conf.5.xml:564 msgid "" "This option is currently ignored. All needed certificates must be available " "in the PEM file given by pam_cert_db_path." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:569 +#: sssd.conf.5.xml:572 msgid "crl_file=/PATH/TO/CRL/FILE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:571 +#: sssd.conf.5.xml:574 msgid "" "Use the Certificate Revocation List (CRL) from the given file during the " "verification of the certificate. The CRL must be given in PEM format, see " @@ -753,12 +760,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:584 +#: sssd.conf.5.xml:587 msgid "soft_crl" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:587 +#: sssd.conf.5.xml:590 msgid "" "If a Certificate Revocation List (CRL) is expired ignore the expiration " "time of the CRL and check the related certificates with the expired CRL. " @@ -767,7 +774,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:483 +#: sssd.conf.5.xml:486 msgid "" "With this parameter the certificate verification can be tuned with a comma " "separated list of options. Supported options are: <placeholder " @@ -775,58 +782,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 +#: sssd.conf.5.xml:603 msgid "Unknown options are reported but ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:603 +#: sssd.conf.5.xml:606 msgid "Default: not set, i.e. do not restrict certificate verification" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:609 +#: sssd.conf.5.xml:612 msgid "disable_netlink (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:612 +#: sssd.conf.5.xml:615 msgid "" "SSSD hooks into the netlink interface to monitor changes to routes, " "addresses, links and trigger certain actions." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 +#: sssd.conf.5.xml:620 msgid "" "The SSSD state changes caused by netlink events may be undesirable and can " "be disabled by setting this option to 'true'" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:622 +#: sssd.conf.5.xml:625 msgid "Default: false (netlink changes are detected)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:627 +#: sssd.conf.5.xml:630 msgid "enable_files_domain (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:630 +#: sssd.conf.5.xml:633 msgid "" "When this option is enabled, SSSD prepends an implicit domain with " "<quote>id_provider=files</quote> before any explicitly configured domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:641 +#: sssd.conf.5.xml:644 msgid "domain_resolution_order" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:644 +#: sssd.conf.5.xml:647 msgid "" "Comma separated list of domains and subdomains representing the lookup order " "that will be followed. The list doesn't have to include all possible " @@ -837,7 +844,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:656 +#: sssd.conf.5.xml:659 msgid "" "Please, note that when this option is set the output format of all commands " "is always fully-qualified even when using short names for input <phrase " @@ -855,18 +862,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:684 sssd.conf.5.xml:1762 sssd.conf.5.xml:4297 +#: sssd.conf.5.xml:687 sssd.conf.5.xml:1765 sssd.conf.5.xml:4300 #: sssd-ad.5.xml:187 sssd-ad.5.xml:328 sssd-ad.5.xml:342 msgid "Default: Not set" msgstr "Oletus: ei asetettu" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:692 msgid "implicit_pac_responder (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 +#: sssd.conf.5.xml:695 msgid "" "The PAC responder is enabled automatically for the IPA and AD provider to " "evaluate and check the PAC. If it has to be disabled set this option to " @@ -874,12 +881,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:703 +#: sssd.conf.5.xml:706 msgid "core_dumpable (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:706 +#: sssd.conf.5.xml:709 msgid "" "This option can be used for general system hardening: setting it to 'false' " "forbids core dumps for all SSSD processes to avoid leaking plain text " @@ -887,24 +894,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:718 +#: sssd.conf.5.xml:721 msgid "passkey_verification (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:726 +#: sssd.conf.5.xml:729 msgid "user_verification (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 +#: sssd.conf.5.xml:731 msgid "" "Enable or disable the user verification (i.e. PIN, fingerprint) during " "authentication. If enabled, the PIN will always be requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 +#: sssd.conf.5.xml:737 msgid "" "The default is that the key settings decide what to do. In the IPA or " "kerberos pre-authentication case, this value will be overwritten by the " @@ -912,7 +919,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:721 +#: sssd.conf.5.xml:724 msgid "" "With this parameter the passkey verification can be tuned with a comma " "separated list of options. Supported options are: <placeholder " @@ -920,7 +927,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:214 +#: sssd.conf.5.xml:213 msgid "" "Individual pieces of SSSD functionality are provided by special SSSD " "services that are started and stopped together with SSSD. The services are " @@ -931,12 +938,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:753 +#: sssd.conf.5.xml:756 msgid "SERVICES SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:755 +#: sssd.conf.5.xml:758 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -945,22 +952,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:762 +#: sssd.conf.5.xml:765 msgid "General service configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:764 +#: sssd.conf.5.xml:767 msgid "These options can be used to configure any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:768 +#: sssd.conf.5.xml:771 msgid "fd_limit" msgstr "fd_limit" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:771 +#: sssd.conf.5.xml:774 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -970,17 +977,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:780 +#: sssd.conf.5.xml:783 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:785 +#: sssd.conf.5.xml:788 msgid "client_idle_timeout" msgstr "client_idle_timeout" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:788 +#: sssd.conf.5.xml:791 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " @@ -990,17 +997,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:797 +#: sssd.conf.5.xml:800 msgid "Default: 60, KCM: 300" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 +#: sssd.conf.5.xml:805 msgid "offline_timeout (integer)" msgstr "offline_timeout (integeri)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 +#: sssd.conf.5.xml:808 msgid "" "When SSSD switches to offline mode the amount of time before it tries to go " "back online will increase based upon the time spent disconnected. By " @@ -1011,14 +1018,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:816 sssd.conf.5.xml:872 +#: sssd.conf.5.xml:819 sssd.conf.5.xml:875 msgid "" "new_delay = Minimum(old_delay * 2, offline_timeout_max) + random[0..." "offline_timeout_random_offset]" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:822 msgid "" "The offline_timeout default value is 60. The offline_timeout_max default " "value is 3600. The offline_timeout_random_offset default value is 30. The " @@ -1026,44 +1033,44 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:825 +#: sssd.conf.5.xml:828 msgid "" "Note that the maximum length of each interval is defined by " "offline_timeout_max (apart of random part)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:829 sssd.conf.5.xml:1172 sssd.conf.5.xml:1555 -#: sssd.conf.5.xml:1851 sssd-ldap.5.xml:495 +#: sssd.conf.5.xml:832 sssd.conf.5.xml:1175 sssd.conf.5.xml:1558 +#: sssd.conf.5.xml:1854 sssd-ldap.5.xml:506 msgid "Default: 60" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:834 +#: sssd.conf.5.xml:837 msgid "offline_timeout_max (integer)" msgstr "offline_timeout_max (integeri)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:837 +#: sssd.conf.5.xml:840 msgid "" "Controls by how much the time between attempts to go online can be " "incremented following unsuccessful attempts to go online." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:842 +#: sssd.conf.5.xml:845 msgid "A value of 0 disables the incrementing behaviour." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:845 +#: sssd.conf.5.xml:848 msgid "" "The value of this parameter should be set in correlation to offline_timeout " "parameter value." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:849 +#: sssd.conf.5.xml:852 msgid "" "With offline_timeout set to 60 (default value) there is no point in setting " "offlinet_timeout_max to less than 120 as it will saturate instantly. General " @@ -1072,58 +1079,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:858 msgid "" "Although a value between 0 and offline_timeout may be specified, it has the " "effect of overriding the offline_timeout value so is of little use." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:863 msgid "Default: 3600" msgstr "Oletus: 3600" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:865 +#: sssd.conf.5.xml:868 msgid "offline_timeout_random_offset (integer)" msgstr "offline_timeout_random_offset (integeri)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:868 +#: sssd.conf.5.xml:871 msgid "" "When SSSD is in offline mode it keeps probing backend servers in specified " "time intervals:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:875 +#: sssd.conf.5.xml:878 msgid "" "This parameter controls the value of the random offset used for the above " "equation. Final random_offset value will be random number in range:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:880 +#: sssd.conf.5.xml:883 msgid "[0 - offline_timeout_random_offset]" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:883 +#: sssd.conf.5.xml:886 msgid "A value of 0 disables the random offset addition." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:886 +#: sssd.conf.5.xml:889 msgid "Default: 30" msgstr "Oletus: 30" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:894 msgid "responder_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:894 +#: sssd.conf.5.xml:897 msgid "" "This option specifies the number of seconds that an SSSD responder process " "can be up without being used. This value is limited in order to avoid " @@ -1135,58 +1142,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:908 sssd.conf.5.xml:1185 sssd.conf.5.xml:2304 -#: sssd-ldap.5.xml:332 +#: sssd.conf.5.xml:911 sssd.conf.5.xml:1188 sssd.conf.5.xml:2307 +#: sssd-ldap.5.xml:343 msgid "Default: 300" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:913 +#: sssd.conf.5.xml:916 msgid "cache_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:916 +#: sssd.conf.5.xml:919 msgid "" "This option specifies whether the responder should query all caches before " "querying the Data Providers." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:934 msgid "NSS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:933 +#: sssd.conf.5.xml:936 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:938 +#: sssd.conf.5.xml:941 msgid "enum_cache_timeout (integer)" msgstr "enum_cache_timeout (integeri)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:941 +#: sssd.conf.5.xml:944 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:945 +#: sssd.conf.5.xml:948 msgid "Default: 120" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:950 +#: sssd.conf.5.xml:953 msgid "entry_cache_nowait_percentage (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:956 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -1194,7 +1201,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:959 +#: sssd.conf.5.xml:962 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -1204,7 +1211,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:969 +#: sssd.conf.5.xml:972 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -1213,17 +1220,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:977 sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:980 sssd.conf.5.xml:2096 msgid "Default: 50" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:985 msgid "entry_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:985 +#: sssd.conf.5.xml:988 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -1231,17 +1238,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:991 sssd.conf.5.xml:1750 sssd.conf.5.xml:2117 +#: sssd.conf.5.xml:994 sssd.conf.5.xml:1753 sssd.conf.5.xml:2120 msgid "Default: 15" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:996 +#: sssd.conf.5.xml:999 msgid "local_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:999 +#: sssd.conf.5.xml:1002 msgid "" "Specifies for how many seconds nss_sss should keep local users and groups in " "negative cache before trying to look it up in the back end again. Setting " @@ -1249,17 +1256,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1005 +#: sssd.conf.5.xml:1008 msgid "Default: 14400 (4 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1013 msgid "filter_users, filter_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1013 +#: sssd.conf.5.xml:1016 msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " @@ -1268,7 +1275,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1024 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1277,41 +1284,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1029 +#: sssd.conf.5.xml:1032 msgid "Default: root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1037 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1037 +#: sssd.conf.5.xml:1040 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1048 +#: sssd.conf.5.xml:1051 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 +#: sssd.conf.5.xml:1054 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1056 +#: sssd.conf.5.xml:1059 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1062 +#: sssd.conf.5.xml:1065 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1319,23 +1326,23 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 sssd.conf.5.xml:1622 sssd.conf.5.xml:1641 -#: sssd.conf.5.xml:1718 sssd-krb5.5.xml:451 include/override_homedir.xml:66 +#: sssd.conf.5.xml:1063 sssd.conf.5.xml:1625 sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1721 sssd-krb5.5.xml:451 include/override_homedir.xml:66 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "Esimerkki: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1069 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1072 +#: sssd.conf.5.xml:1075 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 +#: sssd.conf.5.xml:1078 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1343,47 +1350,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1084 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1090 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1093 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:1096 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1097 +#: sssd.conf.5.xml:1100 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1105 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 +#: sssd.conf.5.xml:1110 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1110 +#: sssd.conf.5.xml:1113 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1391,113 +1398,113 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1117 +#: sssd.conf.5.xml:1120 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1123 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1127 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1132 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1132 +#: sssd.conf.5.xml:1135 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1140 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1143 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1147 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1152 msgid "default_shell" msgstr "Oletuskomentorivitulkki" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1155 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1161 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 sssd.conf.5.xml:1548 +#: sssd.conf.5.xml:1168 sssd.conf.5.xml:1551 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 sssd.conf.5.xml:1551 +#: sssd.conf.5.xml:1171 sssd.conf.5.xml:1554 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1180 msgid "memcache_timeout (integer)" msgstr "memcache_timeout (integeri)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1180 +#: sssd.conf.5.xml:1183 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1191 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 sssd.conf.5.xml:1219 sssd.conf.5.xml:1244 -#: sssd.conf.5.xml:1269 sssd.conf.5.xml:1296 +#: sssd.conf.5.xml:1197 sssd.conf.5.xml:1222 sssd.conf.5.xml:1247 +#: sssd.conf.5.xml:1272 sssd.conf.5.xml:1299 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1202 +#: sssd.conf.5.xml:1205 msgid "memcache_size_passwd (integer)" msgstr "memcache_size_passwd (integeri)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1205 +#: sssd.conf.5.xml:1208 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for passwd requests. Setting the size to 0 will disable the passwd in-" @@ -1505,25 +1512,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:2963 sssd-ldap.5.xml:549 +#: sssd.conf.5.xml:1214 sssd.conf.5.xml:2966 sssd-ldap.5.xml:560 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1214 sssd.conf.5.xml:1239 sssd.conf.5.xml:1264 -#: sssd.conf.5.xml:1291 +#: sssd.conf.5.xml:1217 sssd.conf.5.xml:1242 sssd.conf.5.xml:1267 +#: sssd.conf.5.xml:1294 msgid "" "WARNING: Disabled or too small in-memory cache can have significant negative " "impact on SSSD's performance." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1230 msgid "memcache_size_group (integer)" msgstr "memcache_size_group (integeri)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1233 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for group requests. Setting the size to 0 will disable the group in-memory " @@ -1531,19 +1538,19 @@ msgid "" msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1236 sssd.conf.5.xml:1288 sssd.conf.5.xml:3724 -#: sssd-ldap.5.xml:474 sssd-ldap.5.xml:526 include/failover.xml:116 +#: sssd.conf.5.xml:1239 sssd.conf.5.xml:1291 sssd.conf.5.xml:3727 +#: sssd-ldap.5.xml:485 sssd-ldap.5.xml:537 include/failover.xml:116 #: include/krb5_options.xml:11 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1252 +#: sssd.conf.5.xml:1255 msgid "memcache_size_initgroups (integer)" msgstr "memcache_size_initgroups (integeri)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1255 +#: sssd.conf.5.xml:1258 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for initgroups requests. Setting the size to 0 will disable the initgroups " @@ -1551,14 +1558,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 +#: sssd.conf.5.xml:1280 #, fuzzy #| msgid "memcache_size_passwd (integer)" msgid "memcache_size_sid (integer)" msgstr "memcache_size_passwd (integeri)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 +#: sssd.conf.5.xml:1283 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for SID related requests. Only SID-by-ID and ID-by-SID requests are " @@ -1567,12 +1574,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1304 sssd-ifp.5.xml:90 +#: sssd.conf.5.xml:1307 sssd-ifp.5.xml:90 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1307 +#: sssd.conf.5.xml:1310 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1583,43 +1590,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1320 +#: sssd.conf.5.xml:1323 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1325 +#: sssd.conf.5.xml:1328 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1330 +#: sssd.conf.5.xml:1333 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1336 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1341 msgid "Default: <quote>*</quote>" msgstr "Oletus: <quote>*</quote>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1341 +#: sssd.conf.5.xml:1344 msgid "" "Note: This option can also be set per-domain which overwrites the value in " "[nss] section." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1348 msgid "" "Default: <quote>not set</quote> (remote domains), <phrase " "condition=\"with_files_provider\"> <quote>x</quote> (the files domain), </" @@ -1628,60 +1635,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1360 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1359 +#: sssd.conf.5.xml:1362 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1364 +#: sssd.conf.5.xml:1367 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1367 +#: sssd.conf.5.xml:1370 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1372 sssd.conf.5.xml:1385 +#: sssd.conf.5.xml:1375 sssd.conf.5.xml:1388 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1381 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1384 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1391 +#: sssd.conf.5.xml:1394 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1394 +#: sssd.conf.5.xml:1397 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1399 +#: sssd.conf.5.xml:1402 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1689,59 +1696,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1405 sssd.conf.5.xml:1515 +#: sssd.conf.5.xml:1408 sssd.conf.5.xml:1518 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1411 +#: sssd.conf.5.xml:1414 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1414 +#: sssd.conf.5.xml:1417 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1422 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1422 +#: sssd.conf.5.xml:1425 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1425 +#: sssd.conf.5.xml:1428 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1432 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1435 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1436 sssd.8.xml:63 +#: sssd.conf.5.xml:1439 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1442 +#: sssd.conf.5.xml:1445 msgid "pam_response_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:1448 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1750,51 +1757,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1453 +#: sssd.conf.5.xml:1456 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1463 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1461 +#: sssd.conf.5.xml:1464 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1464 +#: sssd.conf.5.xml:1467 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1465 +#: sssd.conf.5.xml:1468 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:1472 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1470 +#: sssd.conf.5.xml:1473 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1458 +#: sssd.conf.5.xml:1461 msgid "" "Currently the following filters are supported: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1477 +#: sssd.conf.5.xml:1480 msgid "" "The list of strings can either be the list of filters which would set this " "list of filters and overwrite the defaults. Or each element of the list can " @@ -1805,23 +1812,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1488 +#: sssd.conf.5.xml:1491 msgid "Default: ENV:KRB5CCNAME:sudo, ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1491 +#: sssd.conf.5.xml:1494 msgid "" "Example: -ENV:KRB5CCNAME:sudo-i will remove the filter from the default list" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1498 +#: sssd.conf.5.xml:1501 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1501 +#: sssd.conf.5.xml:1504 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1829,7 +1836,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1507 +#: sssd.conf.5.xml:1510 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1838,17 +1845,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1521 +#: sssd.conf.5.xml:1524 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1524 sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:1527 sssd.conf.5.xml:2990 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1527 +#: sssd.conf.5.xml:1530 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1856,32 +1863,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1533 sssd.conf.5.xml:2990 +#: sssd.conf.5.xml:1536 sssd.conf.5.xml:2993 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1541 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1543 sssd.conf.5.xml:3990 sssd-ldap.5.xml:607 -#: sssd-ldap.5.xml:1673 sssd.8.xml:79 +#: sssd.conf.5.xml:1546 sssd.conf.5.xml:3993 sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:1684 sssd.8.xml:79 msgid "Default: 0" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1560 +#: sssd.conf.5.xml:1563 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1563 +#: sssd.conf.5.xml:1566 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1891,75 +1898,75 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1573 +#: sssd.conf.5.xml:1576 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1577 +#: sssd.conf.5.xml:1580 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1584 +#: sssd.conf.5.xml:1587 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1587 +#: sssd.conf.5.xml:1590 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1591 +#: sssd.conf.5.xml:1594 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1595 +#: sssd.conf.5.xml:1598 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1602 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1603 sssd.conf.5.xml:1628 sssd.conf.5.xml:1647 -#: sssd.conf.5.xml:1884 sssd.conf.5.xml:2725 sssd.conf.5.xml:3919 -#: sssd-ldap.5.xml:1210 +#: sssd.conf.5.xml:1606 sssd.conf.5.xml:1631 sssd.conf.5.xml:1650 +#: sssd.conf.5.xml:1887 sssd.conf.5.xml:2728 sssd.conf.5.xml:3922 +#: sssd-ldap.5.xml:1221 msgid "Default: none" msgstr "Oletus: ei mitään" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1611 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1611 +#: sssd.conf.5.xml:1614 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1616 +#: sssd.conf.5.xml:1619 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1627 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1967,19 +1974,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1633 +#: sssd.conf.5.xml:1636 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1639 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1643 +#: sssd.conf.5.xml:1646 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1987,46 +1994,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1652 +#: sssd.conf.5.xml:1655 msgid "pam_passkey_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1655 +#: sssd.conf.5.xml:1658 msgid "Enable passkey device based authentication." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1658 sssd.conf.5.xml:1970 sssd-ad.5.xml:1272 +#: sssd.conf.5.xml:1661 sssd.conf.5.xml:1973 sssd-ad.5.xml:1275 #: sss_rpcidmapd.5.xml:76 sssd-files.5.xml:145 msgid "Default: True" msgstr "Oletus:tosi" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1663 +#: sssd.conf.5.xml:1666 msgid "passkey_debug_libfido2 (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1666 +#: sssd.conf.5.xml:1669 msgid "Enable libfido2 library debug messages." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1669 sssd.conf.5.xml:1683 sssd-ldap.5.xml:672 -#: sssd-ldap.5.xml:693 sssd-ldap.5.xml:789 sssd-ldap.5.xml:1296 -#: sssd-ad.5.xml:506 sssd-ad.5.xml:582 sssd-ad.5.xml:1127 sssd-ad.5.xml:1176 +#: sssd.conf.5.xml:1672 sssd.conf.5.xml:1686 sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:704 sssd-ldap.5.xml:800 sssd-ldap.5.xml:1307 +#: sssd-ad.5.xml:506 sssd-ad.5.xml:582 sssd-ad.5.xml:1127 sssd-ad.5.xml:1179 #: include/ldap_id_mapping.xml:250 msgid "Default: False" msgstr "Oletus:epätosi" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1674 +#: sssd.conf.5.xml:1677 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1677 +#: sssd.conf.5.xml:1680 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -2034,34 +2041,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1688 +#: sssd.conf.5.xml:1691 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1691 +#: sssd.conf.5.xml:1694 msgid "The path to the certificate database." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1694 sssd.conf.5.xml:2219 sssd.conf.5.xml:4411 +#: sssd.conf.5.xml:1697 sssd.conf.5.xml:2222 sssd.conf.5.xml:4414 msgid "Default:" msgstr "Oletus:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1696 sssd.conf.5.xml:2221 +#: sssd.conf.5.xml:1699 sssd.conf.5.xml:2224 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (path to a file with trusted CA " "certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:1709 msgid "pam_cert_verification (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:1712 msgid "" "With this parameter the PAM certificate verification can be tuned with a " "comma separated list of options that override the " @@ -2071,7 +2078,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:1723 #, no-wrap msgid "" "pam_cert_verification = partial_chain\n" @@ -2081,61 +2088,61 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:1727 msgid "" "Default: not set, i.e. use default <quote>certificate_verification</quote> " "option defined in <quote>[sssd]</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1731 +#: sssd.conf.5.xml:1734 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1734 +#: sssd.conf.5.xml:1737 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1743 +#: sssd.conf.5.xml:1746 #, fuzzy #| msgid "entry_cache_timeout (integer)" msgid "passkey_child_timeout (integer)" msgstr "entry_cache_timeout (integeri)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 +#: sssd.conf.5.xml:1749 msgid "" "How many seconds will the PAM responder wait for passkey_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1758 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1761 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1767 +#: sssd.conf.5.xml:1770 msgid "pam_p11_allowed_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1770 +#: sssd.conf.5.xml:1773 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1785 +#: sssd.conf.5.xml:1788 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -2143,7 +2150,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1774 +#: sssd.conf.5.xml:1777 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -2155,63 +2162,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1789 sssd-ad.5.xml:645 sssd-ad.5.xml:754 sssd-ad.5.xml:812 +#: sssd.conf.5.xml:1792 sssd-ad.5.xml:645 sssd-ad.5.xml:754 sssd-ad.5.xml:812 #: sssd-ad.5.xml:870 sssd-ad.5.xml:948 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1794 sssd-ad.5.xml:649 +#: sssd.conf.5.xml:1797 sssd-ad.5.xml:649 msgid "login" msgstr "kirjautuminen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1799 sssd-ad.5.xml:654 +#: sssd.conf.5.xml:1802 sssd-ad.5.xml:654 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1804 sssd-ad.5.xml:659 +#: sssd.conf.5.xml:1807 sssd-ad.5.xml:659 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1809 sssd-ad.5.xml:674 +#: sssd.conf.5.xml:1812 sssd-ad.5.xml:674 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1814 sssd-ad.5.xml:669 +#: sssd.conf.5.xml:1817 sssd-ad.5.xml:669 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1819 sssd-ad.5.xml:679 +#: sssd.conf.5.xml:1822 sssd-ad.5.xml:679 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1824 sssd-ad.5.xml:957 +#: sssd.conf.5.xml:1827 sssd-ad.5.xml:957 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1829 sssd-ad.5.xml:962 +#: sssd.conf.5.xml:1832 sssd-ad.5.xml:962 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1837 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1845 msgid "p11_wait_for_card_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1845 +#: sssd.conf.5.xml:1848 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2219,12 +2226,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1856 +#: sssd.conf.5.xml:1859 msgid "p11_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1859 +#: sssd.conf.5.xml:1862 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " @@ -2235,7 +2242,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1872 +#: sssd.conf.5.xml:1875 #, no-wrap msgid "" "p11_uri = pkcs11:slot-description=My%20Smartcard%20Reader\n" @@ -2243,7 +2250,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1876 +#: sssd.conf.5.xml:1879 #, no-wrap msgid "" "p11_uri = pkcs11:library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2251,7 +2258,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1870 +#: sssd.conf.5.xml:1873 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2260,47 +2267,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1892 msgid "pam_initgroups_scheme" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1897 +#: sssd.conf.5.xml:1900 msgid "always" msgstr "aina" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1898 +#: sssd.conf.5.xml:1901 msgid "" "Always do an online lookup, please note that pam_id_timeout still applies" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1902 +#: sssd.conf.5.xml:1905 msgid "no_session" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1903 +#: sssd.conf.5.xml:1906 msgid "" "Only do an online lookup if there is no active session of the user, i.e. if " "the user is currently not logged in" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1908 +#: sssd.conf.5.xml:1911 msgid "never" msgstr "Ei koskaan" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1909 +#: sssd.conf.5.xml:1912 msgid "" "Never force an online lookup, use the data from the cache as long as they " "are not expired" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1892 +#: sssd.conf.5.xml:1895 msgid "" "The PAM responder can force an online lookup to get the current group " "memberships of the user trying to log in. This option controls when this " @@ -2309,30 +2316,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1916 +#: sssd.conf.5.xml:1919 msgid "Default: no_session" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1921 sssd.conf.5.xml:4350 +#: sssd.conf.5.xml:1924 sssd.conf.5.xml:4353 msgid "pam_gssapi_services" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1924 +#: sssd.conf.5.xml:1927 msgid "" "Comma separated list of PAM services that are allowed to try GSSAPI " "authentication using pam_sss_gss.so module." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:1932 msgid "" "To disable GSSAPI authentication, set this option to <quote>-</quote> (dash)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1933 sssd.conf.5.xml:1964 sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:1936 sssd.conf.5.xml:1967 sssd.conf.5.xml:2005 msgid "" "Note: This option can also be set per-domain which overwrites the value in " "[pam] section. It can also be set for trusted domain which overwrites the " @@ -2340,7 +2347,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1941 +#: sssd.conf.5.xml:1944 #, no-wrap msgid "" "pam_gssapi_services = sudo, sudo-i\n" @@ -2350,22 +2357,22 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1939 sssd.conf.5.xml:3913 +#: sssd.conf.5.xml:1942 sssd.conf.5.xml:3916 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "Esimerkki: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1945 +#: sssd.conf.5.xml:1948 msgid "Default: - (GSSAPI authentication is disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1950 sssd.conf.5.xml:4351 +#: sssd.conf.5.xml:1953 sssd.conf.5.xml:4354 msgid "pam_gssapi_check_upn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1953 +#: sssd.conf.5.xml:1956 msgid "" "If True, SSSD will require that the Kerberos user principal that " "successfully authenticated through GSSAPI can be associated with the user " @@ -2373,19 +2380,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1960 +#: sssd.conf.5.xml:1963 msgid "" "If False, every user that is able to obtained required service ticket will " "be authenticated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:1978 msgid "pam_gssapi_indicators_map" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1978 +#: sssd.conf.5.xml:1981 msgid "" "Comma separated list of authentication indicators required to be present in " "a Kerberos ticket to access a PAM service that is allowed to try GSSAPI " @@ -2393,7 +2400,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1984 +#: sssd.conf.5.xml:1987 msgid "" "Each element of the list can be either an authentication indicator name or a " "pair <quote>service:indicator</quote>. Indicators not prefixed with the PAM " @@ -2408,7 +2415,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1997 +#: sssd.conf.5.xml:2000 msgid "" "To disable GSSAPI authentication indicator check, set this option to <quote>-" "</quote> (dash). To disable the check for a specific PAM service, add " @@ -2416,45 +2423,45 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2008 +#: sssd.conf.5.xml:2011 msgid "" "Following authentication indicators are supported by IPA Kerberos " "deployments:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2011 +#: sssd.conf.5.xml:2014 msgid "" "pkinit -- pre-authentication using X.509 certificates -- whether stored in " "files or on smart cards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2014 +#: sssd.conf.5.xml:2017 msgid "" "hardened -- SPAKE pre-authentication or any pre-authentication wrapped in a " "FAST channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2017 +#: sssd.conf.5.xml:2020 msgid "radius -- pre-authentication with the help of a RADIUS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2020 +#: sssd.conf.5.xml:2023 msgid "" "otp -- pre-authentication using integrated two-factor authentication (2FA or " "one-time password, OTP) in IPA." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2023 +#: sssd.conf.5.xml:2026 msgid "idp -- pre-authentication using external identity provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2033 +#: sssd.conf.5.xml:2036 #, no-wrap msgid "" "pam_gssapi_indicators_map = sudo:pkinit, sudo-i:pkinit\n" @@ -2462,7 +2469,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2028 +#: sssd.conf.5.xml:2031 msgid "" "Example: to require access to SUDO services only for users which obtained " "their Kerberos tickets with a X.509 certificate pre-authentication (PKINIT), " @@ -2470,17 +2477,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2037 +#: sssd.conf.5.xml:2040 msgid "Default: not set (use of authentication indicators is not required)" msgstr "Oletus: ei asetettu(todennusindikaattoreiden käyttöä ei vaadita)" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2048 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2047 +#: sssd.conf.5.xml:2050 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2491,24 +2498,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2064 +#: sssd.conf.5.xml:2067 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2067 +#: sssd.conf.5.xml:2070 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2079 +#: sssd.conf.5.xml:2082 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2082 +#: sssd.conf.5.xml:2085 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2518,22 +2525,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2101 +#: sssd.conf.5.xml:2104 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2103 +#: sssd.conf.5.xml:2106 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2107 +#: sssd.conf.5.xml:2110 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2110 +#: sssd.conf.5.xml:2113 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2541,51 +2548,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2126 +#: sssd.conf.5.xml:2129 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2128 +#: sssd.conf.5.xml:2131 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:2135 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2135 +#: sssd.conf.5.xml:2138 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2144 +#: sssd.conf.5.xml:2147 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2147 +#: sssd.conf.5.xml:2150 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2154 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2156 +#: sssd.conf.5.xml:2159 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2159 +#: sssd.conf.5.xml:2162 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2594,12 +2601,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2174 +#: sssd.conf.5.xml:2177 msgid "ssh_use_certificate_matching_rules (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2177 +#: sssd.conf.5.xml:2180 msgid "" "By default the ssh responder will use all available certificate matching " "rules to filter the certificates so that ssh keys are only derived from the " @@ -2609,7 +2616,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2186 +#: sssd.conf.5.xml:2189 msgid "" "There are two special key words 'all_rules' and 'no_rules' which will enable " "all or no rules, respectively. The latter means that no certificates will be " @@ -2617,7 +2624,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2193 +#: sssd.conf.5.xml:2196 msgid "" "If no rules are configured using 'all_rules' will enable a default rule " "which enables all certificates suitable for client authentication. This is " @@ -2626,38 +2633,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2200 +#: sssd.conf.5.xml:2203 msgid "" "A non-existing rule name is considered an error. If as a result no rule is " "selected all certificates will be ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2205 +#: sssd.conf.5.xml:2208 msgid "" "Default: not set, equivalent to 'all_rules', all found rules or the default " "rule are used" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2211 +#: sssd.conf.5.xml:2214 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2214 +#: sssd.conf.5.xml:2217 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2234 +#: sssd.conf.5.xml:2237 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2239 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2668,7 +2675,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2245 +#: sssd.conf.5.xml:2248 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2679,24 +2686,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2253 +#: sssd.conf.5.xml:2256 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2259 +#: sssd.conf.5.xml:2262 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2263 sssd-ifp.5.xml:66 +#: sssd.conf.5.xml:2266 sssd-ifp.5.xml:66 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2266 +#: sssd.conf.5.xml:2269 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2704,19 +2711,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2272 +#: sssd.conf.5.xml:2275 msgid "" "Default: 0, &sssd_user_name; (only root and SSSD service users are allowed " "to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2279 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2280 +#: sssd.conf.5.xml:2283 msgid "" "Please note that defaults will be overwritten with this option. If you still " "want to allow the root and/or '&sssd_user_name;' user to access the PAC " @@ -2725,7 +2732,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2287 +#: sssd.conf.5.xml:2290 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2734,24 +2741,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2296 +#: sssd.conf.5.xml:2299 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2299 +#: sssd.conf.5.xml:2302 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2309 +#: sssd.conf.5.xml:2312 msgid "pac_check (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2312 +#: sssd.conf.5.xml:2315 msgid "" "Apply additional checks on the PAC of the Kerberos ticket which is available " "in Active Directory and FreeIPA domains, if configured. Please note that " @@ -2762,26 +2769,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2326 +#: sssd.conf.5.xml:2329 msgid "no_check" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2328 +#: sssd.conf.5.xml:2331 msgid "" "The PAC must not be present and even if it is present no additional checks " "will be done." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2334 +#: sssd.conf.5.xml:2337 #, fuzzy #| msgid "present" msgid "pac_present" msgstr "nykyinen" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:2339 msgid "" "The PAC must be present in the service ticket which SSSD will request with " "the help of the user's TGT. If the PAC is not available the authentication " @@ -2789,24 +2796,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2344 +#: sssd.conf.5.xml:2347 msgid "check_upn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2346 +#: sssd.conf.5.xml:2349 msgid "" "If the PAC is present check if the user principal name (UPN) information is " "consistent." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2352 +#: sssd.conf.5.xml:2355 msgid "check_upn_allow_missing" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2357 msgid "" "This option should be used together with 'check_upn' and handles the case " "where a UPN is set on the server-side but is not read by SSSD. The typical " @@ -2818,7 +2825,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2366 +#: sssd.conf.5.xml:2369 msgid "" "Currently this option is set by default to avoid regressions in such " "environments. A log message will be added to the system log and SSSD's debug " @@ -2829,60 +2836,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2380 +#: sssd.conf.5.xml:2383 msgid "upn_dns_info_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2382 +#: sssd.conf.5.xml:2385 msgid "The PAC must contain the UPN-DNS-INFO buffer, implies 'check_upn'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2387 +#: sssd.conf.5.xml:2390 msgid "check_upn_dns_info_ex" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2389 +#: sssd.conf.5.xml:2392 msgid "" "If the PAC is present and the extension to the UPN-DNS-INFO buffer is " "available check if the information in the extension is consistent." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2396 +#: sssd.conf.5.xml:2399 msgid "upn_dns_info_ex_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2401 msgid "" "The PAC must contain the extension of the UPN-DNS-INFO buffer, implies " "'check_upn_dns_info_ex', 'upn_dns_info_present' and 'check_upn'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2325 msgid "" "The following options can be used alone or in a comma-separated list: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2408 +#: sssd.conf.5.xml:2411 msgid "" "Default: no_check (AD and IPA provider 'check_upn, check_upn_allow_missing, " "check_upn_dns_info_ex')" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2417 +#: sssd.conf.5.xml:2420 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2419 +#: sssd.conf.5.xml:2422 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2892,66 +2899,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2432 +#: sssd.conf.5.xml:2435 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2436 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:2439 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2443 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:2446 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2446 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:2449 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2451 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:2454 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2454 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:2457 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2463 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:2466 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2466 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:2469 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2439 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:2442 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:2476 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2478 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:2481 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2481 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:2484 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2959,17 +2966,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2487 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:2490 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2492 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:2495 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2495 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:2498 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2977,7 +2984,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2501 sssd.conf.5.xml:2533 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:2504 sssd.conf.5.xml:2536 sssd-session-recording.5.xml:129 #: sssd-session-recording.5.xml:161 msgid "" "NOTE: using this option (having it set to anything) has a considerable " @@ -2986,57 +2993,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2508 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:2511 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2513 sssd-session-recording.5.xml:141 +#: sssd.conf.5.xml:2516 sssd-session-recording.5.xml:141 msgid "exclude_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2516 sssd-session-recording.5.xml:144 +#: sssd.conf.5.xml:2519 sssd-session-recording.5.xml:144 msgid "" "A comma-separated list of users to be excluded from recording, only " "applicable with 'scope=all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2520 sssd-session-recording.5.xml:148 +#: sssd.conf.5.xml:2523 sssd-session-recording.5.xml:148 msgid "Default: Empty. No users excluded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2525 sssd-session-recording.5.xml:153 +#: sssd.conf.5.xml:2528 sssd-session-recording.5.xml:153 msgid "exclude_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2528 sssd-session-recording.5.xml:156 +#: sssd.conf.5.xml:2531 sssd-session-recording.5.xml:156 msgid "" "A comma-separated list of groups, members of which should be excluded from " "recording. Only applicable with 'scope=all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2540 sssd-session-recording.5.xml:168 +#: sssd.conf.5.xml:2543 sssd-session-recording.5.xml:168 msgid "Default: Empty. No groups excluded." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:2550 +#: sssd.conf.5.xml:2553 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para> -#: sssd.conf.5.xml:2557 sssd.conf.5.xml:4041 sssd.conf.5.xml:4042 -#: sssd.conf.5.xml:4045 +#: sssd.conf.5.xml:2560 sssd.conf.5.xml:4044 sssd.conf.5.xml:4045 +#: sssd.conf.5.xml:4048 msgid "enabled" msgstr "käytössä" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2560 +#: sssd.conf.5.xml:2563 msgid "" "Explicitly enable or disable the domain. If <quote>true</quote>, the domain " "is always <quote>enabled</quote>. If <quote>false</quote>, the domain is " @@ -3046,12 +3053,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2572 +#: sssd.conf.5.xml:2575 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2578 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -3060,14 +3067,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2583 +#: sssd.conf.5.xml:2586 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2587 +#: sssd.conf.5.xml:2590 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -3076,38 +3083,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2595 +#: sssd.conf.5.xml:2598 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2602 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2603 +#: sssd.conf.5.xml:2606 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2609 +#: sssd.conf.5.xml:2612 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2615 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2617 +#: sssd.conf.5.xml:2620 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -3116,24 +3123,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2627 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2631 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2637 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2637 +#: sssd.conf.5.xml:2640 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -3142,36 +3149,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:2648 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:2651 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2651 sssd.conf.5.xml:2942 sssd.conf.5.xml:3119 +#: sssd.conf.5.xml:2654 sssd.conf.5.xml:2945 sssd.conf.5.xml:3122 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2654 +#: sssd.conf.5.xml:2657 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2659 +#: sssd.conf.5.xml:2662 msgid "" "Feature is only supported for domains with id_provider = ldap or id_provider " "= proxy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2663 +#: sssd.conf.5.xml:2666 msgid "" "Note: Enabling enumeration has a severe performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -3185,14 +3192,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2678 +#: sssd.conf.5.xml:2681 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2683 +#: sssd.conf.5.xml:2686 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -3201,14 +3208,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2694 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2696 +#: sssd.conf.5.xml:2699 msgid "" "Note: the proxy provider is tested with open source modules like " "'libnss_files' and 'libnss_ldap'. 3rd party modules must follow the " @@ -3216,32 +3223,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2705 +#: sssd.conf.5.xml:2708 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2712 +#: sssd.conf.5.xml:2715 msgid "all" msgstr "kaikki" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2716 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2716 +#: sssd.conf.5.xml:2719 msgid "none" msgstr "Ei mitään" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2717 +#: sssd.conf.5.xml:2720 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2708 +#: sssd.conf.5.xml:2711 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -3250,19 +3257,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2731 +#: sssd.conf.5.xml:2734 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (integeri)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2734 +#: sssd.conf.5.xml:2737 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2738 +#: sssd.conf.5.xml:2741 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -3273,139 +3280,139 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2751 +#: sssd.conf.5.xml:2754 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2757 +#: sssd.conf.5.xml:2760 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2760 +#: sssd.conf.5.xml:2763 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2764 sssd.conf.5.xml:2777 sssd.conf.5.xml:2790 -#: sssd.conf.5.xml:2803 sssd.conf.5.xml:2817 sssd.conf.5.xml:2830 -#: sssd.conf.5.xml:2844 sssd.conf.5.xml:2858 sssd.conf.5.xml:2871 +#: sssd.conf.5.xml:2767 sssd.conf.5.xml:2780 sssd.conf.5.xml:2793 +#: sssd.conf.5.xml:2806 sssd.conf.5.xml:2820 sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2847 sssd.conf.5.xml:2861 sssd.conf.5.xml:2874 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2773 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2776 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2783 +#: sssd.conf.5.xml:2786 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2786 +#: sssd.conf.5.xml:2789 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2796 +#: sssd.conf.5.xml:2799 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2799 +#: sssd.conf.5.xml:2802 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2812 msgid "entry_cache_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2812 +#: sssd.conf.5.xml:2815 msgid "" "How many seconds should nss_sss consider hosts and networks entries valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:2826 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2826 +#: sssd.conf.5.xml:2829 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2836 +#: sssd.conf.5.xml:2839 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2839 +#: sssd.conf.5.xml:2842 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2850 +#: sssd.conf.5.xml:2853 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2853 +#: sssd.conf.5.xml:2856 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2867 msgid "entry_cache_computer_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2867 +#: sssd.conf.5.xml:2870 msgid "" "How many seconds to keep the local computer entry before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2877 +#: sssd.conf.5.xml:2880 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2880 +#: sssd.conf.5.xml:2883 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2885 +#: sssd.conf.5.xml:2888 msgid "" "The background refresh will process users, groups and netgroups in the " "cache. For users who have performed the initgroups (get group membership for " @@ -3414,17 +3421,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2893 +#: sssd.conf.5.xml:2896 msgid "This option is automatically inherited for all trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2897 +#: sssd.conf.5.xml:2900 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2901 +#: sssd.conf.5.xml:2904 msgid "" "Cache entry will be refreshed by background task when 2/3 of cache timeout " "has already passed. If there are existing cached entries, the background " @@ -3436,18 +3443,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2914 sssd-ldap.5.xml:361 sssd-ldap.5.xml:1774 +#: sssd.conf.5.xml:2917 sssd-ldap.5.xml:372 sssd-ldap.5.xml:1785 #: sssd-ipa.5.xml:270 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2920 +#: sssd.conf.5.xml:2923 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:2926 msgid "" "Determines if user credentials are also cached in the local LDB cache. The " "cached credentials refer to passwords, which includes the first (long term) " @@ -3458,7 +3465,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2934 +#: sssd.conf.5.xml:2937 msgid "" "Take a note that while credentials are stored as a salted SHA512 hash, this " "still potentially poses some security risk in case an attacker manages to " @@ -3467,12 +3474,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:2951 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2951 +#: sssd.conf.5.xml:2954 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -3480,19 +3487,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2958 +#: sssd.conf.5.xml:2961 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:2972 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:2975 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -3501,17 +3508,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2979 +#: sssd.conf.5.xml:2982 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:2987 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2995 +#: sssd.conf.5.xml:2998 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -3520,28 +3527,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3002 +#: sssd.conf.5.xml:3005 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3008 +#: sssd.conf.5.xml:3011 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3011 +#: sssd.conf.5.xml:3014 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3015 +#: sssd.conf.5.xml:3018 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3018 +#: sssd.conf.5.xml:3021 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3549,7 +3556,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3026 +#: sssd.conf.5.xml:3029 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3557,8 +3564,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3034 sssd.conf.5.xml:3145 sssd.conf.5.xml:3196 -#: sssd.conf.5.xml:3259 +#: sssd.conf.5.xml:3037 sssd.conf.5.xml:3148 sssd.conf.5.xml:3199 +#: sssd.conf.5.xml:3262 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Identity Management provider. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3566,8 +3573,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3043 sssd.conf.5.xml:3154 sssd.conf.5.xml:3205 -#: sssd.conf.5.xml:3268 +#: sssd.conf.5.xml:3046 sssd.conf.5.xml:3157 sssd.conf.5.xml:3208 +#: sssd.conf.5.xml:3271 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3575,19 +3582,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3054 +#: sssd.conf.5.xml:3057 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3057 +#: sssd.conf.5.xml:3060 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3062 +#: sssd.conf.5.xml:3065 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -3596,7 +3603,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3070 +#: sssd.conf.5.xml:3073 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -3604,24 +3611,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3077 +#: sssd.conf.5.xml:3080 msgid "" "Default: FALSE (TRUE for trusted domain/sub-domains or if " "default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3084 +#: sssd.conf.5.xml:3087 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3087 +#: sssd.conf.5.xml:3090 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3090 +#: sssd.conf.5.xml:3093 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -3633,7 +3640,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3111 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -3641,30 +3648,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3114 sssd.conf.5.xml:3835 sssd-ldap.5.xml:327 -#: sssd-ldap.5.xml:356 sssd-ldap.5.xml:409 sssd-ldap.5.xml:469 -#: sssd-ldap.5.xml:490 sssd-ldap.5.xml:521 sssd-ldap.5.xml:544 -#: sssd-ldap.5.xml:583 sssd-ldap.5.xml:602 sssd-ldap.5.xml:626 -#: sssd-ldap.5.xml:1054 sssd-ldap.5.xml:1087 +#: sssd.conf.5.xml:3117 sssd.conf.5.xml:3838 sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:367 sssd-ldap.5.xml:420 sssd-ldap.5.xml:480 +#: sssd-ldap.5.xml:501 sssd-ldap.5.xml:532 sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:594 sssd-ldap.5.xml:613 sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:1065 sssd-ldap.5.xml:1098 msgid "" "This option can be also set per subdomain or inherited via " "<emphasis>subdomain_inherit</emphasis>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3124 +#: sssd.conf.5.xml:3127 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3127 +#: sssd.conf.5.xml:3130 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3131 sssd.conf.5.xml:3189 +#: sssd.conf.5.xml:3134 sssd.conf.5.xml:3192 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3672,7 +3679,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3138 +#: sssd.conf.5.xml:3141 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3680,30 +3687,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3162 +#: sssd.conf.5.xml:3165 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3168 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3168 +#: sssd.conf.5.xml:3171 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3174 +#: sssd.conf.5.xml:3177 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3177 +#: sssd.conf.5.xml:3180 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3711,19 +3718,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3183 +#: sssd.conf.5.xml:3186 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3186 +#: sssd.conf.5.xml:3189 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3213 +#: sssd.conf.5.xml:3216 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3732,7 +3739,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3223 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3740,29 +3747,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3227 +#: sssd.conf.5.xml:3230 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3230 +#: sssd.conf.5.xml:3233 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3235 +#: sssd.conf.5.xml:3238 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3238 +#: sssd.conf.5.xml:3241 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3243 +#: sssd.conf.5.xml:3246 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3770,7 +3777,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3251 +#: sssd.conf.5.xml:3254 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3778,35 +3785,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3276 +#: sssd.conf.5.xml:3279 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3280 +#: sssd.conf.5.xml:3283 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3283 +#: sssd.conf.5.xml:3286 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3290 +#: sssd.conf.5.xml:3293 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3293 +#: sssd.conf.5.xml:3296 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3297 +#: sssd.conf.5.xml:3300 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3814,32 +3821,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3305 +#: sssd.conf.5.xml:3308 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3309 +#: sssd.conf.5.xml:3312 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3313 +#: sssd.conf.5.xml:3316 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3316 sssd.conf.5.xml:3402 sssd.conf.5.xml:3467 -#: sssd.conf.5.xml:3492 sssd.conf.5.xml:3528 +#: sssd.conf.5.xml:3319 sssd.conf.5.xml:3405 sssd.conf.5.xml:3470 +#: sssd.conf.5.xml:3495 sssd.conf.5.xml:3531 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3320 +#: sssd.conf.5.xml:3323 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3850,7 +3857,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3335 +#: sssd.conf.5.xml:3338 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3859,12 +3866,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3345 +#: sssd.conf.5.xml:3348 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3348 +#: sssd.conf.5.xml:3351 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3872,7 +3879,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3354 +#: sssd.conf.5.xml:3357 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3880,31 +3887,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3362 +#: sssd.conf.5.xml:3365 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3365 +#: sssd.conf.5.xml:3368 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3371 +#: sssd.conf.5.xml:3374 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3374 +#: sssd.conf.5.xml:3377 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3380 +#: sssd.conf.5.xml:3383 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3912,7 +3919,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3389 +#: sssd.conf.5.xml:3392 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3921,17 +3928,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3398 +#: sssd.conf.5.xml:3401 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3408 +#: sssd.conf.5.xml:3411 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3411 +#: sssd.conf.5.xml:3414 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3939,36 +3946,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3418 +#: sssd.conf.5.xml:3421 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3422 +#: sssd.conf.5.xml:3425 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3426 +#: sssd.conf.5.xml:3429 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3433 +#: sssd.conf.5.xml:3436 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3436 +#: sssd.conf.5.xml:3439 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3440 +#: sssd.conf.5.xml:3443 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3976,7 +3983,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3447 +#: sssd.conf.5.xml:3450 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3984,7 +3991,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3455 +#: sssd.conf.5.xml:3458 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3992,24 +3999,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3464 +#: sssd.conf.5.xml:3467 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3474 +#: sssd.conf.5.xml:3477 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3477 +#: sssd.conf.5.xml:3480 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3481 +#: sssd.conf.5.xml:3484 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -4017,31 +4024,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3492 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3499 +#: sssd.conf.5.xml:3502 msgid "resolver_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3502 +#: sssd.conf.5.xml:3505 msgid "" "The provider which should handle hosts and networks lookups. Supported " "resolver providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3506 +#: sssd.conf.5.xml:3509 msgid "" "<quote>proxy</quote> to forward lookups to another NSS library. See " "<quote>proxy_resolver_lib_name</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3510 +#: sssd.conf.5.xml:3513 msgid "" "<quote>ldap</quote> to fetch hosts and networks stored in LDAP. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -4049,7 +4056,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3517 +#: sssd.conf.5.xml:3520 msgid "" "<quote>ad</quote> to fetch hosts and networks stored in AD. See " "<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" @@ -4058,12 +4065,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3525 +#: sssd.conf.5.xml:3528 msgid "<quote>none</quote> disallows fetching hosts and networks explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3538 +#: sssd.conf.5.xml:3541 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -4073,24 +4080,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3547 +#: sssd.conf.5.xml:3550 msgid "" "Default: <quote>^((?P<name>.+)@(?P<domain>[^@]*)|(?P<name>" "[^@]+))$</quote> which allows two different styles for user names:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3552 sssd.conf.5.xml:3566 +#: sssd.conf.5.xml:3555 sssd.conf.5.xml:3569 msgid "username" msgstr "käyttäjänimi" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3555 sssd.conf.5.xml:3569 +#: sssd.conf.5.xml:3558 sssd.conf.5.xml:3572 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3560 +#: sssd.conf.5.xml:3563 msgid "" "Default for the AD and IPA provider: <quote>^(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+))|((?P<name>.+)@(?P<domain>[^@]+))|((?P<" @@ -4099,19 +4106,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3572 +#: sssd.conf.5.xml:3575 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3575 +#: sssd.conf.5.xml:3578 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3580 +#: sssd.conf.5.xml:3583 msgid "" "The default re_expression uses the <quote>@</quote> character as a separator " "between the name and the domain. As a result of this setting the default " @@ -4121,89 +4128,89 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3632 +#: sssd.conf.5.xml:3635 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3638 +#: sssd.conf.5.xml:3641 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3641 +#: sssd.conf.5.xml:3644 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3645 +#: sssd.conf.5.xml:3648 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3648 +#: sssd.conf.5.xml:3651 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3651 +#: sssd.conf.5.xml:3654 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3654 +#: sssd.conf.5.xml:3657 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3657 +#: sssd.conf.5.xml:3660 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3660 +#: sssd.conf.5.xml:3663 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3666 +#: sssd.conf.5.xml:3669 msgid "dns_resolver_server_timeout (integer)" msgstr "dns_resolver_server_timeout (integeri)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3669 +#: sssd.conf.5.xml:3672 msgid "" "Defines the amount of time (in milliseconds) SSSD would try to talk to DNS " "server before trying next DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3674 +#: sssd.conf.5.xml:3677 msgid "" "The AD provider will use this option for the CLDAP ping timeouts as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3678 sssd.conf.5.xml:3698 sssd.conf.5.xml:3719 +#: sssd.conf.5.xml:3681 sssd.conf.5.xml:3701 sssd.conf.5.xml:3722 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3683 sssd-ldap.5.xml:645 include/failover.xml:84 +#: sssd.conf.5.xml:3686 sssd-ldap.5.xml:656 include/failover.xml:84 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3689 +#: sssd.conf.5.xml:3692 msgid "dns_resolver_op_timeout (integer)" msgstr "dns_resolver_op_timeout (integeri)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3692 +#: sssd.conf.5.xml:3695 msgid "" "Defines the amount of time (in seconds) to wait to resolve single DNS query " "(e.g. resolution of a hostname or an SRV record) before trying the next " @@ -4211,17 +4218,17 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3703 include/failover.xml:100 +#: sssd.conf.5.xml:3706 include/failover.xml:100 msgid "Default: 3" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3709 +#: sssd.conf.5.xml:3712 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3712 +#: sssd.conf.5.xml:3715 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -4230,14 +4237,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3730 +#: sssd.conf.5.xml:3733 #, fuzzy #| msgid "dns_resolver_server_timeout (integer)" msgid "dns_resolver_use_search_list (bool)" msgstr "dns_resolver_server_timeout (integeri)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3733 +#: sssd.conf.5.xml:3736 msgid "" "Normally, the DNS resolver searches the domain list defined in the " "\"search\" directive from the resolv.conf file. This can lead to delays in " @@ -4245,7 +4252,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3739 +#: sssd.conf.5.xml:3742 msgid "" "If fully qualified domain names (or _srv_) are used in the SSSD " "configuration, setting this option to FALSE can prevent unnecessary DNS " @@ -4253,38 +4260,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3745 +#: sssd.conf.5.xml:3748 #, fuzzy #| msgid "Default: True" msgid "Default: TRUE" msgstr "Oletus:tosi" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3751 +#: sssd.conf.5.xml:3754 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3754 +#: sssd.conf.5.xml:3757 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3758 +#: sssd.conf.5.xml:3761 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3764 +#: sssd.conf.5.xml:3767 #, fuzzy #| msgid "dns_resolver_op_timeout (integer)" msgid "failover_primary_timeout (integer)" msgstr "dns_resolver_op_timeout (integeri)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3767 +#: sssd.conf.5.xml:3770 msgid "" "When no primary server is available, SSSD fails over to a backup server. " "This option defines the number of seconds SSSD waits before attempting to " @@ -4292,59 +4299,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3774 +#: sssd.conf.5.xml:3777 msgid "Note: The minimum value is 31." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3777 +#: sssd.conf.5.xml:3780 #, fuzzy #| msgid "Default: 30" msgid "Default: 31" msgstr "Oletus: 30" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3783 +#: sssd.conf.5.xml:3786 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3786 +#: sssd.conf.5.xml:3789 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3792 +#: sssd.conf.5.xml:3795 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3799 +#: sssd.conf.5.xml:3802 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3802 +#: sssd.conf.5.xml:3805 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3808 +#: sssd.conf.5.xml:3811 msgid "False" msgstr "epätosi" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3810 +#: sssd.conf.5.xml:3813 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3814 +#: sssd.conf.5.xml:3817 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3817 +#: sssd.conf.5.xml:3820 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -4352,31 +4359,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3825 +#: sssd.conf.5.xml:3828 msgid "" "If you want to set this value for trusted domain with IPA provider, you need " "to set it on both the client and SSSD on the server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3795 +#: sssd.conf.5.xml:3798 msgid "" "Treat user and group names as case sensitive. Possible option values are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3840 +#: sssd.conf.5.xml:3843 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3846 +#: sssd.conf.5.xml:3849 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3849 +#: sssd.conf.5.xml:3852 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -4384,124 +4391,124 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3855 +#: sssd.conf.5.xml:3858 #, fuzzy #| msgid "ldap_purge_cache_timeout" msgid "ldap_search_timeout" msgstr "ldap_purge_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3858 +#: sssd.conf.5.xml:3861 #, fuzzy #| msgid "client_idle_timeout" msgid "ldap_network_timeout" msgstr "client_idle_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3861 +#: sssd.conf.5.xml:3864 #, fuzzy #| msgid "ldap_purge_cache_timeout" msgid "ldap_opt_timeout" msgstr "ldap_purge_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3864 +#: sssd.conf.5.xml:3867 #, fuzzy #| msgid "client_idle_timeout" msgid "ldap_offline_timeout" msgstr "client_idle_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3867 +#: sssd.conf.5.xml:3870 #, fuzzy #| msgid "client_idle_timeout" msgid "ldap_enumeration_refresh_timeout" msgstr "client_idle_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3870 +#: sssd.conf.5.xml:3873 msgid "ldap_enumeration_refresh_offset" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3873 +#: sssd.conf.5.xml:3876 msgid "ldap_purge_cache_timeout" msgstr "ldap_purge_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3876 +#: sssd.conf.5.xml:3879 #, fuzzy #| msgid "ldap_purge_cache_timeout" msgid "ldap_purge_cache_offset" msgstr "ldap_purge_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3879 +#: sssd.conf.5.xml:3882 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3883 +#: sssd.conf.5.xml:3886 msgid "ldap_krb5_ticket_lifetime" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3886 +#: sssd.conf.5.xml:3889 #, fuzzy #| msgid "client_idle_timeout" msgid "ldap_enumeration_search_timeout" msgstr "client_idle_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3889 +#: sssd.conf.5.xml:3892 #, fuzzy #| msgid "client_idle_timeout" msgid "ldap_connection_expire_timeout" msgstr "client_idle_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3892 +#: sssd.conf.5.xml:3895 #, fuzzy #| msgid "client_idle_timeout" msgid "ldap_connection_expire_offset" msgstr "client_idle_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3895 +#: sssd.conf.5.xml:3898 #, fuzzy #| msgid "client_idle_timeout" msgid "ldap_connection_idle_timeout" msgstr "client_idle_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3898 sssd-ldap.5.xml:401 +#: sssd.conf.5.xml:3901 sssd-ldap.5.xml:412 msgid "ldap_use_tokengroups" msgstr "ldap_use_tokengroups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3901 +#: sssd.conf.5.xml:3904 msgid "ldap_user_principal" msgstr "ldap_user_principal" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3904 +#: sssd.conf.5.xml:3907 msgid "ignore_group_members" msgstr "ignore_group_members" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3907 +#: sssd.conf.5.xml:3910 msgid "auto_private_groups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3910 +#: sssd.conf.5.xml:3913 msgid "case_sensitive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3915 +#: sssd.conf.5.xml:3918 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -4511,27 +4518,27 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3922 +#: sssd.conf.5.xml:3925 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3929 +#: sssd.conf.5.xml:3932 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3940 +#: sssd.conf.5.xml:3943 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3941 +#: sssd.conf.5.xml:3944 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3932 +#: sssd.conf.5.xml:3935 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -4541,34 +4548,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3946 +#: sssd.conf.5.xml:3949 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3950 +#: sssd.conf.5.xml:3953 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3955 +#: sssd.conf.5.xml:3958 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3958 +#: sssd.conf.5.xml:3961 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3964 +#: sssd.conf.5.xml:3967 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3967 +#: sssd.conf.5.xml:3970 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -4577,19 +4584,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3975 +#: sssd.conf.5.xml:3978 msgid "" "This option's value is inherited by all trusted domains. At the moment it is " "not possible to set a different value per trusted domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3980 +#: sssd.conf.5.xml:3983 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3984 +#: sssd.conf.5.xml:3987 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -4597,14 +4604,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3995 +#: sssd.conf.5.xml:3998 #, fuzzy #| msgid "ldap_user_principal" msgid "local_auth_policy (string)" msgstr "ldap_user_principal" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3998 +#: sssd.conf.5.xml:4001 msgid "" "Local authentication methods policy. Some backends (i.e. LDAP, proxy " "provider) only support a password based authentication, while others can " @@ -4616,7 +4623,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4010 +#: sssd.conf.5.xml:4013 msgid "" "There are three possible values for this option: match, only, enable. " "<quote>match</quote> is used to match offline and online states for Kerberos " @@ -4628,7 +4635,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4023 +#: sssd.conf.5.xml:4026 msgid "" "The following table shows which authentication methods, if configured " "properly, are currently enabled or disabled for each backend, with the " @@ -4636,46 +4643,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4036 +#: sssd.conf.5.xml:4039 #, fuzzy #| msgid "ldap_user_principal" msgid "local_auth_policy = match (default)" msgstr "ldap_user_principal" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4037 +#: sssd.conf.5.xml:4040 msgid "Passkey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4038 +#: sssd.conf.5.xml:4041 msgid "Smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4041 sssd-ldap.5.xml:189 +#: sssd.conf.5.xml:4044 sssd-ldap.5.xml:189 msgid "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4044 sssd-ldap.5.xml:194 +#: sssd.conf.5.xml:4047 sssd-ldap.5.xml:194 msgid "AD" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para> -#: sssd.conf.5.xml:4044 sssd.conf.5.xml:4047 sssd.conf.5.xml:4048 +#: sssd.conf.5.xml:4047 sssd.conf.5.xml:4050 sssd.conf.5.xml:4051 #, fuzzy #| msgid "enabled" msgid "disabled" msgstr "käytössä" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry> -#: sssd.conf.5.xml:4047 +#: sssd.conf.5.xml:4050 msgid "LDAP" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4052 +#: sssd.conf.5.xml:4055 msgid "" "Please note that if local Smartcard authentication is enabled and a " "Smartcard is present, Smartcard authentication will be preferred over the " @@ -4684,7 +4691,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4064 +#: sssd.conf.5.xml:4067 #, no-wrap msgid "" "[domain/shadowutils]\n" @@ -4695,7 +4702,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4060 +#: sssd.conf.5.xml:4063 msgid "" "The following configuration example allows local users to authenticate " "locally using any enabled method (i.e. smartcard, passkey). <placeholder " @@ -4703,38 +4710,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4072 +#: sssd.conf.5.xml:4075 msgid "" "It is expected that the <quote>files</quote> provider ignores the " "local_auth_policy option and supports Smartcard authentication by default." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4077 +#: sssd.conf.5.xml:4080 #, fuzzy #| msgid "Default: true" msgid "Default: match" msgstr "Oletus:tosi" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4082 +#: sssd.conf.5.xml:4085 msgid "auto_private_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4088 +#: sssd.conf.5.xml:4091 msgid "true" msgstr "tosi" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4091 +#: sssd.conf.5.xml:4094 msgid "" "Create user's private group unconditionally from user's UID number. The GID " "number is ignored in this case." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4095 +#: sssd.conf.5.xml:4098 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -4743,24 +4750,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4104 +#: sssd.conf.5.xml:4107 msgid "false" msgstr "epätosi" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4107 +#: sssd.conf.5.xml:4110 msgid "" "Always use the user's primary GID number. The GID number must refer to a " "group object in the LDAP database." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4113 +#: sssd.conf.5.xml:4116 msgid "hybrid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4116 +#: sssd.conf.5.xml:4119 msgid "" "A primary group is autogenerated for user entries whose UID and GID numbers " "have the same value and at the same time the GID number does not correspond " @@ -4770,14 +4777,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4129 +#: sssd.conf.5.xml:4132 msgid "" "If the UID and GID of a user are different, then the GID must correspond to " "a group entry, otherwise the GID is simply not resolvable." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4136 +#: sssd.conf.5.xml:4139 msgid "" "This feature is useful for environments that wish to stop maintaining a " "separate group objects for the user private groups, but also wish to retain " @@ -4785,21 +4792,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4085 +#: sssd.conf.5.xml:4088 msgid "" "This option takes any of three available values: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4148 +#: sssd.conf.5.xml:4151 msgid "" "For subdomains, the default value is False for subdomains that use assigned " "POSIX IDs and True for subdomains that use automatic ID-mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4156 +#: sssd.conf.5.xml:4159 #, no-wrap msgid "" "[domain/forest.domain/sub.domain]\n" @@ -4807,7 +4814,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4162 +#: sssd.conf.5.xml:4165 #, no-wrap msgid "" "[domain/forest.domain]\n" @@ -4816,7 +4823,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4153 +#: sssd.conf.5.xml:4156 msgid "" "The value of auto_private_groups can either be set per subdomains in a " "subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " @@ -4825,7 +4832,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2552 +#: sssd.conf.5.xml:2555 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -4833,17 +4840,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4177 +#: sssd.conf.5.xml:4180 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4180 +#: sssd.conf.5.xml:4183 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4183 +#: sssd.conf.5.xml:4186 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here. As an alternative you can " @@ -4851,12 +4858,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4193 +#: sssd.conf.5.xml:4196 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4196 +#: sssd.conf.5.xml:4199 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -4864,12 +4871,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4206 +#: sssd.conf.5.xml:4209 msgid "proxy_resolver_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4209 +#: sssd.conf.5.xml:4212 msgid "" "The name of the NSS library to use for hosts and networks lookups in proxy " "domains. The NSS functions searched for in the library are in the form of " @@ -4877,12 +4884,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4220 +#: sssd.conf.5.xml:4223 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4223 +#: sssd.conf.5.xml:4226 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -4891,12 +4898,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4237 +#: sssd.conf.5.xml:4240 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4240 +#: sssd.conf.5.xml:4243 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -4904,19 +4911,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4173 +#: sssd.conf.5.xml:4176 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" " "id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:4256 +#: sssd.conf.5.xml:4259 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4258 +#: sssd.conf.5.xml:4261 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -4933,7 +4940,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4278 +#: sssd.conf.5.xml:4281 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -4941,17 +4948,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:4284 +#: sssd.conf.5.xml:4287 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4286 +#: sssd.conf.5.xml:4289 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4289 +#: sssd.conf.5.xml:4292 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -4960,7 +4967,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4303 +#: sssd.conf.5.xml:4306 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -4970,7 +4977,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:4311 +#: sssd.conf.5.xml:4314 #, no-wrap msgid "" "[sssd]\n" @@ -4990,12 +4997,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4331 +#: sssd.conf.5.xml:4334 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4333 +#: sssd.conf.5.xml:4336 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -5006,69 +5013,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4340 +#: sssd.conf.5.xml:4343 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4341 +#: sssd.conf.5.xml:4344 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4342 +#: sssd.conf.5.xml:4345 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4343 +#: sssd.conf.5.xml:4346 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4344 +#: sssd.conf.5.xml:4347 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4345 +#: sssd.conf.5.xml:4348 msgid "ldap_sasl_mech," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4346 +#: sssd.conf.5.xml:4349 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4347 +#: sssd.conf.5.xml:4350 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4348 +#: sssd.conf.5.xml:4351 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4349 sssd-ipa.5.xml:884 +#: sssd.conf.5.xml:4352 sssd-ipa.5.xml:948 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4353 +#: sssd.conf.5.xml:4356 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4359 +#: sssd.conf.5.xml:4362 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4361 +#: sssd.conf.5.xml:4364 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -5081,7 +5088,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4375 +#: sssd.conf.5.xml:4378 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -5089,7 +5096,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4384 +#: sssd.conf.5.xml:4387 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -5098,55 +5105,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4391 +#: sssd.conf.5.xml:4394 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4394 +#: sssd.conf.5.xml:4397 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4398 +#: sssd.conf.5.xml:4401 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4405 +#: sssd.conf.5.xml:4408 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4408 +#: sssd.conf.5.xml:4411 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4414 +#: sssd.conf.5.xml:4417 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4420 +#: sssd.conf.5.xml:4423 msgid "" -"The RULE_NAME for the <quote>files</quote> provider which tries to find a " -"user with the same name." +"If maprule is not set and provider is <quote>proxy</quote><phrase " +"condition=\"with_files_provider\">  or <quote>files</quote></phrase>, " +"the RULE_NAME name is assumed to be the name of the matching user." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4429 +#: sssd.conf.5.xml:4434 msgid "domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4432 +#: sssd.conf.5.xml:4437 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -5155,17 +5163,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4439 +#: sssd.conf.5.xml:4444 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4444 +#: sssd.conf.5.xml:4449 msgid "priority (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4447 +#: sssd.conf.5.xml:4452 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -5173,26 +5181,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4453 +#: sssd.conf.5.xml:4458 msgid "Default: the lowest priority" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4459 +#: sssd.conf.5.xml:4464 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4465 +#: sssd.conf.5.xml:4470 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4471 +#: sssd.conf.5.xml:4476 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -5201,17 +5209,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4480 +#: sssd.conf.5.xml:4485 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4488 +#: sssd.conf.5.xml:4493 msgid "PROMPTING CONFIGURATION SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4490 +#: sssd.conf.5.xml:4495 msgid "" "If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" "filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " @@ -5221,7 +5229,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4498 +#: sssd.conf.5.xml:4503 msgid "" "With the growing number of authentication methods and the possibility that " "there are multiple ones for a single user the heuristic used by pam_sss to " @@ -5230,59 +5238,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4510 +#: sssd.conf.5.xml:4515 msgid "[prompting/password]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4513 +#: sssd.conf.5.xml:4518 msgid "password_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4514 +#: sssd.conf.5.xml:4519 msgid "to change the string of the password prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4512 +#: sssd.conf.5.xml:4517 msgid "" "to configure password prompting, allowed options are: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4522 +#: sssd.conf.5.xml:4527 msgid "[prompting/2fa]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4526 +#: sssd.conf.5.xml:4531 msgid "first_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4527 +#: sssd.conf.5.xml:4532 msgid "to change the string of the prompt for the first factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4530 +#: sssd.conf.5.xml:4535 msgid "second_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4531 +#: sssd.conf.5.xml:4536 msgid "to change the string of the prompt for the second factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4534 +#: sssd.conf.5.xml:4539 msgid "single_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4535 +#: sssd.conf.5.xml:4540 msgid "" "boolean value, if True there will be only a single prompt using the value of " "first_prompt where it is expected that both factors are entered as a single " @@ -5291,7 +5299,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4524 +#: sssd.conf.5.xml:4529 msgid "" "to configure two-factor authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/> If the second factor is " @@ -5300,7 +5308,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4548 +#: sssd.conf.5.xml:4553 msgid "" "Some clients, such as SSH with 'PasswordAuthentication yes', generate their " "own prompts and do not use prompts provided by SSSD or other PAM modules. " @@ -5311,17 +5319,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4563 +#: sssd.conf.5.xml:4568 msgid "[prompting/passkey]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4569 sssd-ad.5.xml:1022 +#: sssd.conf.5.xml:4574 sssd-ad.5.xml:1022 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4571 +#: sssd.conf.5.xml:4576 msgid "" "boolean value, if True prompt a message and wait before testing the presence " "of a passkey device. Recommended if your device doesn’t have a tactile " @@ -5329,46 +5337,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4579 +#: sssd.conf.5.xml:4584 msgid "interactive_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4581 +#: sssd.conf.5.xml:4586 msgid "to change the message of the interactive prompt." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4586 +#: sssd.conf.5.xml:4591 msgid "touch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4588 +#: sssd.conf.5.xml:4593 msgid "" "boolean value, if True prompt a message to remind the user to touch the " "device." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4594 +#: sssd.conf.5.xml:4599 msgid "touch_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4596 +#: sssd.conf.5.xml:4601 msgid "to change the message of the touch prompt." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4565 +#: sssd.conf.5.xml:4570 msgid "" "to configure passkey authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4505 +#: sssd.conf.5.xml:4510 msgid "" "Each supported authentication method has its own configuration subsection " "under <quote>[prompting/...]</quote>. Currently there are: <placeholder " @@ -5377,7 +5385,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4607 +#: sssd.conf.5.xml:4612 msgid "" "It is possible to add a subsection for specific PAM services, e.g. " "<quote>[prompting/password/sshd]</quote> to individual change the prompting " @@ -5385,12 +5393,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4614 pam_sss_gss.8.xml:157 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:4619 pam_sss_gss.8.xml:157 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4620 +#: sssd.conf.5.xml:4625 #, no-wrap msgid "" "[sssd]\n" @@ -5419,7 +5427,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4616 +#: sssd.conf.5.xml:4621 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -5428,7 +5436,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4652 +#: sssd.conf.5.xml:4657 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -5436,7 +5444,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4646 +#: sssd.conf.5.xml:4651 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -5447,7 +5455,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4663 +#: sssd.conf.5.xml:4668 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -5458,7 +5466,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4657 +#: sssd.conf.5.xml:4662 msgid "" "3. The following example shows the configuration of a certificate mapping " "rule. It is valid for the configured domain <quote>my.domain</quote> and " @@ -5728,8 +5736,17 @@ msgstr "" msgid "ldap_modify - Direct modification of userPassword (not recommended)." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:239 +msgid "" +"exop_force - Try Password Modify Extended Operation (RFC 3062) even if there " +"are no grace logins left. Depending on the type and configuration of the " +"LDAP server the password change might fail because an authenticated bind is " +"not possible." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:240 +#: sssd-ldap.5.xml:251 msgid "" "Note: First, a new connection is established to verify current password by " "binding as the user that requested password change. If successful, this " @@ -5738,74 +5755,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:248 +#: sssd-ldap.5.xml:259 msgid "Default: exop" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:265 msgid "ldap_default_bind_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:268 msgid "The default bind DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:264 +#: sssd-ldap.5.xml:275 msgid "ldap_default_authtok_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:267 +#: sssd-ldap.5.xml:278 msgid "The type of the authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:271 +#: sssd-ldap.5.xml:282 msgid "The two mechanisms currently supported are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:274 +#: sssd-ldap.5.xml:285 msgid "password" msgstr "salasana" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:288 msgid "obfuscated_password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:291 msgid "Default: password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:283 +#: sssd-ldap.5.xml:294 msgid "" "See the <citerefentry> <refentrytitle>sss_obfuscate</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> manual page for more information." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:294 +#: sssd-ldap.5.xml:305 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 +#: sssd-ldap.5.xml:308 msgid "The authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:314 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:317 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -5814,24 +5831,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:319 +#: sssd-ldap.5.xml:330 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:322 +#: sssd-ldap.5.xml:333 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:349 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:341 +#: sssd-ldap.5.xml:352 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -5839,7 +5856,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:358 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -5848,12 +5865,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:367 +#: sssd-ldap.5.xml:378 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:370 +#: sssd-ldap.5.xml:381 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5861,7 +5878,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:377 +#: sssd-ldap.5.xml:388 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5871,7 +5888,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:397 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5881,67 +5898,67 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:395 +#: sssd-ldap.5.xml:406 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 +#: sssd-ldap.5.xml:415 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:414 +#: sssd-ldap.5.xml:425 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:420 +#: sssd-ldap.5.xml:431 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:423 +#: sssd-ldap.5.xml:434 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:427 sssd-ipa.5.xml:462 sssd-ipa.5.xml:481 sssd-ipa.5.xml:500 -#: sssd-ipa.5.xml:519 +#: sssd-ldap.5.xml:438 sssd-ipa.5.xml:526 sssd-ipa.5.xml:545 sssd-ipa.5.xml:564 +#: sssd-ipa.5.xml:583 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " "multiple search bases." msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:432 sssd-ipa.5.xml:467 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:443 sssd-ipa.5.xml:531 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:450 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:444 +#: sssd-ldap.5.xml:455 msgid "ldap_iphost_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:449 +#: sssd-ldap.5.xml:460 msgid "ldap_ipnetwork_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:465 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:468 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5949,7 +5966,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:463 +#: sssd-ldap.5.xml:474 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5957,12 +5974,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:480 +#: sssd-ldap.5.xml:491 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:483 +#: sssd-ldap.5.xml:494 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5970,12 +5987,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:501 +#: sssd-ldap.5.xml:512 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:504 +#: sssd-ldap.5.xml:515 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5986,12 +6003,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:532 +#: sssd-ldap.5.xml:543 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:546 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -6000,12 +6017,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:566 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:569 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -6014,7 +6031,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:577 msgid "" "If the connection is idle (not actively running an operation) within " "<emphasis>ldap_opt_timeout</emphasis> seconds of expiration, then it will be " @@ -6025,38 +6042,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:578 +#: sssd-ldap.5.xml:589 msgid "" "This timeout can be extended of a random value specified by " "<emphasis>ldap_connection_expire_offset</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:588 sssd-ldap.5.xml:631 sssd-ldap.5.xml:1749 +#: sssd-ldap.5.xml:599 sssd-ldap.5.xml:642 sssd-ldap.5.xml:1760 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:594 +#: sssd-ldap.5.xml:605 msgid "ldap_connection_expire_offset (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:597 +#: sssd-ldap.5.xml:608 msgid "" "Random offset between 0 and configured value is added to " "<emphasis>ldap_connection_expire_timeout</emphasis>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:624 #, fuzzy #| msgid "ad_gpo_cache_timeout (integer)" msgid "ldap_connection_idle_timeout (integer)" msgstr "ad_gpo_cache_timeout (integeri)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 +#: sssd-ldap.5.xml:627 msgid "" "Specifies a timeout (in seconds) that an idle connection to an LDAP server " "will be maintained. If the connection is idle for more than this time then " @@ -6064,29 +6081,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:622 +#: sssd-ldap.5.xml:633 msgid "You can disable this timeout by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:648 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:651 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:662 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:654 +#: sssd-ldap.5.xml:665 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -6094,14 +6111,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:660 +#: sssd-ldap.5.xml:671 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:666 +#: sssd-ldap.5.xml:677 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -6109,17 +6126,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:678 +#: sssd-ldap.5.xml:689 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:681 +#: sssd-ldap.5.xml:692 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:684 +#: sssd-ldap.5.xml:695 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -6129,12 +6146,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:699 +#: sssd-ldap.5.xml:710 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 +#: sssd-ldap.5.xml:713 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -6142,17 +6159,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:708 sssd-ldap.5.xml:724 +#: sssd-ldap.5.xml:719 sssd-ldap.5.xml:735 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:715 +#: sssd-ldap.5.xml:726 msgid "ldap_sasl_maxssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:718 +#: sssd-ldap.5.xml:729 msgid "" "When communicating with an LDAP server using SASL, specify the maximal " "security level necessary to establish the connection. The values of this " @@ -6160,12 +6177,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:742 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:734 +#: sssd-ldap.5.xml:745 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -6173,7 +6190,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:740 +#: sssd-ldap.5.xml:751 msgid "" "You can turn off dereference lookups completely by setting the value to 0. " "Please note that there are some codepaths in SSSD, like the IPA HBAC " @@ -6184,7 +6201,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:751 +#: sssd-ldap.5.xml:762 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -6193,7 +6210,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 +#: sssd-ldap.5.xml:770 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -6201,12 +6218,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:783 msgid "ldap_ignore_unreadable_references (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 +#: sssd-ldap.5.xml:786 msgid "" "Ignore unreadable LDAP entries referenced in group's member attribute. If " "this parameter is set to false an error will be returned and the operation " @@ -6214,7 +6231,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:782 +#: sssd-ldap.5.xml:793 msgid "" "This parameter may be useful when using the AD provider and the computer " "account that sssd uses to connect to AD does not have access to a particular " @@ -6222,26 +6239,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:795 +#: sssd-ldap.5.xml:806 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:798 +#: sssd-ldap.5.xml:809 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 +#: sssd-ldap.5.xml:815 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:808 +#: sssd-ldap.5.xml:819 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6249,7 +6266,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:826 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6257,7 +6274,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:821 +#: sssd-ldap.5.xml:832 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -6265,41 +6282,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:838 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:831 +#: sssd-ldap.5.xml:842 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:837 +#: sssd-ldap.5.xml:848 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:840 +#: sssd-ldap.5.xml:851 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 sssd-ldap.5.xml:864 sssd-ldap.5.xml:905 +#: sssd-ldap.5.xml:856 sssd-ldap.5.xml:875 sssd-ldap.5.xml:916 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:852 +#: sssd-ldap.5.xml:863 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:866 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -6309,32 +6326,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:871 +#: sssd-ldap.5.xml:882 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:885 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 +#: sssd-ldap.5.xml:895 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:898 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:907 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:910 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -6342,12 +6359,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 +#: sssd-ldap.5.xml:923 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:926 msgid "" "Specifies that the id_provider connection must also use <systemitem " "class=\"protocol\">tls</systemitem> to protect the channel. <emphasis>true</" @@ -6355,12 +6372,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:937 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:940 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -6368,17 +6385,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:946 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:945 +#: sssd-ldap.5.xml:956 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:959 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -6389,24 +6406,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:960 +#: sssd-ldap.5.xml:971 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:966 +#: sssd-ldap.5.xml:977 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:969 +#: sssd-ldap.5.xml:980 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " "tested and supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 +#: sssd-ldap.5.xml:984 msgid "" "If the backend supports sub-domains the value of ldap_sasl_mech is " "automatically inherited to the sub-domains. If a different value is needed " @@ -6417,12 +6434,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:989 +#: sssd-ldap.5.xml:1000 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1001 +#: sssd-ldap.5.xml:1012 #, no-wrap msgid "" "hostname@REALM\n" @@ -6435,7 +6452,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:992 +#: sssd-ldap.5.xml:1003 msgid "" "Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " "this represents the Kerberos principal used for authentication to the " @@ -6447,17 +6464,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1012 +#: sssd-ldap.5.xml:1023 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1018 +#: sssd-ldap.5.xml:1029 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1032 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6465,49 +6482,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1038 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 +#: sssd-ldap.5.xml:1044 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 +#: sssd-ldap.5.xml:1047 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1041 +#: sssd-ldap.5.xml:1052 msgid "Default: false;" msgstr "Oletus: epätosi;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1047 +#: sssd-ldap.5.xml:1058 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1050 +#: sssd-ldap.5.xml:1061 msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 sssd-krb5.5.xml:247 +#: sssd-ldap.5.xml:1070 sssd-krb5.5.xml:247 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 +#: sssd-ldap.5.xml:1076 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 +#: sssd-ldap.5.xml:1079 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -6515,28 +6532,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1080 +#: sssd-ldap.5.xml:1091 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1094 msgid "" "Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1092 sssd-ad.5.xml:1253 +#: sssd-ldap.5.xml:1103 sssd-ad.5.xml:1256 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1098 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1109 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1101 +#: sssd-ldap.5.xml:1112 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6548,7 +6565,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1113 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1124 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6556,7 +6573,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1118 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1129 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -6564,39 +6581,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1127 sssd-ipa.5.xml:531 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1138 sssd-ipa.5.xml:595 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1130 +#: sssd-ldap.5.xml:1141 msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1134 +#: sssd-ldap.5.xml:1145 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1140 include/krb5_options.xml:154 +#: sssd-ldap.5.xml:1151 include/krb5_options.xml:154 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1143 +#: sssd-ldap.5.xml:1154 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1155 sssd-krb5.5.xml:336 +#: sssd-ldap.5.xml:1166 sssd-krb5.5.xml:336 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1158 sssd-krb5.5.xml:339 +#: sssd-ldap.5.xml:1169 sssd-krb5.5.xml:339 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -6606,7 +6623,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 sssd-krb5.5.xml:350 +#: sssd-ldap.5.xml:1180 sssd-krb5.5.xml:350 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -6614,26 +6631,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1183 +#: sssd-ldap.5.xml:1194 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1186 +#: sssd-ldap.5.xml:1197 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1202 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1196 +#: sssd-ldap.5.xml:1207 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -6642,7 +6659,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1204 +#: sssd-ldap.5.xml:1215 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -6650,31 +6667,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1213 +#: sssd-ldap.5.xml:1224 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1232 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1235 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 +#: sssd-ldap.5.xml:1239 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1233 +#: sssd-ldap.5.xml:1244 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6687,51 +6704,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1263 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1255 +#: sssd-ldap.5.xml:1266 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1259 +#: sssd-ldap.5.xml:1270 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1265 +#: sssd-ldap.5.xml:1276 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1279 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 +#: sssd-ldap.5.xml:1284 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1290 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 +#: sssd-ldap.5.xml:1293 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1288 +#: sssd-ldap.5.xml:1299 msgid "" "It is recommend to set this option explicitly if \"ldap_pwd_policy = " "shadow\" is used to let SSSD know if the LDAP server will update " @@ -6740,12 +6757,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1313 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1305 +#: sssd-ldap.5.xml:1316 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6761,12 +6778,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1336 msgid "Example:" msgstr "Esimerkki:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1328 +#: sssd-ldap.5.xml:1339 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6775,14 +6792,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1332 +#: sssd-ldap.5.xml:1343 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 +#: sssd-ldap.5.xml:1348 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6791,24 +6808,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1345 sssd-ldap.5.xml:1401 +#: sssd-ldap.5.xml:1356 sssd-ldap.5.xml:1412 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1351 +#: sssd-ldap.5.xml:1362 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1354 +#: sssd-ldap.5.xml:1365 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1358 +#: sssd-ldap.5.xml:1369 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6816,19 +6833,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1365 +#: sssd-ldap.5.xml:1376 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1368 +#: sssd-ldap.5.xml:1379 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1373 +#: sssd-ldap.5.xml:1384 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6837,7 +6854,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1380 +#: sssd-ldap.5.xml:1391 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6845,7 +6862,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1386 +#: sssd-ldap.5.xml:1397 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6854,7 +6871,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1394 +#: sssd-ldap.5.xml:1405 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6862,22 +6879,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1407 +#: sssd-ldap.5.xml:1418 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1410 sssd-ipa.5.xml:356 +#: sssd-ldap.5.xml:1421 sssd-ipa.5.xml:420 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 +#: sssd-ldap.5.xml:1425 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1417 +#: sssd-ldap.5.xml:1428 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6887,14 +6904,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1427 +#: sssd-ldap.5.xml:1438 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1434 +#: sssd-ldap.5.xml:1445 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6907,12 +6924,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1451 +#: sssd-ldap.5.xml:1462 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 sssd-ipa.5.xml:364 +#: sssd-ldap.5.xml:1466 sssd-ipa.5.xml:428 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6922,31 +6939,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1465 sssd-ipa.5.xml:374 +#: sssd-ldap.5.xml:1476 sssd-ipa.5.xml:438 msgid "" "The difference between these options is the action taken if user password is " "expired:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1470 sssd-ipa.5.xml:379 +#: sssd-ldap.5.xml:1481 sssd-ipa.5.xml:443 msgid "pwd_expire_policy_reject - user is denied to log in," msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1476 sssd-ipa.5.xml:385 +#: sssd-ldap.5.xml:1487 sssd-ipa.5.xml:449 msgid "pwd_expire_policy_warn - user is still able to log in," msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1482 sssd-ipa.5.xml:391 +#: sssd-ldap.5.xml:1493 sssd-ipa.5.xml:455 msgid "" "pwd_expire_policy_renew - user is prompted to change their password " "immediately." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1490 +#: sssd-ldap.5.xml:1501 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to shadow or mit_kerberos, these " @@ -6954,50 +6971,50 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1507 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1501 +#: sssd-ldap.5.xml:1512 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1505 +#: sssd-ldap.5.xml:1516 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1520 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1514 +#: sssd-ldap.5.xml:1525 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1528 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1524 +#: sssd-ldap.5.xml:1535 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 +#: sssd-ldap.5.xml:1538 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -7006,74 +7023,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:1546 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1538 +#: sssd-ldap.5.xml:1549 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1555 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1558 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1563 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1556 +#: sssd-ldap.5.xml:1567 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1561 +#: sssd-ldap.5.xml:1572 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1566 +#: sssd-ldap.5.xml:1577 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 +#: sssd-ldap.5.xml:1582 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1579 +#: sssd-ldap.5.xml:1590 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1593 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1586 +#: sssd-ldap.5.xml:1597 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -7084,7 +7101,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1597 +#: sssd-ldap.5.xml:1608 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -7092,58 +7109,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1609 sssd-ifp.5.xml:152 +#: sssd-ldap.5.xml:1620 sssd-ifp.5.xml:152 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1612 +#: sssd-ldap.5.xml:1623 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1616 +#: sssd-ldap.5.xml:1627 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1631 msgid "Default: 1000 (often the size of one page)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1626 +#: sssd-ldap.5.xml:1637 msgid "ldap_library_debug_level (integer)" msgstr "ldap_library_debug_level (integeri)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1629 +#: sssd-ldap.5.xml:1640 msgid "" "Switches on libldap debugging with the given level. The libldap debug " "messages will be written independent of the general debug_level." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1634 +#: sssd-ldap.5.xml:1645 msgid "" "OpenLDAP uses a bitmap to enable debugging for specific components, -1 will " "enable full debug output." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1639 +#: sssd-ldap.5.xml:1650 msgid "Default: 0 (libldap debugging disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1645 +#: sssd-ldap.5.xml:1656 msgid "ldap_use_ppolicy (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1659 msgid "" "Turns on requesting and relying on the server-side password policy controls. " "Disabling this allows interacting with services which send back invalid " @@ -7151,14 +7168,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1671 #, fuzzy #| msgid "ldap_library_debug_level (integer)" msgid "ldap_ppolicy_pwd_change_threshold (integer)" msgstr "ldap_library_debug_level (integeri)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1663 +#: sssd-ldap.5.xml:1674 msgid "" "Forces a password change when server side password policy controls are " "enabled and remaining grace logins returned by the server after the " @@ -7181,12 +7198,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1683 +#: sssd-ldap.5.xml:1694 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1685 +#: sssd-ldap.5.xml:1696 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -7194,43 +7211,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 +#: sssd-ldap.5.xml:1707 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 +#: sssd-ldap.5.xml:1710 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1715 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1709 +#: sssd-ldap.5.xml:1720 msgid "" "You can disable full refresh by setting this option to 0. However, either " "smart or full refresh must be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1725 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1720 +#: sssd-ldap.5.xml:1731 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1734 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest " @@ -7238,14 +7255,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1740 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1733 +#: sssd-ldap.5.xml:1744 msgid "" "<emphasis>Note:</emphasis> the highest USN value can be updated by three " "tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " @@ -7255,19 +7272,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1744 +#: sssd-ldap.5.xml:1755 msgid "" "You can disable smart refresh by setting this option to 0. However, either " "smart or full refresh must be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1755 +#: sssd-ldap.5.xml:1766 msgid "ldap_sudo_random_offset (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1758 +#: sssd-ldap.5.xml:1769 msgid "" "Random offset between 0 and configured value is added to smart and full " "refresh periods each time the periodic task is scheduled. The value is in " @@ -7275,7 +7292,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 +#: sssd-ldap.5.xml:1775 msgid "" "Note that this random offset is also applied on the first SSSD start which " "delays the first sudo rules refresh. This prolongs the time when the sudo " @@ -7283,106 +7300,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1770 +#: sssd-ldap.5.xml:1781 msgid "You can disable this offset by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1780 +#: sssd-ldap.5.xml:1791 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1794 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1794 +#: sssd-ldap.5.xml:1805 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1797 +#: sssd-ldap.5.xml:1808 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1813 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1807 sssd-ldap.5.xml:1830 sssd-ldap.5.xml:1848 -#: sssd-ldap.5.xml:1866 +#: sssd-ldap.5.xml:1818 sssd-ldap.5.xml:1841 sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1877 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1812 sssd-ldap.5.xml:1835 +#: sssd-ldap.5.xml:1823 sssd-ldap.5.xml:1846 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1818 +#: sssd-ldap.5.xml:1829 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1821 +#: sssd-ldap.5.xml:1832 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1826 +#: sssd-ldap.5.xml:1837 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1841 +#: sssd-ldap.5.xml:1852 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1855 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1870 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1862 +#: sssd-ldap.5.xml:1873 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:1872 +#: sssd-ldap.5.xml:1883 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1884 +#: sssd-ldap.5.xml:1895 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7391,59 +7408,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1894 +#: sssd-ldap.5.xml:1905 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1896 +#: sssd-ldap.5.xml:1907 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1913 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1905 +#: sssd-ldap.5.xml:1916 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1919 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1919 +#: sssd-ldap.5.xml:1930 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1926 +#: sssd-ldap.5.xml:1937 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1931 +#: sssd-ldap.5.xml:1942 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1936 +#: sssd-ldap.5.xml:1947 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:1941 +#: sssd-ldap.5.xml:1952 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:1943 +#: sssd-ldap.5.xml:1954 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -7452,22 +7469,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:1950 +#: sssd-ldap.5.xml:1961 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:1963 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1968 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1921 +#: sssd-ldap.5.xml:1932 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -7476,14 +7493,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1972 sssd-simple.5.xml:131 sssd-ipa.5.xml:930 -#: sssd-ad.5.xml:1392 sssd-krb5.5.xml:483 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:1983 sssd-simple.5.xml:131 sssd-ipa.5.xml:994 +#: sssd-ad.5.xml:1459 sssd-krb5.5.xml:483 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:155 sssd-session-recording.5.xml:176 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1974 +#: sssd-ldap.5.xml:1985 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -7491,7 +7508,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1980 +#: sssd-ldap.5.xml:1991 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7504,27 +7521,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:1979 sssd-ldap.5.xml:1997 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:938 sssd-ad.5.xml:1400 sssd-sudo.5.xml:56 sssd-krb5.5.xml:492 -#: sssd-files.5.xml:162 sssd-files.5.xml:173 sssd-session-recording.5.xml:182 -#: include/ldap_id_mapping.xml:105 +#: sssd-ldap.5.xml:1990 sssd-ldap.5.xml:2008 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:1002 sssd-ad.5.xml:1467 sssd-sudo.5.xml:56 +#: sssd-krb5.5.xml:492 sssd-files.5.xml:162 sssd-files.5.xml:173 +#: sssd-session-recording.5.xml:182 include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1991 +#: sssd-ldap.5.xml:2002 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1993 +#: sssd-ldap.5.xml:2004 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1998 +#: sssd-ldap.5.xml:2009 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7540,13 +7557,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2013 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1415 sssd.8.xml:270 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2024 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1482 sssd.8.xml:270 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2015 +#: sssd-ldap.5.xml:2026 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -9785,7 +9802,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 sssd-ad.5.xml:1182 +#: sssd-ipa.5.xml:129 sssd-ad.5.xml:1185 msgid "dyndns_update (boolean)" msgstr "" @@ -9800,7 +9817,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:141 sssd-ad.5.xml:1196 +#: sssd-ipa.5.xml:141 sssd-ad.5.xml:1199 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -9815,12 +9832,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:158 sssd-ad.5.xml:1207 +#: sssd-ipa.5.xml:158 sssd-ad.5.xml:1210 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:161 sssd-ad.5.xml:1210 +#: sssd-ipa.5.xml:161 sssd-ad.5.xml:1213 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -9841,12 +9858,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:178 sssd-ad.5.xml:1221 +#: sssd-ipa.5.xml:178 sssd-ad.5.xml:1224 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:181 sssd-ad.5.xml:1224 +#: sssd-ipa.5.xml:181 sssd-ad.5.xml:1227 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -9870,17 +9887,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:198 sssd-ad.5.xml:1235 +#: sssd-ipa.5.xml:198 sssd-ad.5.xml:1238 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:204 sssd-ad.5.xml:1291 +#: sssd-ipa.5.xml:204 sssd-ad.5.xml:1294 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:207 sssd-ad.5.xml:1294 +#: sssd-ipa.5.xml:207 sssd-ad.5.xml:1297 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -9888,17 +9905,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:213 sssd-ad.5.xml:1300 +#: sssd-ipa.5.xml:213 sssd-ad.5.xml:1303 msgid "Default: GSS-TSIG" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:219 sssd-ad.5.xml:1306 +#: sssd-ipa.5.xml:219 sssd-ad.5.xml:1309 msgid "dyndns_auth_ptr (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:222 sssd-ad.5.xml:1309 +#: sssd-ipa.5.xml:222 sssd-ad.5.xml:1312 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "PTR updates with the DNS server, insecure updates can be sent by setting " @@ -9906,7 +9923,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:228 sssd-ad.5.xml:1315 +#: sssd-ipa.5.xml:228 sssd-ad.5.xml:1318 msgid "Default: Same as dyndns_auth" msgstr "" @@ -9933,7 +9950,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1241 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1244 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -9946,12 +9963,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:276 sssd-ad.5.xml:1259 +#: sssd-ipa.5.xml:276 sssd-ad.5.xml:1262 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 sssd-ad.5.xml:1262 +#: sssd-ipa.5.xml:279 sssd-ad.5.xml:1265 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -9965,7 +9982,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:290 sssd-ad.5.xml:1267 +#: sssd-ipa.5.xml:290 sssd-ad.5.xml:1270 msgid "" "Note that <emphasis>dyndns_update_per_family</emphasis> parameter does not " "apply for PTR record updates. Those updates are always sent separately." @@ -9977,60 +9994,77 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1278 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1281 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:304 sssd-ad.5.xml:1281 +#: sssd-ipa.5.xml:304 sssd-ad.5.xml:1284 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:308 sssd-ad.5.xml:1285 +#: sssd-ipa.5.xml:308 sssd-ad.5.xml:1288 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:314 sssd-ad.5.xml:1321 +#: sssd-ipa.5.xml:314 sssd-ad.5.xml:1324 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1324 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1327 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 sssd-ad.5.xml:1329 +#: sssd-ipa.5.xml:322 sssd-ad.5.xml:1332 msgid "" "Setting this option makes sense for environments where the DNS server is " -"different from the identity server." +"different from the identity server or when we use encrypted DNS." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:327 sssd-ad.5.xml:1337 +msgid "" +"The parameter can be a simple string containing DNS name or IP address. It " +"can also be an URI. The URI can look like <emphasis>dns://servername/</" +"emphasis> or <emphasis>dns+tls://1.2.3.4:853#servername/</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:334 sssd-ad.5.xml:1344 +msgid "" +"The second example enables DNS-over-TLS protocol for DNS updates. The " +"nsupdate utility must support DoT - check the <emphasis>man nsupdate</" +"emphasis> before enabling it in SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:327 sssd-ad.5.xml:1334 +#: sssd-ipa.5.xml:340 sssd-ad.5.xml:1350 msgid "" "Please note that this option will be only used in fallback attempt when " -"previous attempt using autodetected settings failed." +"previous attempt using autodetected settings failed or when DNS-over-TLS is " +"enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:332 sssd-ad.5.xml:1339 +#: sssd-ipa.5.xml:346 sssd-ad.5.xml:1356 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:338 sssd-ad.5.xml:1345 +#: sssd-ipa.5.xml:352 sssd-ad.5.xml:1362 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:341 sssd-ad.5.xml:1348 +#: sssd-ipa.5.xml:355 sssd-ad.5.xml:1365 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -10038,177 +10072,237 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:353 +#: sssd-ipa.5.xml:367 sssd-ad.5.xml:1377 +msgid "dyndns_dot_cacert (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:370 sssd-ad.5.xml:1380 +msgid "" +"This option specifies the file of the certificate authorities certificates " +"(in PEM format) in order to verify the remote server TLS certificate when " +"using DoT." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:376 sssd-ad.5.xml:1386 +msgid "Default: None (use global certificate store)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:382 sssd-ad.5.xml:1392 +msgid "dyndns_dot_cert (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:385 sssd-ad.5.xml:1395 +msgid "" +"This option sets the certificate(s) file for authentication for the DoT " +"transport to the remote server. The certificate chain file is expected to be " +"in PEM format." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:391 sssd-ad.5.xml:1401 +msgid "" +"The <emphasis>dyndns_dot_cert</emphasis> and <emphasis>dyndns_dot_key</" +"emphasis> options must be both set to achieve mutual TLS authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:396 sssd-ipa.5.xml:411 sssd-ad.5.xml:1406 sssd-ad.5.xml:1421 +#, fuzzy +#| msgid "Default: not set (use of authentication indicators is not required)" +msgid "Default: None (Do not use TLS authentication)" +msgstr "Oletus: ei asetettu(todennusindikaattoreiden käyttöä ei vaadita)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:402 sssd-ad.5.xml:1412 +#, fuzzy +#| msgid "ldap_user_principal" +msgid "dyndns_dot_key (string)" +msgstr "ldap_user_principal" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:405 sssd-ad.5.xml:1415 +msgid "" +"This option sets the key file for authenticated encryption for the DoT " +"transport to the remote server. The private key file is expected to be in " +"PEM format." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:417 msgid "ipa_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:360 +#: sssd-ipa.5.xml:424 msgid "<emphasis>expire</emphasis>: use IPA's account expiration policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:399 +#: sssd-ipa.5.xml:463 msgid "" "Please note that 'access_provider = ipa' must be set for this feature to " "work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:406 +#: sssd-ipa.5.xml:470 msgid "ipa_deskprofile_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:409 +#: sssd-ipa.5.xml:473 msgid "" "Optional. Use the given string as search base for Desktop Profile related " "objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:413 sssd-ipa.5.xml:440 +#: sssd-ipa.5.xml:477 sssd-ipa.5.xml:504 msgid "Default: Use base DN" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:419 +#: sssd-ipa.5.xml:483 msgid "ipa_subid_ranges_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:422 +#: sssd-ipa.5.xml:486 msgid "" "Optional. Use the given string as search base for subordinate ranges related " "objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:426 +#: sssd-ipa.5.xml:490 msgid "Default: the value of <emphasis>cn=subids,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:433 +#: sssd-ipa.5.xml:497 msgid "ipa_hbac_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:436 +#: sssd-ipa.5.xml:500 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:446 +#: sssd-ipa.5.xml:510 msgid "ipa_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:449 +#: sssd-ipa.5.xml:513 msgid "Deprecated. Use ldap_host_search_base instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:455 +#: sssd-ipa.5.xml:519 msgid "ipa_selinux_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:458 +#: sssd-ipa.5.xml:522 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:474 +#: sssd-ipa.5.xml:538 msgid "ipa_subdomains_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:477 +#: sssd-ipa.5.xml:541 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 +#: sssd-ipa.5.xml:550 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:493 +#: sssd-ipa.5.xml:557 msgid "ipa_master_domain_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:496 +#: sssd-ipa.5.xml:560 msgid "Optional. Use the given string as search base for master domain object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:505 +#: sssd-ipa.5.xml:569 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 +#: sssd-ipa.5.xml:576 msgid "ipa_views_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 +#: sssd-ipa.5.xml:579 msgid "Optional. Use the given string as search base for views containers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:524 +#: sssd-ipa.5.xml:588 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:534 +#: sssd-ipa.5.xml:598 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:538 +#: sssd-ipa.5.xml:602 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:546 sssd-ad.5.xml:1363 +#: sssd-ipa.5.xml:610 sssd-ad.5.xml:1430 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:549 sssd-ad.5.xml:1366 +#: sssd-ipa.5.xml:613 sssd-ad.5.xml:1433 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:553 sssd-ad.5.xml:1370 +#: sssd-ipa.5.xml:617 sssd-ad.5.xml:1437 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:557 sssd-ad.5.xml:1374 +#: sssd-ipa.5.xml:621 sssd-ad.5.xml:1441 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:564 +#: sssd-ipa.5.xml:628 msgid "ipa_deskprofile_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:567 +#: sssd-ipa.5.xml:631 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server. This will reduce the latency and load on the IPA server if there " @@ -10216,34 +10310,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:574 sssd-ipa.5.xml:604 sssd-ipa.5.xml:620 sssd-ad.5.xml:600 +#: sssd-ipa.5.xml:638 sssd-ipa.5.xml:668 sssd-ipa.5.xml:684 sssd-ad.5.xml:600 msgid "Default: 5 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:580 +#: sssd-ipa.5.xml:644 msgid "ipa_deskprofile_request_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:583 +#: sssd-ipa.5.xml:647 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server in case the last request did not return any rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:588 +#: sssd-ipa.5.xml:652 msgid "Default: 60 (minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:594 +#: sssd-ipa.5.xml:658 msgid "ipa_hbac_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:597 +#: sssd-ipa.5.xml:661 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -10251,12 +10345,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:610 +#: sssd-ipa.5.xml:674 msgid "ipa_hbac_selinux (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:613 +#: sssd-ipa.5.xml:677 msgid "" "The amount of time between lookups of the SELinux maps against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -10264,33 +10358,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:626 +#: sssd-ipa.5.xml:690 msgid "ipa_server_mode (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:629 +#: sssd-ipa.5.xml:693 msgid "" "This option will be set by the IPA installer (ipa-server-install) " "automatically and denotes if SSSD is running on an IPA server or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:634 +#: sssd-ipa.5.xml:698 msgid "" "On an IPA server SSSD will lookup users and groups from trusted domains " "directly while on a client it will ask an IPA server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:639 +#: sssd-ipa.5.xml:703 msgid "" "NOTE: There are currently some assumptions that must be met when SSSD is " "running on an IPA server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:644 +#: sssd-ipa.5.xml:708 msgid "" "The <quote>ipa_server</quote> option must be configured to point to the IPA " "server itself. This is already the default set by the IPA installer, so no " @@ -10298,59 +10392,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:653 +#: sssd-ipa.5.xml:717 msgid "" "The <quote>full_name_format</quote> option must not be tweaked to only print " "short names for users from trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:668 +#: sssd-ipa.5.xml:732 msgid "ipa_automount_location (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:671 +#: sssd-ipa.5.xml:735 msgid "The automounter location this IPA client will be using" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:674 +#: sssd-ipa.5.xml:738 msgid "Default: The location named \"default\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:682 +#: sssd-ipa.5.xml:746 msgid "VIEWS AND OVERRIDES" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:691 +#: sssd-ipa.5.xml:755 msgid "ipa_view_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:694 +#: sssd-ipa.5.xml:758 msgid "Objectclass of the view container." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:697 +#: sssd-ipa.5.xml:761 msgid "Default: nsContainer" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:703 +#: sssd-ipa.5.xml:767 msgid "ipa_view_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:706 +#: sssd-ipa.5.xml:770 msgid "Name of the attribute holding the name of the view." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:710 sssd-ldap-attributes.5.xml:496 +#: sssd-ipa.5.xml:774 sssd-ldap-attributes.5.xml:496 #: sssd-ldap-attributes.5.xml:832 sssd-ldap-attributes.5.xml:913 #: sssd-ldap-attributes.5.xml:1010 sssd-ldap-attributes.5.xml:1068 #: sssd-ldap-attributes.5.xml:1226 sssd-ldap-attributes.5.xml:1271 @@ -10358,128 +10452,128 @@ msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:716 +#: sssd-ipa.5.xml:780 msgid "ipa_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:719 +#: sssd-ipa.5.xml:783 msgid "Objectclass of the override objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:722 +#: sssd-ipa.5.xml:786 msgid "Default: ipaOverrideAnchor" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:728 +#: sssd-ipa.5.xml:792 msgid "ipa_anchor_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:731 +#: sssd-ipa.5.xml:795 msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:735 +#: sssd-ipa.5.xml:799 msgid "Default: ipaAnchorUUID" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:741 +#: sssd-ipa.5.xml:805 msgid "ipa_user_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:744 +#: sssd-ipa.5.xml:808 msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:749 +#: sssd-ipa.5.xml:813 msgid "User overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:752 +#: sssd-ipa.5.xml:816 msgid "ldap_user_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:755 +#: sssd-ipa.5.xml:819 msgid "ldap_user_uid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:758 +#: sssd-ipa.5.xml:822 msgid "ldap_user_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:761 +#: sssd-ipa.5.xml:825 msgid "ldap_user_gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:764 +#: sssd-ipa.5.xml:828 msgid "ldap_user_home_directory" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:767 +#: sssd-ipa.5.xml:831 msgid "ldap_user_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:770 +#: sssd-ipa.5.xml:834 msgid "ldap_user_ssh_public_key" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:775 +#: sssd-ipa.5.xml:839 msgid "Default: ipaUserOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:781 +#: sssd-ipa.5.xml:845 msgid "ipa_group_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:784 +#: sssd-ipa.5.xml:848 msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:789 +#: sssd-ipa.5.xml:853 msgid "Group overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:792 +#: sssd-ipa.5.xml:856 msgid "ldap_group_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:795 +#: sssd-ipa.5.xml:859 msgid "ldap_group_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:800 +#: sssd-ipa.5.xml:864 msgid "Default: ipaGroupOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:684 +#: sssd-ipa.5.xml:748 msgid "" "SSSD can handle views and overrides which are offered by FreeIPA 4.1 and " "later version. Since all paths and objectclasses are fixed on the server " @@ -10489,19 +10583,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:812 +#: sssd-ipa.5.xml:876 msgid "SUBDOMAINS PROVIDER" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:814 +#: sssd-ipa.5.xml:878 msgid "" "The IPA subdomains provider behaves slightly differently if it is configured " "explicitly or implicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:818 +#: sssd-ipa.5.xml:882 msgid "" "If the option 'subdomains_provider = ipa' is found in the domain section of " "sssd.conf, the IPA subdomains provider is configured explicitly, and all " @@ -10509,7 +10603,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:824 +#: sssd-ipa.5.xml:888 msgid "" "If the option 'subdomains_provider' is not set in the domain section of sssd." "conf but there is the option 'id_provider = ipa', the IPA subdomains " @@ -10521,12 +10615,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:835 +#: sssd-ipa.5.xml:899 msgid "TRUSTED DOMAINS CONFIGURATION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:843 +#: sssd-ipa.5.xml:907 #, no-wrap msgid "" "[domain/ipa.domain.com/ad.domain.com]\n" @@ -10534,7 +10628,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:837 +#: sssd-ipa.5.xml:901 msgid "" "Some configuration options can also be set for a trusted domain. A trusted " "domain configuration can be set using the trusted domain subsection as shown " @@ -10544,80 +10638,80 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:848 +#: sssd-ipa.5.xml:912 msgid "" "For more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:855 +#: sssd-ipa.5.xml:919 msgid "" "Different configuration options are tunable for a trusted domain depending " "on whether you are configuring SSSD on an IPA server or an IPA client." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:860 +#: sssd-ipa.5.xml:924 msgid "OPTIONS TUNABLE ON IPA MASTERS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:862 +#: sssd-ipa.5.xml:926 msgid "" "The following options can be set in a subdomain section on an IPA master:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:866 sssd-ipa.5.xml:896 +#: sssd-ipa.5.xml:930 sssd-ipa.5.xml:960 msgid "ad_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:869 +#: sssd-ipa.5.xml:933 msgid "ad_backup_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:872 sssd-ipa.5.xml:899 +#: sssd-ipa.5.xml:936 sssd-ipa.5.xml:963 msgid "ad_site" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:875 +#: sssd-ipa.5.xml:939 msgid "ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:878 +#: sssd-ipa.5.xml:942 msgid "ldap_user_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:881 +#: sssd-ipa.5.xml:945 msgid "ldap_group_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:890 +#: sssd-ipa.5.xml:954 msgid "OPTIONS TUNABLE ON IPA CLIENTS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:892 +#: sssd-ipa.5.xml:956 msgid "" "The following options can be set in a subdomain section on an IPA client:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:904 +#: sssd-ipa.5.xml:968 msgid "" "Note that if both options are set, only <quote>ad_server</quote> is " "evaluated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:908 +#: sssd-ipa.5.xml:972 msgid "" "Since any request for a user or a group identity from a trusted domain " "triggered from an IPA client is resolved by the IPA server, the " @@ -10631,7 +10725,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:932 +#: sssd-ipa.5.xml:996 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10639,7 +10733,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:939 +#: sssd-ipa.5.xml:1003 #, no-wrap msgid "" "[domain/example.com]\n" @@ -11765,6 +11859,11 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:1136 +msgid "This option is deprecated." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1139 msgid "" "If this option is set to <quote>true</quote> SSSD will not filter out Domain " "Local groups from remote domains in the AD forest. By default they are " @@ -11775,7 +11874,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1146 +#: sssd-ad.5.xml:1149 msgid "" "Please note that setting this option to <quote>true</quote> will be against " "the intention of Domain Local group in Active Directory and <emphasis>SHOULD " @@ -11790,7 +11889,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1162 +#: sssd-ad.5.xml:1165 msgid "" "Given the comments above, if this option is set to <quote>true</quote> the " "tokenGroups request must be disabled by setting <quote>ldap_use_tokengroups</" @@ -11802,7 +11901,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1185 +#: sssd-ad.5.xml:1188 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -11813,19 +11912,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1215 +#: sssd-ad.5.xml:1218 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1231 +#: sssd-ad.5.xml:1234 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1244 +#: sssd-ad.5.xml:1247 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -11835,7 +11934,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1394 +#: sssd-ad.5.xml:1461 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -11843,7 +11942,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1401 +#: sssd-ad.5.xml:1468 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -11858,7 +11957,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1421 +#: sssd-ad.5.xml:1488 #, no-wrap msgid "" "access_provider = ldap\n" @@ -11867,7 +11966,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1417 +#: sssd-ad.5.xml:1484 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -11875,7 +11974,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1427 +#: sssd-ad.5.xml:1494 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -11885,7 +11984,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1435 +#: sssd-ad.5.xml:1502 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -17446,7 +17545,7 @@ msgstr "" #: include/ldap_id_mapping.xml:67 msgid "" "The SSSD ID-mapping algorithm takes a range of available UIDs and divides it " -"into equally-sized component sections - called \"slices\"-. Each slice " +"into equally-sized component sections - called \"slices\". Each slice " "represents the space available to an Active Directory domain." msgstr "" @@ -17591,7 +17690,7 @@ msgid "" "For example, if your most recently-added Active Directory user has " "objectSid=S-1-5-21-2153326666-2176343378-3404031434-1107, " "<quote>ldap_idmap_range_size</quote> must be at least 1108 as range size is " -"equal to maximal SID minus minimal SID plus one (e.g. 1108 = 1107 - 0 + 1)." +"equal to maximal RID minus minimal RID plus one (e.g. 1108 = 1107 - 0 + 1)." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> diff --git a/src/man/po/fr.po b/src/man/po/fr.po index bc8116a97f4..28f97ebadfd 100644 --- a/src/man/po/fr.po +++ b/src/man/po/fr.po @@ -17,7 +17,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 2.3.0\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2024-10-15 11:44+0200\n" +"POT-Creation-Date: 2024-12-10 14:33+0100\n" "PO-Revision-Date: 2020-07-22 07:49-0400\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: French (http://www.transifex.com/projects/p/sssd/language/" @@ -151,19 +151,19 @@ msgstr "" #| "<filename>sssd.conf</filename> must be a regular file, owned by root and " #| "only root may read from or write to the file." msgid "" -"<filename>sssd.conf</filename> must be a regular file that is owned, " -"readable, and writeable by the same user as configured to run SSSD service." +"<filename>sssd.conf</filename> must be a regular file that is accessible " +"only by the user used to run SSSD service or root." msgstr "" "<filename>sssd.conf</filename> doit être un fichier normal, appartenant à " "root, et seul root doit pouvoir écrire et lire ce fichier." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:67 +#: sssd.conf.5.xml:66 msgid "CONFIGURATION SNIPPETS FROM INCLUDE DIRECTORY" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:70 +#: sssd.conf.5.xml:69 msgid "" "The configuration file <filename>sssd.conf</filename> will include " "configuration snippets using the include directory <filename>conf.d</" @@ -171,7 +171,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:76 +#: sssd.conf.5.xml:75 msgid "" "Any file placed in <filename>conf.d</filename> that ends in " "<quote><filename>.conf</filename></quote> and does not begin with a dot " @@ -180,7 +180,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:84 +#: sssd.conf.5.xml:83 msgid "" "The configuration snippets from <filename>conf.d</filename> have higher " "priority than <filename>sssd.conf</filename> and will override " @@ -193,41 +193,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:98 +#: sssd.conf.5.xml:97 msgid "" "The snippet files require the same owner and permissions as <filename>sssd." "conf</filename>." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:104 +#: sssd.conf.5.xml:103 msgid "GENERAL OPTIONS" msgstr "OPTIONS GÉNÉRALES" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:106 +#: sssd.conf.5.xml:105 msgid "Following options are usable in more than one configuration sections." msgstr "" "Les options qui suivent peuvent être utilisées dans plus d'une section de " "configuration." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:110 +#: sssd.conf.5.xml:109 msgid "Options usable in all sections" msgstr "Options utilisables dans toutes les sections" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:114 +#: sssd.conf.5.xml:113 msgid "debug_level (integer)" msgstr "debug_level (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:118 +#: sssd.conf.5.xml:117 msgid "debug (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:121 +#: sssd.conf.5.xml:120 msgid "" "SSSD 1.14 and later also includes the <replaceable>debug</replaceable> alias " "for <replaceable>debug_level</replaceable> as a convenience feature. If both " @@ -236,12 +236,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:131 +#: sssd.conf.5.xml:130 msgid "debug_timestamps (bool)" msgstr "debug_timestamps (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:134 +#: sssd.conf.5.xml:133 msgid "" "Add a timestamp to the debug messages. If journald is enabled for SSSD " "debug logging this option is ignored." @@ -250,23 +250,23 @@ msgstr "" "la journalisation de débogage de SSSD, cette option sera ignorée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 sssd.conf.5.xml:176 sssd.conf.5.xml:338 -#: sssd.conf.5.xml:698 sssd.conf.5.xml:713 sssd.conf.5.xml:923 -#: sssd.conf.5.xml:1041 sssd.conf.5.xml:2169 sssd-ldap.5.xml:920 -#: sssd-ldap.5.xml:1074 sssd-ldap.5.xml:1177 sssd-ldap.5.xml:1246 -#: sssd-ldap.5.xml:1654 sssd-ldap.5.xml:1788 sssd-ldap.5.xml:1853 -#: sssd-ipa.5.xml:347 sssd-ad.5.xml:252 sssd-ad.5.xml:367 sssd-ad.5.xml:1201 -#: sssd-ad.5.xml:1354 sssd-krb5.5.xml:358 +#: sssd.conf.5.xml:138 sssd.conf.5.xml:175 sssd.conf.5.xml:337 +#: sssd.conf.5.xml:701 sssd.conf.5.xml:716 sssd.conf.5.xml:926 +#: sssd.conf.5.xml:1044 sssd.conf.5.xml:2172 sssd-ldap.5.xml:931 +#: sssd-ldap.5.xml:1085 sssd-ldap.5.xml:1188 sssd-ldap.5.xml:1257 +#: sssd-ldap.5.xml:1665 sssd-ldap.5.xml:1799 sssd-ldap.5.xml:1864 +#: sssd-ipa.5.xml:361 sssd-ad.5.xml:252 sssd-ad.5.xml:367 sssd-ad.5.xml:1204 +#: sssd-ad.5.xml:1371 sssd-krb5.5.xml:358 msgid "Default: true" msgstr "Par défaut : true" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:144 +#: sssd.conf.5.xml:143 msgid "debug_microseconds (bool)" msgstr "debug_microseconds (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:147 +#: sssd.conf.5.xml:146 msgid "" "Add microseconds to the timestamp in debug messages. If journald is enabled " "for SSSD debug logging this option is ignored." @@ -276,29 +276,29 @@ msgstr "" "sera ignorée." #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:152 sssd.conf.5.xml:636 sssd.conf.5.xml:920 -#: sssd.conf.5.xml:2072 sssd.conf.5.xml:2139 sssd.conf.5.xml:4231 -#: sssd-ldap.5.xml:313 sssd-ldap.5.xml:939 sssd-ldap.5.xml:1149 -#: sssd-ldap.5.xml:1603 sssd-ldap.5.xml:1877 sssd-ipa.5.xml:152 -#: sssd-ipa.5.xml:254 sssd-ipa.5.xml:662 sssd-ad.5.xml:1107 sssd-krb5.5.xml:268 +#: sssd.conf.5.xml:151 sssd.conf.5.xml:639 sssd.conf.5.xml:923 +#: sssd.conf.5.xml:2075 sssd.conf.5.xml:2142 sssd.conf.5.xml:4234 +#: sssd-ldap.5.xml:324 sssd-ldap.5.xml:950 sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1888 sssd-ipa.5.xml:152 +#: sssd-ipa.5.xml:254 sssd-ipa.5.xml:726 sssd-ad.5.xml:1107 sssd-krb5.5.xml:268 #: sssd-krb5.5.xml:330 sssd-krb5.5.xml:432 include/krb5_options.xml:163 msgid "Default: false" msgstr "Par défaut : false" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:157 +#: sssd.conf.5.xml:156 #, fuzzy #| msgid "debug_microseconds (bool)" msgid "debug_backtrace_enabled (bool)" msgstr "debug_microseconds (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:160 +#: sssd.conf.5.xml:159 msgid "Enable debug backtrace." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:163 +#: sssd.conf.5.xml:162 msgid "" "In case SSSD is run with debug_level less than 9, everything is logged to a " "ring buffer in memory and flushed to a log file on any error up to and " @@ -308,15 +308,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:172 +#: sssd.conf.5.xml:171 msgid "" "Feature is only supported for `logger == files` (i.e. setting doesn't have " "effect for other logger types)." msgstr "" #. type: Content of: outside any tag (error?) -#: sssd.conf.5.xml:112 sssd.conf.5.xml:187 sssd-ldap.5.xml:1694 -#: sssd-ldap.5.xml:1900 sss-certmap.5.xml:645 sssd-systemtap.5.xml:82 +#: sssd.conf.5.xml:111 sssd.conf.5.xml:186 sssd-ldap.5.xml:1705 +#: sssd-ldap.5.xml:1911 sss-certmap.5.xml:645 sssd-systemtap.5.xml:82 #: sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 #: sssd-systemtap.5.xml:330 sssd-ldap-attributes.5.xml:40 #: sssd-ldap-attributes.5.xml:661 sssd-ldap-attributes.5.xml:803 @@ -328,17 +328,17 @@ msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:185 +#: sssd.conf.5.xml:184 msgid "Options usable in SERVICE and DOMAIN sections" msgstr "Options utilisables dans les sections SERVICE et DOMAIN" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:189 +#: sssd.conf.5.xml:188 msgid "timeout (integer)" msgstr "timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:192 +#: sssd.conf.5.xml:191 msgid "" "Timeout in seconds between heartbeats for this service. This is used to " "ensure that the process is alive and capable of answering requests. Note " @@ -346,33 +346,33 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:199 sssd.conf.5.xml:1261 sssd.conf.5.xml:1738 -#: sssd.conf.5.xml:4247 sssd-ldap.5.xml:766 include/ldap_id_mapping.xml:270 +#: sssd.conf.5.xml:198 sssd.conf.5.xml:1264 sssd.conf.5.xml:1741 +#: sssd.conf.5.xml:4250 sssd-ldap.5.xml:777 include/ldap_id_mapping.xml:270 msgid "Default: 10" msgstr "Par défaut : 10" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:209 +#: sssd.conf.5.xml:208 msgid "SPECIAL SECTIONS" msgstr "SECTIONS SPÉCIALES" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:212 +#: sssd.conf.5.xml:211 msgid "The [sssd] section" msgstr "La section [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><title> -#: sssd.conf.5.xml:221 +#: sssd.conf.5.xml:220 msgid "Section parameters" msgstr "Paramètres de sections" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:223 +#: sssd.conf.5.xml:222 msgid "services" msgstr "services" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:226 +#: sssd.conf.5.xml:225 msgid "" "Comma separated list of services that are started when sssd itself starts. " "<phrase condition=\"have_systemd\"> The services' list is optional on " @@ -381,7 +381,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:235 +#: sssd.conf.5.xml:234 #, fuzzy #| msgid "" #| "Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</" @@ -402,7 +402,7 @@ msgstr "" "condition=\"with_ifp\">, ifp</phrase>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:242 +#: sssd.conf.5.xml:241 msgid "" "<phrase condition=\"have_systemd\"> By default, all services are disabled " "and the administrator must enable the ones allowed to be used by executing: " @@ -410,12 +410,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:251 +#: sssd.conf.5.xml:250 msgid "domains" msgstr "domaines" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:254 +#: sssd.conf.5.xml:253 msgid "" "A domain is a database containing user information. SSSD can use more " "domains at the same time, but at least one must be configured or SSSD won't " @@ -426,12 +426,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:267 sssd.conf.5.xml:3535 +#: sssd.conf.5.xml:266 sssd.conf.5.xml:3538 msgid "re_expression (string)" msgstr "re_expression (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:270 +#: sssd.conf.5.xml:269 msgid "" "Default regular expression that describes how to parse the string containing " "user name and domain into these components." @@ -440,7 +440,7 @@ msgstr "" "contenant le nom d'utilisateur et de domaine dans ces composants." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:275 +#: sssd.conf.5.xml:274 msgid "" "Each domain can have an individual regular expression configured. For some " "ID providers there are also default regular expressions. See DOMAIN SECTIONS " @@ -448,12 +448,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:284 sssd.conf.5.xml:3592 +#: sssd.conf.5.xml:283 sssd.conf.5.xml:3595 msgid "full_name_format (string)" msgstr "full_name_format (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:3595 +#: sssd.conf.5.xml:286 sssd.conf.5.xml:3598 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -465,33 +465,33 @@ msgstr "" "domaine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:298 sssd.conf.5.xml:3606 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:3609 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 sssd.conf.5.xml:3607 +#: sssd.conf.5.xml:298 sssd.conf.5.xml:3610 msgid "user name" msgstr "nom d'utilisateur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:302 sssd.conf.5.xml:3610 +#: sssd.conf.5.xml:301 sssd.conf.5.xml:3613 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:305 sssd.conf.5.xml:3613 +#: sssd.conf.5.xml:304 sssd.conf.5.xml:3616 msgid "domain name as specified in the SSSD config file." msgstr "" "nom de domaine tel qu'indiqué dans le fichier de configuration de SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:311 sssd.conf.5.xml:3619 +#: sssd.conf.5.xml:310 sssd.conf.5.xml:3622 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:314 sssd.conf.5.xml:3622 +#: sssd.conf.5.xml:313 sssd.conf.5.xml:3625 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." @@ -501,7 +501,7 @@ msgstr "" "d'approbation IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:295 sssd.conf.5.xml:3603 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:3606 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -510,31 +510,31 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:324 +#: sssd.conf.5.xml:323 msgid "" "Each domain can have an individual format string configured. See DOMAIN " "SECTIONS for more info on this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:330 +#: sssd.conf.5.xml:329 msgid "monitor_resolv_conf (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:333 +#: sssd.conf.5.xml:332 msgid "" "Controls if SSSD should monitor the state of resolv.conf to identify when it " "needs to update its internal DNS resolver." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:343 +#: sssd.conf.5.xml:342 msgid "try_inotify (boolean)" msgstr "try_inotify (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:346 +#: sssd.conf.5.xml:345 msgid "" "By default, SSSD will attempt to use inotify to monitor configuration files " "changes and will fall back to polling every five seconds if inotify cannot " @@ -542,7 +542,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:352 +#: sssd.conf.5.xml:351 msgid "" "There are some limited situations where it is preferred that we should skip " "even trying to use inotify. In these rare cases, this option should be set " @@ -552,7 +552,7 @@ msgstr "" "conseillée. Dans ces rares cas, cette option devrait être définie à « false »" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:358 +#: sssd.conf.5.xml:357 msgid "" "Default: true on platforms where inotify is supported. False on other " "platforms." @@ -561,7 +561,7 @@ msgstr "" "sur les autres plates-formes." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:362 +#: sssd.conf.5.xml:361 msgid "" "Note: this option will have no effect on platforms where inotify is " "unavailable. On these platforms, polling will always be used." @@ -571,12 +571,12 @@ msgstr "" "utilisée." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 +#: sssd.conf.5.xml:368 msgid "krb5_rcache_dir (string)" msgstr "krb5_rcache_dir (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 +#: sssd.conf.5.xml:371 msgid "" "Directory on the filesystem where SSSD should store Kerberos replay cache " "files." @@ -585,7 +585,7 @@ msgstr "" "de rejeu Kerberos." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:376 +#: sssd.conf.5.xml:375 msgid "" "This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " "SSSD to let libkrb5 decide the appropriate location for the replay cache." @@ -595,7 +595,7 @@ msgstr "" "relecture." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:382 +#: sssd.conf.5.xml:381 msgid "" "Default: Distribution-specific and specified at build-time. " "(__LIBKRB5_DEFAULTS__ if not configured)" @@ -604,12 +604,12 @@ msgstr "" "la construction du logiciel. (__LIBKRB5_DEFAULTS__ si non configuré)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:389 +#: sssd.conf.5.xml:388 msgid "user (string)" msgstr "user (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:392 +#: sssd.conf.5.xml:391 msgid "" "A legacy (deprecated) method to configure the user to drop the privileges to " "where appropriate to avoid running as the root user. The only supported " @@ -617,14 +617,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 +#: sssd.conf.5.xml:398 msgid "" "This option is ignored if main SSSD process is started under non-root user " "initially (preferred method)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:404 +#: sssd.conf.5.xml:403 msgid "" "This option doesn't apply to socket activated services, as in this case the " "user to run the processes is configured in systemd service files. Keep in " @@ -634,17 +634,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:415 +#: sssd.conf.5.xml:414 msgid "Default: not set, process will run as root" msgstr "Par défaut : non défini, le processus tourne en tant que root" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:420 +#: sssd.conf.5.xml:419 msgid "default_domain_suffix (string)" msgstr "default_domain_suffix (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:423 +#: sssd.conf.5.xml:422 +msgid "" +"Please note that this option is deprecated and domain_resolution_order " +"should be used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:426 msgid "" "This string will be used as a default domain name for all names without a " "domain name component. The main use case is environments where the primary " @@ -660,7 +667,7 @@ msgstr "" "domaine." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 +#: sssd.conf.5.xml:436 msgid "" "Please note that if this option is set all users from the primary domain " "have to use their fully qualified name, e.g. user@domain.name, to log in. " @@ -673,8 +680,8 @@ msgid "" msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:450 sssd-ldap.5.xml:878 sssd-ldap.5.xml:890 -#: sssd-ldap.5.xml:983 sssd-ad.5.xml:921 sssd-ad.5.xml:996 sssd-krb5.5.xml:468 +#: sssd.conf.5.xml:453 sssd-ldap.5.xml:889 sssd-ldap.5.xml:901 +#: sssd-ldap.5.xml:994 sssd-ad.5.xml:921 sssd-ad.5.xml:996 sssd-krb5.5.xml:468 #: sssd-ldap-attributes.5.xml:470 sssd-ldap-attributes.5.xml:978 #: include/ldap_id_mapping.xml:211 include/ldap_id_mapping.xml:222 #: include/krb5_options.xml:148 @@ -682,12 +689,12 @@ msgid "Default: not set" msgstr "Par défaut : non défini" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:455 +#: sssd.conf.5.xml:458 msgid "override_space (string)" msgstr "override_space (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:458 +#: sssd.conf.5.xml:461 msgid "" "This parameter will replace spaces (space bar) with the given character for " "user and group names. e.g. (_). User name "john doe" will be " @@ -703,7 +710,7 @@ msgstr "" "défaut de l'interpréteur de commande." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:467 +#: sssd.conf.5.xml:470 msgid "" "Please note it is a configuration error to use a replacement character that " "might be used in user or group names. If a name contains the replacement " @@ -712,22 +719,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:475 +#: sssd.conf.5.xml:478 msgid "Default: not set (spaces will not be replaced)" msgstr "Par défaut : non défini (les espaces ne seront pas remplacées)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:480 +#: sssd.conf.5.xml:483 msgid "certificate_verification (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:488 +#: sssd.conf.5.xml:491 msgid "no_ocsp" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:490 +#: sssd.conf.5.xml:493 msgid "" "Disables Online Certificate Status Protocol (OCSP) checks. This might be " "needed if the OCSP servers defined in the certificate are not reachable from " @@ -735,12 +742,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:498 +#: sssd.conf.5.xml:501 msgid "soft_ocsp" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:500 +#: sssd.conf.5.xml:503 msgid "" "If a connection cannot be established to an OCSP responder the OCSP check is " "skipped. This option should be used to allow authentication when the system " @@ -748,61 +755,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:510 +#: sssd.conf.5.xml:513 msgid "ocsp_dgst" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:512 +#: sssd.conf.5.xml:515 msgid "" "Digest (hash) function used to create the certificate ID for the OCSP " "request. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:516 +#: sssd.conf.5.xml:519 msgid "sha1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:517 +#: sssd.conf.5.xml:520 msgid "sha256" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:518 +#: sssd.conf.5.xml:521 msgid "sha384" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:519 +#: sssd.conf.5.xml:522 msgid "sha512" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:522 +#: sssd.conf.5.xml:525 msgid "Default: sha1 (to allow compatibility with RFC5019-compliant responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:528 +#: sssd.conf.5.xml:531 msgid "no_verification" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:530 +#: sssd.conf.5.xml:533 msgid "" "Disables verification completely. This option should only be used for " "testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:536 +#: sssd.conf.5.xml:539 msgid "partial_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:538 +#: sssd.conf.5.xml:541 msgid "" "Allow verification to succeed even if a <replaceable>complete</replaceable> " "chain cannot be built to a self-signed trust-anchor, provided it is possible " @@ -810,12 +817,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:547 +#: sssd.conf.5.xml:550 msgid "ocsp_default_responder=URL" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:549 +#: sssd.conf.5.xml:552 msgid "" "Sets the OCSP default responder which should be used instead of the one " "mentioned in the certificate. URL must be replaced with the URL of the OCSP " @@ -823,24 +830,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:559 +#: sssd.conf.5.xml:562 msgid "ocsp_default_responder_signing_cert=NAME" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:561 +#: sssd.conf.5.xml:564 msgid "" "This option is currently ignored. All needed certificates must be available " "in the PEM file given by pam_cert_db_path." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:569 +#: sssd.conf.5.xml:572 msgid "crl_file=/PATH/TO/CRL/FILE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:571 +#: sssd.conf.5.xml:574 #, fuzzy #| msgid "" #| "Please refer to the <quote>dns_discovery_domain</quote> parameter in the " @@ -857,12 +864,12 @@ msgstr "" "manvolnum></citerefentry> pour plus de détails." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:584 +#: sssd.conf.5.xml:587 msgid "soft_crl" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:587 +#: sssd.conf.5.xml:590 msgid "" "If a Certificate Revocation List (CRL) is expired ignore the expiration " "time of the CRL and check the related certificates with the expired CRL. " @@ -871,7 +878,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:483 +#: sssd.conf.5.xml:486 msgid "" "With this parameter the certificate verification can be tuned with a comma " "separated list of options. Supported options are: <placeholder " @@ -879,58 +886,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 +#: sssd.conf.5.xml:603 msgid "Unknown options are reported but ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:603 +#: sssd.conf.5.xml:606 msgid "Default: not set, i.e. do not restrict certificate verification" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:609 +#: sssd.conf.5.xml:612 msgid "disable_netlink (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:612 +#: sssd.conf.5.xml:615 msgid "" "SSSD hooks into the netlink interface to monitor changes to routes, " "addresses, links and trigger certain actions." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 +#: sssd.conf.5.xml:620 msgid "" "The SSSD state changes caused by netlink events may be undesirable and can " "be disabled by setting this option to 'true'" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:622 +#: sssd.conf.5.xml:625 msgid "Default: false (netlink changes are detected)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:627 +#: sssd.conf.5.xml:630 msgid "enable_files_domain (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:630 +#: sssd.conf.5.xml:633 msgid "" "When this option is enabled, SSSD prepends an implicit domain with " "<quote>id_provider=files</quote> before any explicitly configured domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:641 +#: sssd.conf.5.xml:644 msgid "domain_resolution_order" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:644 +#: sssd.conf.5.xml:647 msgid "" "Comma separated list of domains and subdomains representing the lookup order " "that will be followed. The list doesn't have to include all possible " @@ -941,7 +948,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:656 +#: sssd.conf.5.xml:659 msgid "" "Please, note that when this option is set the output format of all commands " "is always fully-qualified even when using short names for input <phrase " @@ -959,20 +966,20 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:684 sssd.conf.5.xml:1762 sssd.conf.5.xml:4297 +#: sssd.conf.5.xml:687 sssd.conf.5.xml:1765 sssd.conf.5.xml:4300 #: sssd-ad.5.xml:187 sssd-ad.5.xml:328 sssd-ad.5.xml:342 msgid "Default: Not set" msgstr "Par défaut : non défini" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:692 #, fuzzy #| msgid "ipa_server_mode (boolean)" msgid "implicit_pac_responder (boolean)" msgstr "ipa_server_mode (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 +#: sssd.conf.5.xml:695 msgid "" "The PAC responder is enabled automatically for the IPA and AD provider to " "evaluate and check the PAC. If it has to be disabled set this option to " @@ -980,14 +987,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:703 +#: sssd.conf.5.xml:706 #, fuzzy #| msgid "ad_enable_gc (boolean)" msgid "core_dumpable (boolean)" msgstr "ad_enable_gc (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:706 +#: sssd.conf.5.xml:709 msgid "" "This option can be used for general system hardening: setting it to 'false' " "forbids core dumps for all SSSD processes to avoid leaking plain text " @@ -995,28 +1002,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:718 +#: sssd.conf.5.xml:721 #, fuzzy #| msgid "ldap_user_certificate (string)" msgid "passkey_verification (string)" msgstr "ldap_user_certificate (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:726 +#: sssd.conf.5.xml:729 #, fuzzy #| msgid "ldap_user_certificate (string)" msgid "user_verification (boolean)" msgstr "ldap_user_certificate (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 +#: sssd.conf.5.xml:731 msgid "" "Enable or disable the user verification (i.e. PIN, fingerprint) during " "authentication. If enabled, the PIN will always be requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 +#: sssd.conf.5.xml:737 msgid "" "The default is that the key settings decide what to do. In the IPA or " "kerberos pre-authentication case, this value will be overwritten by the " @@ -1024,7 +1031,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:721 +#: sssd.conf.5.xml:724 #, fuzzy #| msgid "" #| "The following expansions are supported: <placeholder " @@ -1038,7 +1045,7 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:214 +#: sssd.conf.5.xml:213 msgid "" "Individual pieces of SSSD functionality are provided by special SSSD " "services that are started and stopped together with SSSD. The services are " @@ -1055,12 +1062,12 @@ msgstr "" "l'identité des domaines. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:753 +#: sssd.conf.5.xml:756 msgid "SERVICES SECTIONS" msgstr "SECTIONS DE SERVICES" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:755 +#: sssd.conf.5.xml:758 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -1073,22 +1080,22 @@ msgstr "" "section doit être <quote>[nss]</quote>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:762 +#: sssd.conf.5.xml:765 msgid "General service configuration options" msgstr "Options générales de configuration de service" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:764 +#: sssd.conf.5.xml:767 msgid "These options can be used to configure any service." msgstr "Ces options peuvent être utilisées pour configurer les services." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:768 +#: sssd.conf.5.xml:771 msgid "fd_limit" msgstr "fd_limit" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:771 +#: sssd.conf.5.xml:774 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -1103,17 +1110,17 @@ msgstr "" "valeur inférieure ou la limite « hard » de limits.conf." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:780 +#: sssd.conf.5.xml:783 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "Par défault : 8192 (ou la limite « hard » de limits.conf)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:785 +#: sssd.conf.5.xml:788 msgid "client_idle_timeout" msgstr "client_idle_timeout" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:788 +#: sssd.conf.5.xml:791 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " @@ -1123,19 +1130,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:797 +#: sssd.conf.5.xml:800 #, fuzzy #| msgid "Default: 300" msgid "Default: 60, KCM: 300" msgstr "Par défaut : 300" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 +#: sssd.conf.5.xml:805 msgid "offline_timeout (integer)" msgstr "offline_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 +#: sssd.conf.5.xml:808 msgid "" "When SSSD switches to offline mode the amount of time before it tries to go " "back online will increase based upon the time spent disconnected. By " @@ -1146,14 +1153,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:816 sssd.conf.5.xml:872 +#: sssd.conf.5.xml:819 sssd.conf.5.xml:875 msgid "" "new_delay = Minimum(old_delay * 2, offline_timeout_max) + random[0..." "offline_timeout_random_offset]" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:822 msgid "" "The offline_timeout default value is 60. The offline_timeout_max default " "value is 3600. The offline_timeout_random_offset default value is 30. The " @@ -1161,46 +1168,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:825 +#: sssd.conf.5.xml:828 msgid "" "Note that the maximum length of each interval is defined by " "offline_timeout_max (apart of random part)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:829 sssd.conf.5.xml:1172 sssd.conf.5.xml:1555 -#: sssd.conf.5.xml:1851 sssd-ldap.5.xml:495 +#: sssd.conf.5.xml:832 sssd.conf.5.xml:1175 sssd.conf.5.xml:1558 +#: sssd.conf.5.xml:1854 sssd-ldap.5.xml:506 msgid "Default: 60" msgstr "Par défaut : 60" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:834 +#: sssd.conf.5.xml:837 #, fuzzy #| msgid "offline_timeout (integer)" msgid "offline_timeout_max (integer)" msgstr "offline_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:837 +#: sssd.conf.5.xml:840 msgid "" "Controls by how much the time between attempts to go online can be " "incremented following unsuccessful attempts to go online." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:842 +#: sssd.conf.5.xml:845 msgid "A value of 0 disables the incrementing behaviour." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:845 +#: sssd.conf.5.xml:848 msgid "" "The value of this parameter should be set in correlation to offline_timeout " "parameter value." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:849 +#: sssd.conf.5.xml:852 msgid "" "With offline_timeout set to 60 (default value) there is no point in setting " "offlinet_timeout_max to less than 120 as it will saturate instantly. General " @@ -1209,66 +1216,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:858 msgid "" "Although a value between 0 and offline_timeout may be specified, it has the " "effect of overriding the offline_timeout value so is of little use." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:863 #, fuzzy #| msgid "Default: 300" msgid "Default: 3600" msgstr "Par défaut : 300" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:865 +#: sssd.conf.5.xml:868 #, fuzzy #| msgid "offline_timeout + random_offset" msgid "offline_timeout_random_offset (integer)" msgstr "offline_timeout + random_offset" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:868 +#: sssd.conf.5.xml:871 msgid "" "When SSSD is in offline mode it keeps probing backend servers in specified " "time intervals:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:875 +#: sssd.conf.5.xml:878 msgid "" "This parameter controls the value of the random offset used for the above " "equation. Final random_offset value will be random number in range:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:880 +#: sssd.conf.5.xml:883 #, fuzzy #| msgid "offline_timeout + random_offset" msgid "[0 - offline_timeout_random_offset]" msgstr "offline_timeout + random_offset" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:883 +#: sssd.conf.5.xml:886 msgid "A value of 0 disables the random offset addition." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:886 +#: sssd.conf.5.xml:889 #, fuzzy #| msgid "Default: 300" msgid "Default: 30" msgstr "Par défaut : 300" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:894 msgid "responder_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:894 +#: sssd.conf.5.xml:897 msgid "" "This option specifies the number of seconds that an SSSD responder process " "can be up without being used. This value is limited in order to avoid " @@ -1280,30 +1287,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:908 sssd.conf.5.xml:1185 sssd.conf.5.xml:2304 -#: sssd-ldap.5.xml:332 +#: sssd.conf.5.xml:911 sssd.conf.5.xml:1188 sssd.conf.5.xml:2307 +#: sssd-ldap.5.xml:343 msgid "Default: 300" msgstr "Par défaut : 300" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:913 +#: sssd.conf.5.xml:916 msgid "cache_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:916 +#: sssd.conf.5.xml:919 msgid "" "This option specifies whether the responder should query all caches before " "querying the Data Providers." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:934 msgid "NSS configuration options" msgstr "Options de configuration NSS" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:933 +#: sssd.conf.5.xml:936 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" @@ -1311,12 +1318,12 @@ msgstr "" "Switch (NSS)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:938 +#: sssd.conf.5.xml:941 msgid "enum_cache_timeout (integer)" msgstr "enum_cache_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:941 +#: sssd.conf.5.xml:944 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" @@ -1325,17 +1332,17 @@ msgstr "" "énumérations (requêtes sur les informations de tous les utilisateurs)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:945 +#: sssd.conf.5.xml:948 msgid "Default: 120" msgstr "Par défaut : 120" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:950 +#: sssd.conf.5.xml:953 msgid "entry_cache_nowait_percentage (integer)" msgstr "entry_cache_nowait_percentage (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:956 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -1346,7 +1353,7 @@ msgstr "" "valeur de entry_cache_timeout pour le domaine." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:959 +#: sssd.conf.5.xml:962 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -1362,7 +1369,7 @@ msgstr "" "cache." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:969 +#: sssd.conf.5.xml:972 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -1375,17 +1382,17 @@ msgstr "" "de non réponse à moins de 10 secondes (0 pour désactiver l'option)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:977 sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:980 sssd.conf.5.xml:2096 msgid "Default: 50" msgstr "Par défaut : 50" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:985 msgid "entry_negative_timeout (integer)" msgstr "entry_negative_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:985 +#: sssd.conf.5.xml:988 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -1397,17 +1404,17 @@ msgstr "" "appel au moteur." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:991 sssd.conf.5.xml:1750 sssd.conf.5.xml:2117 +#: sssd.conf.5.xml:994 sssd.conf.5.xml:1753 sssd.conf.5.xml:2120 msgid "Default: 15" msgstr "Par défaut : 15" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:996 +#: sssd.conf.5.xml:999 msgid "local_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:999 +#: sssd.conf.5.xml:1002 msgid "" "Specifies for how many seconds nss_sss should keep local users and groups in " "negative cache before trying to look it up in the back end again. Setting " @@ -1415,17 +1422,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1005 +#: sssd.conf.5.xml:1008 msgid "Default: 14400 (4 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1013 msgid "filter_users, filter_groups (string)" msgstr "filter_users, filter_groups (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1013 +#: sssd.conf.5.xml:1016 msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " @@ -1434,7 +1441,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1024 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1443,17 +1450,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1029 +#: sssd.conf.5.xml:1032 msgid "Default: root" msgstr "Par défaut : root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1037 msgid "filter_users_in_groups (bool)" msgstr "filter_users_in_groups (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1037 +#: sssd.conf.5.xml:1040 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" @@ -1461,12 +1468,12 @@ msgstr "" "membres de groupes." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1048 +#: sssd.conf.5.xml:1051 msgid "fallback_homedir (string)" msgstr "fallback_homedir (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 +#: sssd.conf.5.xml:1054 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." @@ -1475,7 +1482,7 @@ msgstr "" "explicitement spécifié par le fournisseur de données du domaine." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1056 +#: sssd.conf.5.xml:1059 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" @@ -1483,7 +1490,7 @@ msgstr "" "override_homedir." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1062 +#: sssd.conf.5.xml:1065 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1493,25 +1500,25 @@ msgstr "" " " #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 sssd.conf.5.xml:1622 sssd.conf.5.xml:1641 -#: sssd.conf.5.xml:1718 sssd-krb5.5.xml:451 include/override_homedir.xml:66 +#: sssd.conf.5.xml:1063 sssd.conf.5.xml:1625 sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1721 sssd-krb5.5.xml:451 include/override_homedir.xml:66 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "exemple : <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1069 msgid "Default: not set (no substitution for unset home directories)" msgstr "" "Par défaut : non défini (aucune substitution pour les répertoires d'accueil " "non définis)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1072 +#: sssd.conf.5.xml:1075 msgid "override_shell (string)" msgstr "override_shell (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 +#: sssd.conf.5.xml:1078 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1523,17 +1530,17 @@ msgstr "" "section [nss], soit par domaine." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1084 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "Par défaut : indéfini (SSSD utilisera la valeur récupérée de LDAP)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1090 msgid "allowed_shells (string)" msgstr "allowed_shells (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1093 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" @@ -1541,24 +1548,24 @@ msgstr "" "indiquées. L'ordre d'évaluation est :" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:1096 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" "1. Si l'interpréteur de commandes est présent dans <quote>/etc/shells</" "quote>, il est utilisé." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1097 +#: sssd.conf.5.xml:1100 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" "2. Si l'interpréteur de commandes est dans la liste « allowed_shells » mais " -"n'est pas dans <quote>/etc/shells</quote>, la valeur de repli de « " -"shell_fallback » sera utilisée." +"n'est pas dans <quote>/etc/shells</quote>, la valeur de repli de " +"« shell_fallback » sera utilisée." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1105 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." @@ -1567,12 +1574,12 @@ msgstr "" "ni dans <quote>/etc/shells</quote>, une connexion sans shell est utilisée." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 +#: sssd.conf.5.xml:1110 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1110 +#: sssd.conf.5.xml:1113 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1580,14 +1587,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1117 +#: sssd.conf.5.xml:1120 msgid "An empty string for shell is passed as-is to libc." msgstr "" "Une chaîne vide pour l'interpréteur de commandes est passée telle quelle est " "à la libc." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1123 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." @@ -1597,31 +1604,31 @@ msgstr "" "est installé." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1127 msgid "Default: Not set. The user shell is automatically used." msgstr "" "Par défaut : non défini. L'interpréteur de commandes de l'utilisateur est " "utilisé automatiquement." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1132 msgid "vetoed_shells (string)" msgstr "vetoed_shells (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1132 +#: sssd.conf.5.xml:1135 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" "Remplace toutes les occurences de ces interpréteurs de commandes par " "l'interpréteur de commandes par défaut" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1140 msgid "shell_fallback (string)" msgstr "shell_fallback (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1143 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" @@ -1629,17 +1636,17 @@ msgstr "" "commandes autorisé n'est pas installé sur la machine." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1147 msgid "Default: /bin/sh" msgstr "Par défaut : /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1152 msgid "default_shell" msgstr "default_shell" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1155 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." @@ -1649,7 +1656,7 @@ msgstr "" "choix soit dans la section [nss], soit par domaine." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1161 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" @@ -1659,12 +1666,12 @@ msgstr "" "nécessaire, habituellement /bin/sh)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 sssd.conf.5.xml:1548 +#: sssd.conf.5.xml:1168 sssd.conf.5.xml:1551 msgid "get_domains_timeout (int)" msgstr "get_domains_timeout (int)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 sssd.conf.5.xml:1551 +#: sssd.conf.5.xml:1171 sssd.conf.5.xml:1554 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." @@ -1673,43 +1680,43 @@ msgstr "" "jugée valide." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1180 #, fuzzy #| msgid "enum_cache_timeout (integer)" msgid "memcache_timeout (integer)" msgstr "enum_cache_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1180 +#: sssd.conf.5.xml:1183 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1191 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 sssd.conf.5.xml:1219 sssd.conf.5.xml:1244 -#: sssd.conf.5.xml:1269 sssd.conf.5.xml:1296 +#: sssd.conf.5.xml:1197 sssd.conf.5.xml:1222 sssd.conf.5.xml:1247 +#: sssd.conf.5.xml:1272 sssd.conf.5.xml:1299 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1202 +#: sssd.conf.5.xml:1205 #, fuzzy #| msgid "enum_cache_timeout (integer)" msgid "memcache_size_passwd (integer)" msgstr "enum_cache_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1205 +#: sssd.conf.5.xml:1208 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for passwd requests. Setting the size to 0 will disable the passwd in-" @@ -1717,27 +1724,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:2963 sssd-ldap.5.xml:549 +#: sssd.conf.5.xml:1214 sssd.conf.5.xml:2966 sssd-ldap.5.xml:560 msgid "Default: 8" msgstr "Par défaut : 8" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1214 sssd.conf.5.xml:1239 sssd.conf.5.xml:1264 -#: sssd.conf.5.xml:1291 +#: sssd.conf.5.xml:1217 sssd.conf.5.xml:1242 sssd.conf.5.xml:1267 +#: sssd.conf.5.xml:1294 msgid "" "WARNING: Disabled or too small in-memory cache can have significant negative " "impact on SSSD's performance." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1230 #, fuzzy #| msgid "enum_cache_timeout (integer)" msgid "memcache_size_group (integer)" msgstr "enum_cache_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1233 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for group requests. Setting the size to 0 will disable the group in-memory " @@ -1745,21 +1752,21 @@ msgid "" msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1236 sssd.conf.5.xml:1288 sssd.conf.5.xml:3724 -#: sssd-ldap.5.xml:474 sssd-ldap.5.xml:526 include/failover.xml:116 +#: sssd.conf.5.xml:1239 sssd.conf.5.xml:1291 sssd.conf.5.xml:3727 +#: sssd-ldap.5.xml:485 sssd-ldap.5.xml:537 include/failover.xml:116 #: include/krb5_options.xml:11 msgid "Default: 6" msgstr "Par défaut : 6" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1252 +#: sssd.conf.5.xml:1255 #, fuzzy #| msgid "enum_cache_timeout (integer)" msgid "memcache_size_initgroups (integer)" msgstr "enum_cache_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1255 +#: sssd.conf.5.xml:1258 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for initgroups requests. Setting the size to 0 will disable the initgroups " @@ -1767,14 +1774,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 +#: sssd.conf.5.xml:1280 #, fuzzy #| msgid "enum_cache_timeout (integer)" msgid "memcache_size_sid (integer)" msgstr "enum_cache_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 +#: sssd.conf.5.xml:1283 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for SID related requests. Only SID-by-ID and ID-by-SID requests are " @@ -1783,12 +1790,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1304 sssd-ifp.5.xml:90 +#: sssd.conf.5.xml:1307 sssd-ifp.5.xml:90 msgid "user_attributes (string)" msgstr "user_attributes (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1307 +#: sssd.conf.5.xml:1310 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1799,38 +1806,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1320 +#: sssd.conf.5.xml:1323 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1325 +#: sssd.conf.5.xml:1328 msgid "Default: not set, fallback to InfoPipe option" msgstr "Par défaut : non défini, repli sur l'option InfoPipe" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1330 +#: sssd.conf.5.xml:1333 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1336 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1341 #, fuzzy #| msgid "Default: <quote>permit</quote>" msgid "Default: <quote>*</quote>" msgstr "Par défaut : <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1341 +#: sssd.conf.5.xml:1344 #, fuzzy #| msgid "This option can also be set per-domain." msgid "" @@ -1839,7 +1846,7 @@ msgid "" msgstr "Cette option peut aussi être définie pour chaque domaine." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1348 msgid "" "Default: <quote>not set</quote> (remote domains), <phrase " "condition=\"with_files_provider\"> <quote>x</quote> (the files domain), </" @@ -1848,12 +1855,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1360 msgid "PAM configuration options" msgstr "Options de configuration de PAM" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1359 +#: sssd.conf.5.xml:1362 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." @@ -1862,12 +1869,12 @@ msgstr "" "Module (PAM)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1364 +#: sssd.conf.5.xml:1367 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1367 +#: sssd.conf.5.xml:1370 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." @@ -1877,17 +1884,17 @@ msgstr "" "connexion réussie)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1372 sssd.conf.5.xml:1385 +#: sssd.conf.5.xml:1375 sssd.conf.5.xml:1388 msgid "Default: 0 (No limit)" msgstr "Par défaut : 0 (pas de limite)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1381 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1384 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." @@ -1896,12 +1903,12 @@ msgstr "" "échouées sont autorisées." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1391 +#: sssd.conf.5.xml:1394 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1394 +#: sssd.conf.5.xml:1397 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." @@ -1911,7 +1918,7 @@ msgstr "" "soit possible." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1399 +#: sssd.conf.5.xml:1402 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1922,17 +1929,17 @@ msgstr "" "connexion réussie en ligne peut réactiver l'authentification." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1405 sssd.conf.5.xml:1515 +#: sssd.conf.5.xml:1408 sssd.conf.5.xml:1518 msgid "Default: 5" msgstr "Par défaut : 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1411 +#: sssd.conf.5.xml:1414 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1414 +#: sssd.conf.5.xml:1417 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." @@ -1942,46 +1949,46 @@ msgstr "" "affichés sera important." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1422 msgid "Currently sssd supports the following values:" msgstr "Actuellement sssd supporte les valeurs suivantes :" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1422 +#: sssd.conf.5.xml:1425 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis> : ne pas afficher de message" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1425 +#: sssd.conf.5.xml:1428 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis> : afficher seulement les messages importants" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1432 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis> : afficher les messages d'information" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1435 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" "<emphasis>3</emphasis> : afficher tous les messages et informations de " "débogage" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1436 sssd.8.xml:63 +#: sssd.conf.5.xml:1439 sssd.8.xml:63 msgid "Default: 1" msgstr "Par défaut : 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1442 +#: sssd.conf.5.xml:1445 #, fuzzy #| msgid "ad_access_filter (string)" msgid "pam_response_filter (string)" msgstr "ad_access_filter (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:1448 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1990,51 +1997,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1453 +#: sssd.conf.5.xml:1456 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1463 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1461 +#: sssd.conf.5.xml:1464 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1464 +#: sssd.conf.5.xml:1467 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1465 +#: sssd.conf.5.xml:1468 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:1472 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1470 +#: sssd.conf.5.xml:1473 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1458 +#: sssd.conf.5.xml:1461 msgid "" "Currently the following filters are supported: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1477 +#: sssd.conf.5.xml:1480 msgid "" "The list of strings can either be the list of filters which would set this " "list of filters and overwrite the defaults. Or each element of the list can " @@ -2045,23 +2052,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1488 +#: sssd.conf.5.xml:1491 msgid "Default: ENV:KRB5CCNAME:sudo, ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1491 +#: sssd.conf.5.xml:1494 msgid "" "Example: -ENV:KRB5CCNAME:sudo-i will remove the filter from the default list" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1498 +#: sssd.conf.5.xml:1501 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1501 +#: sssd.conf.5.xml:1504 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -2073,7 +2080,7 @@ msgstr "" "les dernières informations." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1507 +#: sssd.conf.5.xml:1510 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -2087,17 +2094,17 @@ msgstr "" "fournisseur d'identité." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1521 +#: sssd.conf.5.xml:1524 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1524 sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:1527 sssd.conf.5.xml:2990 msgid "Display a warning N days before the password expires." msgstr "Afficher une alerte N jours avant l'expiration du mot de passe." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1527 +#: sssd.conf.5.xml:1530 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2108,7 +2115,7 @@ msgstr "" "ne peut afficher de message d'alerte." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1533 sssd.conf.5.xml:2990 +#: sssd.conf.5.xml:1536 sssd.conf.5.xml:2993 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -2118,7 +2125,7 @@ msgstr "" "sera automatiquement affiché." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1541 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." @@ -2127,18 +2134,18 @@ msgstr "" "<emphasis>pwd_expiration_warning</emphasis> pour un domaine particulier." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1543 sssd.conf.5.xml:3990 sssd-ldap.5.xml:607 -#: sssd-ldap.5.xml:1673 sssd.8.xml:79 +#: sssd.conf.5.xml:1546 sssd.conf.5.xml:3993 sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:1684 sssd.8.xml:79 msgid "Default: 0" msgstr "Par défaut : 0" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1560 +#: sssd.conf.5.xml:1563 msgid "pam_trusted_users (string)" msgstr "pam_trusted_users (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1563 +#: sssd.conf.5.xml:1566 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -2148,37 +2155,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1573 +#: sssd.conf.5.xml:1576 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1577 +#: sssd.conf.5.xml:1580 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1584 +#: sssd.conf.5.xml:1587 msgid "pam_public_domains (string)" msgstr "pam_public_domains (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1587 +#: sssd.conf.5.xml:1590 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1591 +#: sssd.conf.5.xml:1594 msgid "Two special values for pam_public_domains option are defined:" msgstr "" "Deux valeurs spéciales pour l'option pam_public_domains sont définies :" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1595 +#: sssd.conf.5.xml:1598 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" @@ -2186,7 +2193,7 @@ msgstr "" "à tous les domaines PAM dans le répondeur.)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1602 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" @@ -2195,33 +2202,33 @@ msgstr "" "autorisés à accéder à un des domaines PAM dans le répondeur.)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1603 sssd.conf.5.xml:1628 sssd.conf.5.xml:1647 -#: sssd.conf.5.xml:1884 sssd.conf.5.xml:2725 sssd.conf.5.xml:3919 -#: sssd-ldap.5.xml:1210 +#: sssd.conf.5.xml:1606 sssd.conf.5.xml:1631 sssd.conf.5.xml:1650 +#: sssd.conf.5.xml:1887 sssd.conf.5.xml:2728 sssd.conf.5.xml:3922 +#: sssd-ldap.5.xml:1221 msgid "Default: none" msgstr "Par défaut : aucun" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1611 msgid "pam_account_expired_message (string)" msgstr "pam_account_expired_message (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1611 +#: sssd.conf.5.xml:1614 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1616 +#: sssd.conf.5.xml:1619 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1627 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -2229,19 +2236,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1633 +#: sssd.conf.5.xml:1636 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1639 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1643 +#: sssd.conf.5.xml:1646 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -2249,48 +2256,48 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1652 +#: sssd.conf.5.xml:1655 #, fuzzy #| msgid "ldap_chpass_update_last_change (bool)" msgid "pam_passkey_auth (bool)" msgstr "ldap_chpass_update_last_change (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1655 +#: sssd.conf.5.xml:1658 msgid "Enable passkey device based authentication." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1658 sssd.conf.5.xml:1970 sssd-ad.5.xml:1272 +#: sssd.conf.5.xml:1661 sssd.conf.5.xml:1973 sssd-ad.5.xml:1275 #: sss_rpcidmapd.5.xml:76 sssd-files.5.xml:145 msgid "Default: True" msgstr "Par défaut : True" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1663 +#: sssd.conf.5.xml:1666 msgid "passkey_debug_libfido2 (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1666 +#: sssd.conf.5.xml:1669 msgid "Enable libfido2 library debug messages." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1669 sssd.conf.5.xml:1683 sssd-ldap.5.xml:672 -#: sssd-ldap.5.xml:693 sssd-ldap.5.xml:789 sssd-ldap.5.xml:1296 -#: sssd-ad.5.xml:506 sssd-ad.5.xml:582 sssd-ad.5.xml:1127 sssd-ad.5.xml:1176 +#: sssd.conf.5.xml:1672 sssd.conf.5.xml:1686 sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:704 sssd-ldap.5.xml:800 sssd-ldap.5.xml:1307 +#: sssd-ad.5.xml:506 sssd-ad.5.xml:582 sssd-ad.5.xml:1127 sssd-ad.5.xml:1179 #: include/ldap_id_mapping.xml:250 msgid "Default: False" msgstr "Par défaut : False" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1674 +#: sssd.conf.5.xml:1677 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1677 +#: sssd.conf.5.xml:1680 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -2298,36 +2305,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1688 +#: sssd.conf.5.xml:1691 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1691 +#: sssd.conf.5.xml:1694 msgid "The path to the certificate database." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1694 sssd.conf.5.xml:2219 sssd.conf.5.xml:4411 +#: sssd.conf.5.xml:1697 sssd.conf.5.xml:2222 sssd.conf.5.xml:4414 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1696 sssd.conf.5.xml:2221 +#: sssd.conf.5.xml:1699 sssd.conf.5.xml:2224 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (path to a file with trusted CA " "certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:1709 #, fuzzy #| msgid "ldap_user_certificate (string)" msgid "pam_cert_verification (string)" msgstr "ldap_user_certificate (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:1712 msgid "" "With this parameter the PAM certificate verification can be tuned with a " "comma separated list of options that override the " @@ -2337,7 +2344,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:1723 #, fuzzy, no-wrap #| msgid "" #| "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -2350,63 +2357,63 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:1727 msgid "" "Default: not set, i.e. use default <quote>certificate_verification</quote> " "option defined in <quote>[sssd]</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1731 +#: sssd.conf.5.xml:1734 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1734 +#: sssd.conf.5.xml:1737 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1743 +#: sssd.conf.5.xml:1746 #, fuzzy #| msgid "pam_id_timeout (integer)" msgid "passkey_child_timeout (integer)" msgstr "pam_id_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 +#: sssd.conf.5.xml:1749 msgid "" "How many seconds will the PAM responder wait for passkey_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1758 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1761 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1767 +#: sssd.conf.5.xml:1770 #, fuzzy #| msgid "ad_gpo_map_service (string)" msgid "pam_p11_allowed_services (string)" msgstr "ad_gpo_map_service (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1770 +#: sssd.conf.5.xml:1773 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1785 +#: sssd.conf.5.xml:1788 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -2414,7 +2421,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1774 +#: sssd.conf.5.xml:1777 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -2426,63 +2433,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1789 sssd-ad.5.xml:645 sssd-ad.5.xml:754 sssd-ad.5.xml:812 +#: sssd.conf.5.xml:1792 sssd-ad.5.xml:645 sssd-ad.5.xml:754 sssd-ad.5.xml:812 #: sssd-ad.5.xml:870 sssd-ad.5.xml:948 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1794 sssd-ad.5.xml:649 +#: sssd.conf.5.xml:1797 sssd-ad.5.xml:649 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1799 sssd-ad.5.xml:654 +#: sssd.conf.5.xml:1802 sssd-ad.5.xml:654 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1804 sssd-ad.5.xml:659 +#: sssd.conf.5.xml:1807 sssd-ad.5.xml:659 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1809 sssd-ad.5.xml:674 +#: sssd.conf.5.xml:1812 sssd-ad.5.xml:674 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1814 sssd-ad.5.xml:669 +#: sssd.conf.5.xml:1817 sssd-ad.5.xml:669 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1819 sssd-ad.5.xml:679 +#: sssd.conf.5.xml:1822 sssd-ad.5.xml:679 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1824 sssd-ad.5.xml:957 +#: sssd.conf.5.xml:1827 sssd-ad.5.xml:957 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1829 sssd-ad.5.xml:962 +#: sssd.conf.5.xml:1832 sssd-ad.5.xml:962 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1837 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1845 msgid "p11_wait_for_card_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1845 +#: sssd.conf.5.xml:1848 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2490,12 +2497,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1856 +#: sssd.conf.5.xml:1859 msgid "p11_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1859 +#: sssd.conf.5.xml:1862 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " @@ -2506,7 +2513,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1872 +#: sssd.conf.5.xml:1875 #, no-wrap msgid "" "p11_uri = pkcs11:slot-description=My%20Smartcard%20Reader\n" @@ -2514,7 +2521,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1876 +#: sssd.conf.5.xml:1879 #, no-wrap msgid "" "p11_uri = pkcs11:library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2522,7 +2529,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1870 +#: sssd.conf.5.xml:1873 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2531,47 +2538,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1892 msgid "pam_initgroups_scheme" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1897 +#: sssd.conf.5.xml:1900 msgid "always" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1898 +#: sssd.conf.5.xml:1901 msgid "" "Always do an online lookup, please note that pam_id_timeout still applies" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1902 +#: sssd.conf.5.xml:1905 msgid "no_session" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1903 +#: sssd.conf.5.xml:1906 msgid "" "Only do an online lookup if there is no active session of the user, i.e. if " "the user is currently not logged in" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1908 +#: sssd.conf.5.xml:1911 msgid "never" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1909 +#: sssd.conf.5.xml:1912 msgid "" "Never force an online lookup, use the data from the cache as long as they " "are not expired" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1892 +#: sssd.conf.5.xml:1895 msgid "" "The PAM responder can force an online lookup to get the current group " "memberships of the user trying to log in. This option controls when this " @@ -2580,19 +2587,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1916 +#: sssd.conf.5.xml:1919 msgid "Default: no_session" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1921 sssd.conf.5.xml:4350 +#: sssd.conf.5.xml:1924 sssd.conf.5.xml:4353 #, fuzzy #| msgid "ad_gpo_map_service (string)" msgid "pam_gssapi_services" msgstr "ad_gpo_map_service (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1924 +#: sssd.conf.5.xml:1927 #, fuzzy #| msgid "Comma separated list of users who are allowed to log in." msgid "" @@ -2602,13 +2609,13 @@ msgstr "" "Liste séparée par des virgules d'utilisateurs autorisés à se connecter." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:1932 msgid "" "To disable GSSAPI authentication, set this option to <quote>-</quote> (dash)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1933 sssd.conf.5.xml:1964 sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:1936 sssd.conf.5.xml:1967 sssd.conf.5.xml:2005 msgid "" "Note: This option can also be set per-domain which overwrites the value in " "[pam] section. It can also be set for trusted domain which overwrites the " @@ -2616,7 +2623,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1941 +#: sssd.conf.5.xml:1944 #, fuzzy, no-wrap #| msgid "" #| "fallback_homedir = /home/%u\n" @@ -2629,22 +2636,22 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1939 sssd.conf.5.xml:3913 +#: sssd.conf.5.xml:1942 sssd.conf.5.xml:3916 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "Exemple : <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1945 +#: sssd.conf.5.xml:1948 msgid "Default: - (GSSAPI authentication is disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1950 sssd.conf.5.xml:4351 +#: sssd.conf.5.xml:1953 sssd.conf.5.xml:4354 msgid "pam_gssapi_check_upn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1953 +#: sssd.conf.5.xml:1956 msgid "" "If True, SSSD will require that the Kerberos user principal that " "successfully authenticated through GSSAPI can be associated with the user " @@ -2652,19 +2659,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1960 +#: sssd.conf.5.xml:1963 msgid "" "If False, every user that is able to obtained required service ticket will " "be authenticated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:1978 msgid "pam_gssapi_indicators_map" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1978 +#: sssd.conf.5.xml:1981 msgid "" "Comma separated list of authentication indicators required to be present in " "a Kerberos ticket to access a PAM service that is allowed to try GSSAPI " @@ -2672,7 +2679,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1984 +#: sssd.conf.5.xml:1987 msgid "" "Each element of the list can be either an authentication indicator name or a " "pair <quote>service:indicator</quote>. Indicators not prefixed with the PAM " @@ -2687,7 +2694,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1997 +#: sssd.conf.5.xml:2000 msgid "" "To disable GSSAPI authentication indicator check, set this option to <quote>-" "</quote> (dash). To disable the check for a specific PAM service, add " @@ -2695,45 +2702,45 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2008 +#: sssd.conf.5.xml:2011 msgid "" "Following authentication indicators are supported by IPA Kerberos " "deployments:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2011 +#: sssd.conf.5.xml:2014 msgid "" "pkinit -- pre-authentication using X.509 certificates -- whether stored in " "files or on smart cards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2014 +#: sssd.conf.5.xml:2017 msgid "" "hardened -- SPAKE pre-authentication or any pre-authentication wrapped in a " "FAST channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2017 +#: sssd.conf.5.xml:2020 msgid "radius -- pre-authentication with the help of a RADIUS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2020 +#: sssd.conf.5.xml:2023 msgid "" "otp -- pre-authentication using integrated two-factor authentication (2FA or " "one-time password, OTP) in IPA." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2023 +#: sssd.conf.5.xml:2026 msgid "idp -- pre-authentication using external identity provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2033 +#: sssd.conf.5.xml:2036 #, no-wrap msgid "" "pam_gssapi_indicators_map = sudo:pkinit, sudo-i:pkinit\n" @@ -2741,7 +2748,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2028 +#: sssd.conf.5.xml:2031 msgid "" "Example: to require access to SUDO services only for users which obtained " "their Kerberos tickets with a X.509 certificate pre-authentication (PKINIT), " @@ -2749,7 +2756,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2037 +#: sssd.conf.5.xml:2040 #, fuzzy #| msgid "Default: not set (no substitution for unset home directories)" msgid "Default: not set (use of authentication indicators is not required)" @@ -2758,12 +2765,12 @@ msgstr "" "non définis)" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2048 msgid "SUDO configuration options" msgstr "Options de configuration de SUDO" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2047 +#: sssd.conf.5.xml:2050 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2780,12 +2787,12 @@ msgstr "" "sudo</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2064 +#: sssd.conf.5.xml:2067 msgid "sudo_timed (bool)" msgstr "sudo_timed (booléen)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2067 +#: sssd.conf.5.xml:2070 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." @@ -2794,12 +2801,12 @@ msgstr "" "les entrées sudoers sensibles au temps." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2079 +#: sssd.conf.5.xml:2082 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2082 +#: sssd.conf.5.xml:2085 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2809,22 +2816,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2101 +#: sssd.conf.5.xml:2104 msgid "AUTOFS configuration options" msgstr "Options de configuration AUTOFS" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2103 +#: sssd.conf.5.xml:2106 msgid "These options can be used to configure the autofs service." msgstr "Ces options peuvent être utilisées pour configurer le service autofs." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2107 +#: sssd.conf.5.xml:2110 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2110 +#: sssd.conf.5.xml:2113 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2836,23 +2843,23 @@ msgstr "" "moteur." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2126 +#: sssd.conf.5.xml:2129 msgid "SSH configuration options" msgstr "Options de configuration SSH" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2128 +#: sssd.conf.5.xml:2131 msgid "These options can be used to configure the SSH service." msgstr "" "Les options suivantes peuvent être utilisées pour configurer le service SSH." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:2135 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2135 +#: sssd.conf.5.xml:2138 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." @@ -2860,12 +2867,12 @@ msgstr "" "Condenser ou non les noms de systèmes et adresses du fichier known_hosts" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2144 +#: sssd.conf.5.xml:2147 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2147 +#: sssd.conf.5.xml:2150 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." @@ -2874,17 +2881,17 @@ msgstr "" "known_hosts géré après que ses clés de système ont été demandés." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2154 msgid "Default: 180" msgstr "Par défaut : 180" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2156 +#: sssd.conf.5.xml:2159 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2159 +#: sssd.conf.5.xml:2162 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2893,12 +2900,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2174 +#: sssd.conf.5.xml:2177 msgid "ssh_use_certificate_matching_rules (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2177 +#: sssd.conf.5.xml:2180 msgid "" "By default the ssh responder will use all available certificate matching " "rules to filter the certificates so that ssh keys are only derived from the " @@ -2908,7 +2915,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2186 +#: sssd.conf.5.xml:2189 msgid "" "There are two special key words 'all_rules' and 'no_rules' which will enable " "all or no rules, respectively. The latter means that no certificates will be " @@ -2916,7 +2923,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2193 +#: sssd.conf.5.xml:2196 msgid "" "If no rules are configured using 'all_rules' will enable a default rule " "which enables all certificates suitable for client authentication. This is " @@ -2925,38 +2932,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2200 +#: sssd.conf.5.xml:2203 msgid "" "A non-existing rule name is considered an error. If as a result no rule is " "selected all certificates will be ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2205 +#: sssd.conf.5.xml:2208 msgid "" "Default: not set, equivalent to 'all_rules', all found rules or the default " "rule are used" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2211 +#: sssd.conf.5.xml:2214 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2214 +#: sssd.conf.5.xml:2217 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2234 +#: sssd.conf.5.xml:2237 msgid "PAC responder configuration options" msgstr "Options de configuration du répondeur PAC" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2239 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2967,7 +2974,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2245 +#: sssd.conf.5.xml:2248 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2978,7 +2985,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2253 +#: sssd.conf.5.xml:2256 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." @@ -2987,19 +2994,19 @@ msgstr "" "ajouté à ces groupes." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2259 +#: sssd.conf.5.xml:2262 msgid "These options can be used to configure the PAC responder." msgstr "" "Les options suivantes peuvent être utilisées pour configurer le répondeur " "PAC." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2263 sssd-ifp.5.xml:66 +#: sssd.conf.5.xml:2266 sssd-ifp.5.xml:66 msgid "allowed_uids (string)" msgstr "allowed_uids (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2266 +#: sssd.conf.5.xml:2269 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -3010,7 +3017,7 @@ msgstr "" "seront résolus en UID au démarrage." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2272 +#: sssd.conf.5.xml:2275 #, fuzzy #| msgid "" #| "Default: 0 (only the root user is allowed to access the PAC responder)" @@ -3022,14 +3029,14 @@ msgstr "" "PAC)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2279 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" "Par défaut : 0 (seul l'utilisateur root est autorisé à accéder au répondeur " "PAC)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2280 +#: sssd.conf.5.xml:2283 #, fuzzy #| msgid "" #| "Please note that although the UID 0 is used as the default it will be " @@ -3048,7 +3055,7 @@ msgstr "" "0 à la liste des UID d'utilisateurs autorisés." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2287 +#: sssd.conf.5.xml:2290 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -3061,26 +3068,26 @@ msgstr "" "0 à la liste des UID d'utilisateurs autorisés." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2296 +#: sssd.conf.5.xml:2299 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2299 +#: sssd.conf.5.xml:2302 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2309 +#: sssd.conf.5.xml:2312 #, fuzzy #| msgid "ldap_schema (string)" msgid "pac_check (string)" msgstr "ldap_schema (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2312 +#: sssd.conf.5.xml:2315 msgid "" "Apply additional checks on the PAC of the Kerberos ticket which is available " "in Active Directory and FreeIPA domains, if configured. Please note that " @@ -3091,24 +3098,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2326 +#: sssd.conf.5.xml:2329 msgid "no_check" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2328 +#: sssd.conf.5.xml:2331 msgid "" "The PAC must not be present and even if it is present no additional checks " "will be done." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2334 +#: sssd.conf.5.xml:2337 msgid "pac_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:2339 msgid "" "The PAC must be present in the service ticket which SSSD will request with " "the help of the user's TGT. If the PAC is not available the authentication " @@ -3116,24 +3123,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2344 +#: sssd.conf.5.xml:2347 msgid "check_upn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2346 +#: sssd.conf.5.xml:2349 msgid "" "If the PAC is present check if the user principal name (UPN) information is " "consistent." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2352 +#: sssd.conf.5.xml:2355 msgid "check_upn_allow_missing" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2357 msgid "" "This option should be used together with 'check_upn' and handles the case " "where a UPN is set on the server-side but is not read by SSSD. The typical " @@ -3145,7 +3152,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2366 +#: sssd.conf.5.xml:2369 msgid "" "Currently this option is set by default to avoid regressions in such " "environments. A log message will be added to the system log and SSSD's debug " @@ -3156,41 +3163,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2380 +#: sssd.conf.5.xml:2383 msgid "upn_dns_info_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2382 +#: sssd.conf.5.xml:2385 msgid "The PAC must contain the UPN-DNS-INFO buffer, implies 'check_upn'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2387 +#: sssd.conf.5.xml:2390 msgid "check_upn_dns_info_ex" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2389 +#: sssd.conf.5.xml:2392 msgid "" "If the PAC is present and the extension to the UPN-DNS-INFO buffer is " "available check if the information in the extension is consistent." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2396 +#: sssd.conf.5.xml:2399 msgid "upn_dns_info_ex_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2401 msgid "" "The PAC must contain the extension of the UPN-DNS-INFO buffer, implies " "'check_upn_dns_info_ex', 'upn_dns_info_present' and 'check_upn'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2325 #, fuzzy #| msgid "" #| "The following expansions are supported: <placeholder " @@ -3203,19 +3210,19 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2408 +#: sssd.conf.5.xml:2411 msgid "" "Default: no_check (AD and IPA provider 'check_upn, check_upn_allow_missing, " "check_upn_dns_info_ex')" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2417 +#: sssd.conf.5.xml:2420 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2419 +#: sssd.conf.5.xml:2422 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -3225,66 +3232,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2432 +#: sssd.conf.5.xml:2435 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2436 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:2439 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2443 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:2446 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2446 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:2449 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2451 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:2454 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2454 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:2457 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2463 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:2466 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2466 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:2469 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2439 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:2442 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:2476 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2478 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:2481 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2481 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:2484 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -3292,17 +3299,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2487 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:2490 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2492 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:2495 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2495 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:2498 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -3310,7 +3317,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2501 sssd.conf.5.xml:2533 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:2504 sssd.conf.5.xml:2536 sssd-session-recording.5.xml:129 #: sssd-session-recording.5.xml:161 msgid "" "NOTE: using this option (having it set to anything) has a considerable " @@ -3319,65 +3326,65 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2508 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:2511 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2513 sssd-session-recording.5.xml:141 +#: sssd.conf.5.xml:2516 sssd-session-recording.5.xml:141 #, fuzzy #| msgid "simple_deny_users (string)" msgid "exclude_users (string)" msgstr "simple_deny_users (chaîne)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2516 sssd-session-recording.5.xml:144 +#: sssd.conf.5.xml:2519 sssd-session-recording.5.xml:144 msgid "" "A comma-separated list of users to be excluded from recording, only " "applicable with 'scope=all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2520 sssd-session-recording.5.xml:148 +#: sssd.conf.5.xml:2523 sssd-session-recording.5.xml:148 #, fuzzy #| msgid "Default: empty, i.e. ldap_uri is used." msgid "Default: Empty. No users excluded." msgstr "Par défaut : vide, ldap_uri est donc utilisé." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2525 sssd-session-recording.5.xml:153 +#: sssd.conf.5.xml:2528 sssd-session-recording.5.xml:153 #, fuzzy #| msgid "simple_deny_groups (string)" msgid "exclude_groups (string)" msgstr "simple_deny_groups (chaîne)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2528 sssd-session-recording.5.xml:156 +#: sssd.conf.5.xml:2531 sssd-session-recording.5.xml:156 msgid "" "A comma-separated list of groups, members of which should be excluded from " "recording. Only applicable with 'scope=all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2540 sssd-session-recording.5.xml:168 +#: sssd.conf.5.xml:2543 sssd-session-recording.5.xml:168 #, fuzzy #| msgid "Default: empty, i.e. ldap_uri is used." msgid "Default: Empty. No groups excluded." msgstr "Par défaut : vide, ldap_uri est donc utilisé." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:2550 +#: sssd.conf.5.xml:2553 msgid "DOMAIN SECTIONS" msgstr "SECTIONS DOMAINES" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para> -#: sssd.conf.5.xml:2557 sssd.conf.5.xml:4041 sssd.conf.5.xml:4042 -#: sssd.conf.5.xml:4045 +#: sssd.conf.5.xml:2560 sssd.conf.5.xml:4044 sssd.conf.5.xml:4045 +#: sssd.conf.5.xml:4048 msgid "enabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2560 +#: sssd.conf.5.xml:2563 msgid "" "Explicitly enable or disable the domain. If <quote>true</quote>, the domain " "is always <quote>enabled</quote>. If <quote>false</quote>, the domain is " @@ -3387,12 +3394,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2572 +#: sssd.conf.5.xml:2575 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2578 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -3401,14 +3408,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2583 +#: sssd.conf.5.xml:2586 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2587 +#: sssd.conf.5.xml:2590 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -3417,31 +3424,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2595 +#: sssd.conf.5.xml:2598 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2602 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2603 +#: sssd.conf.5.xml:2606 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2609 +#: sssd.conf.5.xml:2612 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2615 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -3450,7 +3457,7 @@ msgstr "" "dehors de ces limites, elle est ignorée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2617 +#: sssd.conf.5.xml:2620 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -3463,7 +3470,7 @@ msgstr "" "qui sont dans la plage seront rapportés comme prévu." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2627 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." @@ -3472,17 +3479,17 @@ msgstr "" "pas seulement leur recherche par nom ou identifiant." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2631 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Default: 1 for min_id, 0 (no limit) for max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2637 msgid "enumerate (bool)" msgstr "enumerate (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2637 +#: sssd.conf.5.xml:2640 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -3491,36 +3498,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:2648 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = utilisateurs et groupes sont énumérés" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:2651 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = aucune énumération pour ce domaine" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2651 sssd.conf.5.xml:2942 sssd.conf.5.xml:3119 +#: sssd.conf.5.xml:2654 sssd.conf.5.xml:2945 sssd.conf.5.xml:3122 msgid "Default: FALSE" msgstr "Par défaut : FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2654 +#: sssd.conf.5.xml:2657 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2659 +#: sssd.conf.5.xml:2662 msgid "" "Feature is only supported for domains with id_provider = ldap or id_provider " "= proxy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2663 +#: sssd.conf.5.xml:2666 msgid "" "Note: Enabling enumeration has a severe performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -3534,7 +3541,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2678 +#: sssd.conf.5.xml:2681 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -3544,7 +3551,7 @@ msgstr "" "l'énumération ne se termine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2683 +#: sssd.conf.5.xml:2686 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -3558,7 +3565,7 @@ msgstr "" "fournisseur d'identité spécifique utilisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2694 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." @@ -3567,7 +3574,7 @@ msgstr "" "déconseillée, surtout dans les environnements de grande taille." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2696 +#: sssd.conf.5.xml:2699 msgid "" "Note: the proxy provider is tested with open source modules like " "'libnss_files' and 'libnss_ldap'. 3rd party modules must follow the " @@ -3575,32 +3582,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2705 +#: sssd.conf.5.xml:2708 msgid "subdomain_enumerate (string)" msgstr "subdomain_enumerate (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2712 +#: sssd.conf.5.xml:2715 msgid "all" msgstr "all" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2716 msgid "All discovered trusted domains will be enumerated" msgstr "Tous les domaines approuvés découverts seront énumérés" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2716 +#: sssd.conf.5.xml:2719 msgid "none" msgstr "none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2717 +#: sssd.conf.5.xml:2720 msgid "No discovered trusted domains will be enumerated" msgstr "Aucun domaine approuvé découvert ne sera énuméré" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2708 +#: sssd.conf.5.xml:2711 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -3614,12 +3621,12 @@ msgstr "" "activer l'énumération pour ces seuls domaines." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2731 +#: sssd.conf.5.xml:2734 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2734 +#: sssd.conf.5.xml:2737 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -3628,7 +3635,7 @@ msgstr "" "comme valides avant de les redemander au moteur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2738 +#: sssd.conf.5.xml:2741 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -3646,17 +3653,17 @@ msgstr "" "rafraîchissement des entrées qui sont déjà en cache." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2751 +#: sssd.conf.5.xml:2754 msgid "Default: 5400" msgstr "Par défaut : 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2757 +#: sssd.conf.5.xml:2760 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2760 +#: sssd.conf.5.xml:2763 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" @@ -3665,19 +3672,19 @@ msgstr "" "d'utilisateurs comme valides avant de les redemander au moteur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2764 sssd.conf.5.xml:2777 sssd.conf.5.xml:2790 -#: sssd.conf.5.xml:2803 sssd.conf.5.xml:2817 sssd.conf.5.xml:2830 -#: sssd.conf.5.xml:2844 sssd.conf.5.xml:2858 sssd.conf.5.xml:2871 +#: sssd.conf.5.xml:2767 sssd.conf.5.xml:2780 sssd.conf.5.xml:2793 +#: sssd.conf.5.xml:2806 sssd.conf.5.xml:2820 sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2847 sssd.conf.5.xml:2861 sssd.conf.5.xml:2874 msgid "Default: entry_cache_timeout" msgstr "Par défaut : entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2773 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2776 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" @@ -3686,12 +3693,12 @@ msgstr "" "groupes comme valides avant de les redemander au moteur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2783 +#: sssd.conf.5.xml:2786 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2786 +#: sssd.conf.5.xml:2789 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" @@ -3700,12 +3707,12 @@ msgstr "" "netgroup comme valides avant de les redemander au moteur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2796 +#: sssd.conf.5.xml:2799 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2799 +#: sssd.conf.5.xml:2802 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" @@ -3714,24 +3721,24 @@ msgstr "" "service valides avant de les redemander au moteur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2812 msgid "entry_cache_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2812 +#: sssd.conf.5.xml:2815 msgid "" "How many seconds should nss_sss consider hosts and networks entries valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:2826 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2826 +#: sssd.conf.5.xml:2829 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" @@ -3740,12 +3747,12 @@ msgstr "" "valides avant de les redemander au moteur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2836 +#: sssd.conf.5.xml:2839 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2839 +#: sssd.conf.5.xml:2842 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" @@ -3754,12 +3761,12 @@ msgstr "" "cartes d'automontage comme valides avant de les redemander au moteur" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2850 +#: sssd.conf.5.xml:2853 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "entry_cache_ssh_host_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2853 +#: sssd.conf.5.xml:2856 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." @@ -3768,24 +3775,24 @@ msgstr "" "rafraichissement. I.e. combien de temps mettre la clé en cache." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2867 msgid "entry_cache_computer_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2867 +#: sssd.conf.5.xml:2870 msgid "" "How many seconds to keep the local computer entry before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2877 +#: sssd.conf.5.xml:2880 msgid "refresh_expired_interval (integer)" msgstr "refresh_expired_interval (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2880 +#: sssd.conf.5.xml:2883 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." @@ -3795,7 +3802,7 @@ msgstr "" "enregistrements expirés ou sur le point de l'être." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2885 +#: sssd.conf.5.xml:2888 msgid "" "The background refresh will process users, groups and netgroups in the " "cache. For users who have performed the initgroups (get group membership for " @@ -3804,18 +3811,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2893 +#: sssd.conf.5.xml:2896 msgid "This option is automatically inherited for all trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2897 +#: sssd.conf.5.xml:2900 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" "Il est envisageable de configurer cette valeur à 3/4 * entry_cache_timeout." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2901 +#: sssd.conf.5.xml:2904 msgid "" "Cache entry will be refreshed by background task when 2/3 of cache timeout " "has already passed. If there are existing cached entries, the background " @@ -3827,18 +3834,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2914 sssd-ldap.5.xml:361 sssd-ldap.5.xml:1774 +#: sssd.conf.5.xml:2917 sssd-ldap.5.xml:372 sssd-ldap.5.xml:1785 #: sssd-ipa.5.xml:270 msgid "Default: 0 (disabled)" msgstr "Par défaut : 0 (désactivé)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2920 +#: sssd.conf.5.xml:2923 msgid "cache_credentials (bool)" msgstr "cache_credentials (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:2926 msgid "" "Determines if user credentials are also cached in the local LDB cache. The " "cached credentials refer to passwords, which includes the first (long term) " @@ -3849,7 +3856,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2934 +#: sssd.conf.5.xml:2937 msgid "" "Take a note that while credentials are stored as a salted SHA512 hash, this " "still potentially poses some security risk in case an attacker manages to " @@ -3858,12 +3865,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:2951 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2951 +#: sssd.conf.5.xml:2954 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -3871,19 +3878,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2958 +#: sssd.conf.5.xml:2961 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:2972 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:2975 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -3896,17 +3903,17 @@ msgstr "" "paramètre doit être supérieur ou égal à offline_credentials_expiration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2979 +#: sssd.conf.5.xml:2982 msgid "Default: 0 (unlimited)" msgstr "Par défaut : 0 (illimité)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:2987 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2995 +#: sssd.conf.5.xml:2998 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -3919,17 +3926,17 @@ msgstr "" "fournisseur oauth doit être configuré pour le moteur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3002 +#: sssd.conf.5.xml:3005 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "Par défaut : 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3008 +#: sssd.conf.5.xml:3011 msgid "id_provider (string)" msgstr "id_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3011 +#: sssd.conf.5.xml:3014 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" @@ -3937,12 +3944,12 @@ msgstr "" "d'identification pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3015 +#: sssd.conf.5.xml:3018 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3018 +#: sssd.conf.5.xml:3021 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3950,7 +3957,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3026 +#: sssd.conf.5.xml:3029 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3962,8 +3969,8 @@ msgstr "" "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3034 sssd.conf.5.xml:3145 sssd.conf.5.xml:3196 -#: sssd.conf.5.xml:3259 +#: sssd.conf.5.xml:3037 sssd.conf.5.xml:3148 sssd.conf.5.xml:3199 +#: sssd.conf.5.xml:3262 #, fuzzy #| msgid "" #| "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " @@ -3981,8 +3988,8 @@ msgstr "" "configuration de FreeIPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3043 sssd.conf.5.xml:3154 sssd.conf.5.xml:3205 -#: sssd.conf.5.xml:3268 +#: sssd.conf.5.xml:3046 sssd.conf.5.xml:3157 sssd.conf.5.xml:3208 +#: sssd.conf.5.xml:3271 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3994,12 +4001,12 @@ msgstr "" "d'Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3054 +#: sssd.conf.5.xml:3057 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3057 +#: sssd.conf.5.xml:3060 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." @@ -4009,7 +4016,7 @@ msgstr "" "communiqué à NSS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3062 +#: sssd.conf.5.xml:3065 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -4023,7 +4030,7 @@ msgstr "" "trouve." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3070 +#: sssd.conf.5.xml:3073 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -4035,24 +4042,24 @@ msgstr "" "qualifié sera demandé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3077 +#: sssd.conf.5.xml:3080 msgid "" "Default: FALSE (TRUE for trusted domain/sub-domains or if " "default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3084 +#: sssd.conf.5.xml:3087 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3087 +#: sssd.conf.5.xml:3090 msgid "Do not return group members for group lookups." msgstr "Ne pas envoyer les membres des groupes sur les recherches de groupes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3090 +#: sssd.conf.5.xml:3093 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -4064,7 +4071,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3111 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -4072,23 +4079,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3114 sssd.conf.5.xml:3835 sssd-ldap.5.xml:327 -#: sssd-ldap.5.xml:356 sssd-ldap.5.xml:409 sssd-ldap.5.xml:469 -#: sssd-ldap.5.xml:490 sssd-ldap.5.xml:521 sssd-ldap.5.xml:544 -#: sssd-ldap.5.xml:583 sssd-ldap.5.xml:602 sssd-ldap.5.xml:626 -#: sssd-ldap.5.xml:1054 sssd-ldap.5.xml:1087 +#: sssd.conf.5.xml:3117 sssd.conf.5.xml:3838 sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:367 sssd-ldap.5.xml:420 sssd-ldap.5.xml:480 +#: sssd-ldap.5.xml:501 sssd-ldap.5.xml:532 sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:594 sssd-ldap.5.xml:613 sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:1065 sssd-ldap.5.xml:1098 msgid "" "This option can be also set per subdomain or inherited via " "<emphasis>subdomain_inherit</emphasis>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3124 +#: sssd.conf.5.xml:3127 msgid "auth_provider (string)" msgstr "auth_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3127 +#: sssd.conf.5.xml:3130 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -4097,7 +4104,7 @@ msgstr "" "pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3131 sssd.conf.5.xml:3189 +#: sssd.conf.5.xml:3134 sssd.conf.5.xml:3192 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4109,7 +4116,7 @@ msgstr "" "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3138 +#: sssd.conf.5.xml:3141 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4120,7 +4127,7 @@ msgstr "" "citerefentry> pour plus d'informations sur la configuration de Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3162 +#: sssd.conf.5.xml:3165 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" @@ -4128,12 +4135,12 @@ msgstr "" "PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3168 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> désactive l'authentification explicitement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3168 +#: sssd.conf.5.xml:3171 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -4142,12 +4149,12 @@ msgstr "" "gérer les requêtes d'authentification." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3174 +#: sssd.conf.5.xml:3177 msgid "access_provider (string)" msgstr "access_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3177 +#: sssd.conf.5.xml:3180 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -4158,7 +4165,7 @@ msgstr "" "installés). Les fournisseurs internes spécifiques sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3183 +#: sssd.conf.5.xml:3186 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." @@ -4167,12 +4174,12 @@ msgstr "" "d'accès autorisé pour un domaine local." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3186 +#: sssd.conf.5.xml:3189 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> toujours refuser les accès." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3213 +#: sssd.conf.5.xml:3216 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -4185,7 +4192,7 @@ msgstr "" "d'informations sur la configuration du module d'accès simple." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3223 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -4193,22 +4200,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3227 +#: sssd.conf.5.xml:3230 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3230 +#: sssd.conf.5.xml:3233 msgid "Default: <quote>permit</quote>" msgstr "Par défaut : <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3235 +#: sssd.conf.5.xml:3238 msgid "chpass_provider (string)" msgstr "chpass_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3238 +#: sssd.conf.5.xml:3241 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -4217,7 +4224,7 @@ msgstr "" "domaine. Les fournisseurs pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3243 +#: sssd.conf.5.xml:3246 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -4225,7 +4232,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3251 +#: sssd.conf.5.xml:3254 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4237,7 +4244,7 @@ msgstr "" "Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3276 +#: sssd.conf.5.xml:3279 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" @@ -4245,14 +4252,14 @@ msgstr "" "autre cible PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3280 +#: sssd.conf.5.xml:3283 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" "<quote>none</quote> pour désactiver explicitement le changement de mot de " "passe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3283 +#: sssd.conf.5.xml:3286 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -4261,19 +4268,19 @@ msgstr "" "peut gérer les changements de mot de passe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3290 +#: sssd.conf.5.xml:3293 msgid "sudo_provider (string)" msgstr "sudo_provider (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3293 +#: sssd.conf.5.xml:3296 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" "Le fournisseur SUDO, utilisé pour le domaine. Les fournisseurs SUDO pris en " "charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3297 +#: sssd.conf.5.xml:3300 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4285,7 +4292,7 @@ msgstr "" "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3305 +#: sssd.conf.5.xml:3308 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." @@ -4294,7 +4301,7 @@ msgstr "" "par défaut pour IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3309 +#: sssd.conf.5.xml:3312 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." @@ -4303,20 +4310,20 @@ msgstr "" "par défaut pour AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3313 +#: sssd.conf.5.xml:3316 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "<quote>none</quote> désactive explicitement SUDO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3316 sssd.conf.5.xml:3402 sssd.conf.5.xml:3467 -#: sssd.conf.5.xml:3492 sssd.conf.5.xml:3528 +#: sssd.conf.5.xml:3319 sssd.conf.5.xml:3405 sssd.conf.5.xml:3470 +#: sssd.conf.5.xml:3495 sssd.conf.5.xml:3531 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" "Par défaut : La valeur de <quote>id_provider</quote> est utilisée si elle " "est définie." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3320 +#: sssd.conf.5.xml:3323 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -4327,7 +4334,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3335 +#: sssd.conf.5.xml:3338 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -4336,12 +4343,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3345 +#: sssd.conf.5.xml:3348 msgid "selinux_provider (string)" msgstr "selinux_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3348 +#: sssd.conf.5.xml:3351 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -4352,7 +4359,7 @@ msgstr "" "fournisseur d'accès. Les fournisseurs selinux pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3354 +#: sssd.conf.5.xml:3357 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -4364,14 +4371,14 @@ msgstr "" "IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3362 +#: sssd.conf.5.xml:3365 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" "<quote>none</quote> n'autorise pas la récupération explicite des paramètres " "selinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3365 +#: sssd.conf.5.xml:3368 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." @@ -4380,12 +4387,12 @@ msgstr "" "gérer le chargement selinux" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3371 +#: sssd.conf.5.xml:3374 msgid "subdomains_provider (string)" msgstr "subdomains_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3374 +#: sssd.conf.5.xml:3377 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" @@ -4395,7 +4402,7 @@ msgstr "" "fournisseurs de sous-domaine pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3380 +#: sssd.conf.5.xml:3383 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -4407,7 +4414,7 @@ msgstr "" "IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3389 +#: sssd.conf.5.xml:3392 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -4416,18 +4423,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3398 +#: sssd.conf.5.xml:3401 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" "<quote>none</quote> désactive la récupération explicite des sous-domaines." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3408 +#: sssd.conf.5.xml:3411 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3411 +#: sssd.conf.5.xml:3414 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -4435,30 +4442,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3418 +#: sssd.conf.5.xml:3421 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3422 +#: sssd.conf.5.xml:3425 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3426 +#: sssd.conf.5.xml:3429 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3433 +#: sssd.conf.5.xml:3436 msgid "autofs_provider (string)" msgstr "autofs_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3436 +#: sssd.conf.5.xml:3439 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" @@ -4466,7 +4473,7 @@ msgstr "" "en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3440 +#: sssd.conf.5.xml:3443 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4478,7 +4485,7 @@ msgstr "" "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3447 +#: sssd.conf.5.xml:3450 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4490,7 +4497,7 @@ msgstr "" "IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3455 +#: sssd.conf.5.xml:3458 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4498,17 +4505,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3464 +#: sssd.conf.5.xml:3467 msgid "<quote>none</quote> disables autofs explicitly." msgstr "<quote>none</quote> désactive explicitement autofs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3474 +#: sssd.conf.5.xml:3477 msgid "hostid_provider (string)" msgstr "hostid_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3477 +#: sssd.conf.5.xml:3480 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" @@ -4517,7 +4524,7 @@ msgstr "" "systèmes. Les fournisseurs de hostid pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3481 +#: sssd.conf.5.xml:3484 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -4529,31 +4536,31 @@ msgstr "" "configuration de IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3492 msgid "<quote>none</quote> disables hostid explicitly." msgstr "<quote>none</quote> désactive explicitement hostid." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3499 +#: sssd.conf.5.xml:3502 msgid "resolver_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3502 +#: sssd.conf.5.xml:3505 msgid "" "The provider which should handle hosts and networks lookups. Supported " "resolver providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3506 +#: sssd.conf.5.xml:3509 msgid "" "<quote>proxy</quote> to forward lookups to another NSS library. See " "<quote>proxy_resolver_lib_name</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3510 +#: sssd.conf.5.xml:3513 msgid "" "<quote>ldap</quote> to fetch hosts and networks stored in LDAP. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -4561,7 +4568,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3517 +#: sssd.conf.5.xml:3520 msgid "" "<quote>ad</quote> to fetch hosts and networks stored in AD. See " "<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" @@ -4570,12 +4577,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3525 +#: sssd.conf.5.xml:3528 msgid "<quote>none</quote> disallows fetching hosts and networks explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3538 +#: sssd.conf.5.xml:3541 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -4591,7 +4598,7 @@ msgstr "" "domaine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3547 +#: sssd.conf.5.xml:3550 #, fuzzy #| msgid "" #| "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" @@ -4608,17 +4615,17 @@ msgstr "" "styles différents pour les noms d'utilisateurs :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3552 sssd.conf.5.xml:3566 +#: sssd.conf.5.xml:3555 sssd.conf.5.xml:3569 msgid "username" msgstr "username" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3555 sssd.conf.5.xml:3569 +#: sssd.conf.5.xml:3558 sssd.conf.5.xml:3572 msgid "username@domain.name" msgstr "username@domain.name" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3560 +#: sssd.conf.5.xml:3563 #, fuzzy #| msgid "" #| "Default for the AD and IPA provider: <quote>(((?P<domain>[^\\\\]+)\\" @@ -4637,12 +4644,12 @@ msgstr "" "styles différents pour les noms d'utilisateurs :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3572 +#: sssd.conf.5.xml:3575 msgid "domain\\username" msgstr "domain\\username" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3575 +#: sssd.conf.5.xml:3578 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." @@ -4652,7 +4659,7 @@ msgstr "" "utilisateurs de domaines Windows." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3580 +#: sssd.conf.5.xml:3583 msgid "" "The default re_expression uses the <quote>@</quote> character as a separator " "between the name and the domain. As a result of this setting the default " @@ -4662,17 +4669,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3632 +#: sssd.conf.5.xml:3635 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Par défaut : <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3638 +#: sssd.conf.5.xml:3641 msgid "lookup_family_order (string)" msgstr "lookup_family_order (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3641 +#: sssd.conf.5.xml:3644 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -4681,82 +4688,82 @@ msgstr "" "utiliser pour effectuer les requêtes DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3645 +#: sssd.conf.5.xml:3648 msgid "Supported values:" msgstr "Valeurs prises en charge :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3648 +#: sssd.conf.5.xml:3651 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" "ipv4_first : essayer de chercher une adresse IPv4, et en cas d'échec, " "essayer IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3651 +#: sssd.conf.5.xml:3654 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" "ipv4_only : ne tenter de résoudre les noms de systèmes qu'en adresses IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3654 +#: sssd.conf.5.xml:3657 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" "ipv6_first : essayer de chercher une adresse IPv6, et en cas d'échec, tenter " "IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3657 +#: sssd.conf.5.xml:3660 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" "ipv6_only : ne tenter de résoudre les noms de systèmes qu'en adresses IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3660 +#: sssd.conf.5.xml:3663 msgid "Default: ipv4_first" msgstr "Par défaut : ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3666 +#: sssd.conf.5.xml:3669 #, fuzzy #| msgid "dns_resolver_timeout (integer)" msgid "dns_resolver_server_timeout (integer)" msgstr "dns_resolver_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3669 +#: sssd.conf.5.xml:3672 msgid "" "Defines the amount of time (in milliseconds) SSSD would try to talk to DNS " "server before trying next DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3674 +#: sssd.conf.5.xml:3677 msgid "" "The AD provider will use this option for the CLDAP ping timeouts as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3678 sssd.conf.5.xml:3698 sssd.conf.5.xml:3719 +#: sssd.conf.5.xml:3681 sssd.conf.5.xml:3701 sssd.conf.5.xml:3722 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3683 sssd-ldap.5.xml:645 include/failover.xml:84 +#: sssd.conf.5.xml:3686 sssd-ldap.5.xml:656 include/failover.xml:84 msgid "Default: 1000" msgstr "Par défaut : 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3689 +#: sssd.conf.5.xml:3692 #, fuzzy #| msgid "dns_resolver_timeout (integer)" msgid "dns_resolver_op_timeout (integer)" msgstr "dns_resolver_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3692 +#: sssd.conf.5.xml:3695 msgid "" "Defines the amount of time (in seconds) to wait to resolve single DNS query " "(e.g. resolution of a hostname or an SRV record) before trying the next " @@ -4764,17 +4771,17 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3703 include/failover.xml:100 +#: sssd.conf.5.xml:3706 include/failover.xml:100 msgid "Default: 3" msgstr "Par défaut : 3" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3709 +#: sssd.conf.5.xml:3712 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3712 +#: sssd.conf.5.xml:3715 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -4783,14 +4790,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3730 +#: sssd.conf.5.xml:3733 #, fuzzy #| msgid "dns_resolver_timeout (integer)" msgid "dns_resolver_use_search_list (bool)" msgstr "dns_resolver_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3733 +#: sssd.conf.5.xml:3736 msgid "" "Normally, the DNS resolver searches the domain list defined in the " "\"search\" directive from the resolv.conf file. This can lead to delays in " @@ -4798,7 +4805,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3739 +#: sssd.conf.5.xml:3742 msgid "" "If fully qualified domain names (or _srv_) are used in the SSSD " "configuration, setting this option to FALSE can prevent unnecessary DNS " @@ -4806,17 +4813,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3745 +#: sssd.conf.5.xml:3748 msgid "Default: TRUE" msgstr "Par défaut : TRUE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3751 +#: sssd.conf.5.xml:3754 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3754 +#: sssd.conf.5.xml:3757 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -4825,21 +4832,21 @@ msgstr "" "du domaine faisant partie de la requête DNS de découverte de services." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3758 +#: sssd.conf.5.xml:3761 msgid "Default: Use the domain part of machine's hostname" msgstr "" "Par défaut : utiliser la partie du domaine qui est dans le nom de système de " "la machine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3764 +#: sssd.conf.5.xml:3767 #, fuzzy #| msgid "pam_id_timeout (integer)" msgid "failover_primary_timeout (integer)" msgstr "pam_id_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3767 +#: sssd.conf.5.xml:3770 msgid "" "When no primary server is available, SSSD fails over to a backup server. " "This option defines the number of seconds SSSD waits before attempting to " @@ -4847,59 +4854,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3774 +#: sssd.conf.5.xml:3777 msgid "Note: The minimum value is 31." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3777 +#: sssd.conf.5.xml:3780 #, fuzzy #| msgid "Default: 3" msgid "Default: 31" msgstr "Par défaut : 3" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3783 +#: sssd.conf.5.xml:3786 msgid "override_gid (integer)" msgstr "override_gid (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3786 +#: sssd.conf.5.xml:3789 msgid "Override the primary GID value with the one specified." msgstr "Redéfinit le GID primaire avec la valeur spécifiée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3792 +#: sssd.conf.5.xml:3795 msgid "case_sensitive (string)" msgstr "case_sensitive (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3799 +#: sssd.conf.5.xml:3802 msgid "True" msgstr "True" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3802 +#: sssd.conf.5.xml:3805 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3808 +#: sssd.conf.5.xml:3811 msgid "False" msgstr "False" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3810 +#: sssd.conf.5.xml:3813 msgid "Case insensitive." msgstr "Insensible à la casse." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3814 +#: sssd.conf.5.xml:3817 msgid "Preserving" msgstr "Preserving" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3817 +#: sssd.conf.5.xml:3820 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -4911,14 +4918,14 @@ msgstr "" "sortie." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3825 +#: sssd.conf.5.xml:3828 msgid "" "If you want to set this value for trusted domain with IPA provider, you need " "to set it on both the client and SSSD on the server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3795 +#: sssd.conf.5.xml:3798 #, fuzzy #| msgid "" #| "The following expansions are supported: <placeholder " @@ -4931,17 +4938,17 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3840 +#: sssd.conf.5.xml:3843 msgid "Default: True (False for AD provider)" msgstr "Par défaut : true (false pour le fournisseur AD)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3846 +#: sssd.conf.5.xml:3849 msgid "subdomain_inherit (string)" msgstr "subdomain_inherit (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3849 +#: sssd.conf.5.xml:3852 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -4949,130 +4956,130 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3855 +#: sssd.conf.5.xml:3858 #, fuzzy #| msgid "ldap_search_timeout (integer)" msgid "ldap_search_timeout" msgstr "ldap_search_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3858 +#: sssd.conf.5.xml:3861 #, fuzzy #| msgid "ldap_network_timeout (integer)" msgid "ldap_network_timeout" msgstr "ldap_network_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3861 +#: sssd.conf.5.xml:3864 #, fuzzy #| msgid "ldap_opt_timeout (integer)" msgid "ldap_opt_timeout" msgstr "ldap_opt_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3864 +#: sssd.conf.5.xml:3867 #, fuzzy #| msgid "ldap_connection_expire_timeout (integer)" msgid "ldap_offline_timeout" msgstr "ldap_connection_expire_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3867 +#: sssd.conf.5.xml:3870 #, fuzzy #| msgid "ldap_enumeration_refresh_timeout (integer)" msgid "ldap_enumeration_refresh_timeout" msgstr "ldap_enumeration_refresh_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3870 +#: sssd.conf.5.xml:3873 #, fuzzy #| msgid "ldap_enumeration_refresh_timeout (integer)" msgid "ldap_enumeration_refresh_offset" msgstr "ldap_enumeration_refresh_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3873 +#: sssd.conf.5.xml:3876 msgid "ldap_purge_cache_timeout" msgstr "ldap_purge_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3876 +#: sssd.conf.5.xml:3879 #, fuzzy #| msgid "ldap_purge_cache_timeout" msgid "ldap_purge_cache_offset" msgstr "ldap_purge_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3879 +#: sssd.conf.5.xml:3882 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3883 +#: sssd.conf.5.xml:3886 #, fuzzy #| msgid "ldap_krb5_ticket_lifetime (integer)" msgid "ldap_krb5_ticket_lifetime" msgstr "ldap_krb5_ticket_lifetime (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3886 +#: sssd.conf.5.xml:3889 #, fuzzy #| msgid "ldap_enumeration_search_timeout (integer)" msgid "ldap_enumeration_search_timeout" msgstr "ldap_enumeration_search_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3889 +#: sssd.conf.5.xml:3892 #, fuzzy #| msgid "ldap_connection_expire_timeout (integer)" msgid "ldap_connection_expire_timeout" msgstr "ldap_connection_expire_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3892 +#: sssd.conf.5.xml:3895 #, fuzzy #| msgid "ldap_connection_expire_timeout (integer)" msgid "ldap_connection_expire_offset" msgstr "ldap_connection_expire_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3895 +#: sssd.conf.5.xml:3898 #, fuzzy #| msgid "ldap_connection_expire_timeout (integer)" msgid "ldap_connection_idle_timeout" msgstr "ldap_connection_expire_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3898 sssd-ldap.5.xml:401 +#: sssd.conf.5.xml:3901 sssd-ldap.5.xml:412 msgid "ldap_use_tokengroups" msgstr "ldap_use_tokengroups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3901 +#: sssd.conf.5.xml:3904 msgid "ldap_user_principal" msgstr "ldap_user_principal" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3904 +#: sssd.conf.5.xml:3907 msgid "ignore_group_members" msgstr "ignore_group_members" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3907 +#: sssd.conf.5.xml:3910 msgid "auto_private_groups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3910 +#: sssd.conf.5.xml:3913 #, fuzzy #| msgid "Case insensitive." msgid "case_sensitive" msgstr "Insensible à la casse." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3915 +#: sssd.conf.5.xml:3918 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -5082,27 +5089,27 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3922 +#: sssd.conf.5.xml:3925 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3929 +#: sssd.conf.5.xml:3932 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3940 +#: sssd.conf.5.xml:3943 msgid "%F" msgstr "%F" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3941 +#: sssd.conf.5.xml:3944 msgid "flat (NetBIOS) name of a subdomain." msgstr "nom plat (NetBIOS) d'un sous-domaine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3932 +#: sssd.conf.5.xml:3935 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -5118,7 +5125,7 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3946 +#: sssd.conf.5.xml:3949 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" @@ -5126,17 +5133,17 @@ msgstr "" "emphasis>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3950 +#: sssd.conf.5.xml:3953 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "Par défaut : <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3955 +#: sssd.conf.5.xml:3958 msgid "realmd_tags (string)" msgstr "realmd_tags (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3958 +#: sssd.conf.5.xml:3961 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" @@ -5144,12 +5151,12 @@ msgstr "" "ce domaine." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3964 +#: sssd.conf.5.xml:3967 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3967 +#: sssd.conf.5.xml:3970 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -5158,19 +5165,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3975 +#: sssd.conf.5.xml:3978 msgid "" "This option's value is inherited by all trusted domains. At the moment it is " "not possible to set a different value per trusted domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3980 +#: sssd.conf.5.xml:3983 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3984 +#: sssd.conf.5.xml:3987 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -5178,14 +5185,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3995 +#: sssd.conf.5.xml:3998 #, fuzzy #| msgid "ldap_pwd_policy (string)" msgid "local_auth_policy (string)" msgstr "ldap_pwd_policy (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3998 +#: sssd.conf.5.xml:4001 msgid "" "Local authentication methods policy. Some backends (i.e. LDAP, proxy " "provider) only support a password based authentication, while others can " @@ -5197,7 +5204,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4010 +#: sssd.conf.5.xml:4013 msgid "" "There are three possible values for this option: match, only, enable. " "<quote>match</quote> is used to match offline and online states for Kerberos " @@ -5209,7 +5216,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4023 +#: sssd.conf.5.xml:4026 msgid "" "The following table shows which authentication methods, if configured " "properly, are currently enabled or disabled for each backend, with the " @@ -5217,44 +5224,44 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4036 +#: sssd.conf.5.xml:4039 #, fuzzy #| msgid "ldap_pwd_policy (string)" msgid "local_auth_policy = match (default)" msgstr "ldap_pwd_policy (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4037 +#: sssd.conf.5.xml:4040 msgid "Passkey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4038 +#: sssd.conf.5.xml:4041 msgid "Smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4041 sssd-ldap.5.xml:189 +#: sssd.conf.5.xml:4044 sssd-ldap.5.xml:189 msgid "IPA" msgstr "IPA" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4044 sssd-ldap.5.xml:194 +#: sssd.conf.5.xml:4047 sssd-ldap.5.xml:194 msgid "AD" msgstr "AD" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para> -#: sssd.conf.5.xml:4044 sssd.conf.5.xml:4047 sssd.conf.5.xml:4048 +#: sssd.conf.5.xml:4047 sssd.conf.5.xml:4050 sssd.conf.5.xml:4051 msgid "disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry> -#: sssd.conf.5.xml:4047 +#: sssd.conf.5.xml:4050 msgid "LDAP" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4052 +#: sssd.conf.5.xml:4055 msgid "" "Please note that if local Smartcard authentication is enabled and a " "Smartcard is present, Smartcard authentication will be preferred over the " @@ -5263,7 +5270,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4064 +#: sssd.conf.5.xml:4067 #, no-wrap msgid "" "[domain/shadowutils]\n" @@ -5274,7 +5281,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4060 +#: sssd.conf.5.xml:4063 msgid "" "The following configuration example allows local users to authenticate " "locally using any enabled method (i.e. smartcard, passkey). <placeholder " @@ -5282,38 +5289,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4072 +#: sssd.conf.5.xml:4075 msgid "" "It is expected that the <quote>files</quote> provider ignores the " "local_auth_policy option and supports Smartcard authentication by default." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4077 +#: sssd.conf.5.xml:4080 #, fuzzy #| msgid "Default: cn" msgid "Default: match" msgstr "Par défaut : cn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4082 +#: sssd.conf.5.xml:4085 msgid "auto_private_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4088 +#: sssd.conf.5.xml:4091 msgid "true" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4091 +#: sssd.conf.5.xml:4094 msgid "" "Create user's private group unconditionally from user's UID number. The GID " "number is ignored in this case." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4095 +#: sssd.conf.5.xml:4098 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -5322,24 +5329,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4104 +#: sssd.conf.5.xml:4107 msgid "false" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4107 +#: sssd.conf.5.xml:4110 msgid "" "Always use the user's primary GID number. The GID number must refer to a " "group object in the LDAP database." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4113 +#: sssd.conf.5.xml:4116 msgid "hybrid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4116 +#: sssd.conf.5.xml:4119 msgid "" "A primary group is autogenerated for user entries whose UID and GID numbers " "have the same value and at the same time the GID number does not correspond " @@ -5349,14 +5356,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4129 +#: sssd.conf.5.xml:4132 msgid "" "If the UID and GID of a user are different, then the GID must correspond to " "a group entry, otherwise the GID is simply not resolvable." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4136 +#: sssd.conf.5.xml:4139 msgid "" "This feature is useful for environments that wish to stop maintaining a " "separate group objects for the user private groups, but also wish to retain " @@ -5364,21 +5371,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4085 +#: sssd.conf.5.xml:4088 msgid "" "This option takes any of three available values: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4148 +#: sssd.conf.5.xml:4151 msgid "" "For subdomains, the default value is False for subdomains that use assigned " "POSIX IDs and True for subdomains that use automatic ID-mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4156 +#: sssd.conf.5.xml:4159 #, no-wrap msgid "" "[domain/forest.domain/sub.domain]\n" @@ -5386,7 +5393,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4162 +#: sssd.conf.5.xml:4165 #, no-wrap msgid "" "[domain/forest.domain]\n" @@ -5395,7 +5402,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4153 +#: sssd.conf.5.xml:4156 msgid "" "The value of auto_private_groups can either be set per subdomains in a " "subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " @@ -5404,7 +5411,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2552 +#: sssd.conf.5.xml:2555 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -5416,17 +5423,17 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4177 +#: sssd.conf.5.xml:4180 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4180 +#: sssd.conf.5.xml:4183 msgid "The proxy target PAM proxies to." msgstr "Le proxy cible duquel PAM devient mandataire." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4183 +#: sssd.conf.5.xml:4186 #, fuzzy #| msgid "" #| "Default: not set by default, you have to take an existing pam " @@ -5440,12 +5447,12 @@ msgstr "" "ou en créer une nouvelle et ajouter le nom de service ici." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4193 +#: sssd.conf.5.xml:4196 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4196 +#: sssd.conf.5.xml:4199 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -5456,12 +5463,12 @@ msgstr "" "_nss_$(libName)_$(function), par exemple _nss_files_getpwent." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4206 +#: sssd.conf.5.xml:4209 msgid "proxy_resolver_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4209 +#: sssd.conf.5.xml:4212 msgid "" "The name of the NSS library to use for hosts and networks lookups in proxy " "domains. The NSS functions searched for in the library are in the form of " @@ -5469,12 +5476,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4220 +#: sssd.conf.5.xml:4223 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4223 +#: sssd.conf.5.xml:4226 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -5488,12 +5495,12 @@ msgstr "" "afin d'améliorer les performances." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4237 +#: sssd.conf.5.xml:4240 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4240 +#: sssd.conf.5.xml:4243 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -5501,7 +5508,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4173 +#: sssd.conf.5.xml:4176 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -5510,12 +5517,12 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:4256 +#: sssd.conf.5.xml:4259 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4258 +#: sssd.conf.5.xml:4261 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -5532,7 +5539,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4278 +#: sssd.conf.5.xml:4281 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -5540,17 +5547,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:4284 +#: sssd.conf.5.xml:4287 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4286 +#: sssd.conf.5.xml:4289 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4289 +#: sssd.conf.5.xml:4292 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -5559,7 +5566,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4303 +#: sssd.conf.5.xml:4306 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -5569,7 +5576,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:4311 +#: sssd.conf.5.xml:4314 #, no-wrap msgid "" "[sssd]\n" @@ -5589,12 +5596,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4331 +#: sssd.conf.5.xml:4334 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4333 +#: sssd.conf.5.xml:4336 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -5605,69 +5612,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4340 +#: sssd.conf.5.xml:4343 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4341 +#: sssd.conf.5.xml:4344 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4342 +#: sssd.conf.5.xml:4345 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4343 +#: sssd.conf.5.xml:4346 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4344 +#: sssd.conf.5.xml:4347 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4345 +#: sssd.conf.5.xml:4348 msgid "ldap_sasl_mech," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4346 +#: sssd.conf.5.xml:4349 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4347 +#: sssd.conf.5.xml:4350 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4348 +#: sssd.conf.5.xml:4351 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4349 sssd-ipa.5.xml:884 +#: sssd.conf.5.xml:4352 sssd-ipa.5.xml:948 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4353 +#: sssd.conf.5.xml:4356 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4359 +#: sssd.conf.5.xml:4362 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4361 +#: sssd.conf.5.xml:4364 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -5680,7 +5687,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4375 +#: sssd.conf.5.xml:4378 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -5688,7 +5695,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4384 +#: sssd.conf.5.xml:4387 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -5697,55 +5704,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4391 +#: sssd.conf.5.xml:4394 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4394 +#: sssd.conf.5.xml:4397 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4398 +#: sssd.conf.5.xml:4401 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4405 +#: sssd.conf.5.xml:4408 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4408 +#: sssd.conf.5.xml:4411 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4414 +#: sssd.conf.5.xml:4417 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4420 +#: sssd.conf.5.xml:4423 msgid "" -"The RULE_NAME for the <quote>files</quote> provider which tries to find a " -"user with the same name." +"If maprule is not set and provider is <quote>proxy</quote><phrase " +"condition=\"with_files_provider\">  or <quote>files</quote></phrase>, " +"the RULE_NAME name is assumed to be the name of the matching user." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4429 +#: sssd.conf.5.xml:4434 msgid "domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4432 +#: sssd.conf.5.xml:4437 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -5754,17 +5762,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4439 +#: sssd.conf.5.xml:4444 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4444 +#: sssd.conf.5.xml:4449 msgid "priority (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4447 +#: sssd.conf.5.xml:4452 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -5772,26 +5780,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4453 +#: sssd.conf.5.xml:4458 msgid "Default: the lowest priority" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4459 +#: sssd.conf.5.xml:4464 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4465 +#: sssd.conf.5.xml:4470 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4471 +#: sssd.conf.5.xml:4476 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -5800,17 +5808,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4480 +#: sssd.conf.5.xml:4485 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4488 +#: sssd.conf.5.xml:4493 msgid "PROMPTING CONFIGURATION SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4490 +#: sssd.conf.5.xml:4495 msgid "" "If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" "filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " @@ -5820,7 +5828,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4498 +#: sssd.conf.5.xml:4503 msgid "" "With the growing number of authentication methods and the possibility that " "there are multiple ones for a single user the heuristic used by pam_sss to " @@ -5829,59 +5837,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4510 +#: sssd.conf.5.xml:4515 msgid "[prompting/password]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4513 +#: sssd.conf.5.xml:4518 msgid "password_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4514 +#: sssd.conf.5.xml:4519 msgid "to change the string of the password prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4512 +#: sssd.conf.5.xml:4517 msgid "" "to configure password prompting, allowed options are: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4522 +#: sssd.conf.5.xml:4527 msgid "[prompting/2fa]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4526 +#: sssd.conf.5.xml:4531 msgid "first_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4527 +#: sssd.conf.5.xml:4532 msgid "to change the string of the prompt for the first factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4530 +#: sssd.conf.5.xml:4535 msgid "second_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4531 +#: sssd.conf.5.xml:4536 msgid "to change the string of the prompt for the second factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4534 +#: sssd.conf.5.xml:4539 msgid "single_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4535 +#: sssd.conf.5.xml:4540 msgid "" "boolean value, if True there will be only a single prompt using the value of " "first_prompt where it is expected that both factors are entered as a single " @@ -5890,7 +5898,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4524 +#: sssd.conf.5.xml:4529 msgid "" "to configure two-factor authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/> If the second factor is " @@ -5899,7 +5907,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4548 +#: sssd.conf.5.xml:4553 msgid "" "Some clients, such as SSH with 'PasswordAuthentication yes', generate their " "own prompts and do not use prompts provided by SSSD or other PAM modules. " @@ -5910,17 +5918,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4563 +#: sssd.conf.5.xml:4568 msgid "[prompting/passkey]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4569 sssd-ad.5.xml:1022 +#: sssd.conf.5.xml:4574 sssd-ad.5.xml:1022 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4571 +#: sssd.conf.5.xml:4576 msgid "" "boolean value, if True prompt a message and wait before testing the presence " "of a passkey device. Recommended if your device doesn’t have a tactile " @@ -5928,39 +5936,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4579 +#: sssd.conf.5.xml:4584 msgid "interactive_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4581 +#: sssd.conf.5.xml:4586 msgid "to change the message of the interactive prompt." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4586 +#: sssd.conf.5.xml:4591 msgid "touch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4588 +#: sssd.conf.5.xml:4593 msgid "" "boolean value, if True prompt a message to remind the user to touch the " "device." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4594 +#: sssd.conf.5.xml:4599 msgid "touch_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4596 +#: sssd.conf.5.xml:4601 msgid "to change the message of the touch prompt." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4565 +#: sssd.conf.5.xml:4570 #, fuzzy #| msgid "" #| "The following expansions are supported: <placeholder " @@ -5973,7 +5981,7 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4505 +#: sssd.conf.5.xml:4510 msgid "" "Each supported authentication method has its own configuration subsection " "under <quote>[prompting/...]</quote>. Currently there are: <placeholder " @@ -5982,7 +5990,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4607 +#: sssd.conf.5.xml:4612 msgid "" "It is possible to add a subsection for specific PAM services, e.g. " "<quote>[prompting/password/sshd]</quote> to individual change the prompting " @@ -5990,12 +5998,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4614 pam_sss_gss.8.xml:157 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:4619 pam_sss_gss.8.xml:157 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4620 +#: sssd.conf.5.xml:4625 #, fuzzy, no-wrap #| msgid "" #| "[sssd]\n" @@ -6073,7 +6081,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4616 +#: sssd.conf.5.xml:4621 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -6082,7 +6090,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4652 +#: sssd.conf.5.xml:4657 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -6090,7 +6098,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4646 +#: sssd.conf.5.xml:4651 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -6101,7 +6109,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4663 +#: sssd.conf.5.xml:4668 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -6112,7 +6120,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4657 +#: sssd.conf.5.xml:4662 msgid "" "3. The following example shows the configuration of a certificate mapping " "rule. It is valid for the configured domain <quote>my.domain</quote> and " @@ -6451,8 +6459,17 @@ msgstr "" msgid "ldap_modify - Direct modification of userPassword (not recommended)." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:239 +msgid "" +"exop_force - Try Password Modify Extended Operation (RFC 3062) even if there " +"are no grace logins left. Depending on the type and configuration of the " +"LDAP server the password change might fail because an authenticated bind is " +"not possible." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:240 +#: sssd-ldap.5.xml:251 msgid "" "Note: First, a new connection is established to verify current password by " "binding as the user that requested password change. If successful, this " @@ -6461,76 +6478,76 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:248 +#: sssd-ldap.5.xml:259 msgid "Default: exop" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:265 msgid "ldap_default_bind_dn (string)" msgstr "ldap_default_bind_dn (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:268 msgid "The default bind DN to use for performing LDAP operations." msgstr "" "Le DN de connexion par défaut à utiliser pour effectuer les opérations LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:264 +#: sssd-ldap.5.xml:275 msgid "ldap_default_authtok_type (string)" msgstr "ldap_default_authtok_type (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:267 +#: sssd-ldap.5.xml:278 msgid "The type of the authentication token of the default bind DN." msgstr "" "Le type de jeton d'authentification pour le DN de connexion par défaut." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:271 +#: sssd-ldap.5.xml:282 msgid "The two mechanisms currently supported are:" msgstr "Les deux mécanismes actuellement pris en charge sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:274 +#: sssd-ldap.5.xml:285 msgid "password" msgstr "password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:288 msgid "obfuscated_password" msgstr "obfuscated_password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:291 msgid "Default: password" msgstr "Par défaut : password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:283 +#: sssd-ldap.5.xml:294 msgid "" "See the <citerefentry> <refentrytitle>sss_obfuscate</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> manual page for more information." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:294 +#: sssd-ldap.5.xml:305 msgid "ldap_default_authtok (string)" msgstr "ldap_default_authtok (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 +#: sssd-ldap.5.xml:308 msgid "The authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:314 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:317 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -6543,12 +6560,12 @@ msgstr "" "utiliser un nom de domaine en majuscules." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:319 +#: sssd-ldap.5.xml:330 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:322 +#: sssd-ldap.5.xml:333 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." @@ -6557,12 +6574,12 @@ msgstr "" "d'actualiser son cache d\"énumération d'enregistrements." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:349 msgid "ldap_purge_cache_timeout (integer)" msgstr "ldap_purge_cache_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:341 +#: sssd-ldap.5.xml:352 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -6573,7 +6590,7 @@ msgstr "" "jamais connectés) et de suppression pour économiser de l'espace." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:358 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -6582,12 +6599,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:367 +#: sssd-ldap.5.xml:378 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:370 +#: sssd-ldap.5.xml:381 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -6599,7 +6616,7 @@ msgstr "" "schéma RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:377 +#: sssd-ldap.5.xml:388 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -6609,7 +6626,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:397 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -6619,12 +6636,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:395 +#: sssd-ldap.5.xml:406 msgid "Default: 2" msgstr "Par défaut : 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 +#: sssd-ldap.5.xml:415 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." @@ -6634,25 +6651,25 @@ msgstr "" "2008 et versions ultérieures." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:414 +#: sssd-ldap.5.xml:425 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:420 +#: sssd-ldap.5.xml:431 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:423 +#: sssd-ldap.5.xml:434 msgid "Optional. Use the given string as search base for host objects." msgstr "" "Facultatif. Utiliser la chaîne donnée comme base de recherche pour héberger " "des objets." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:427 sssd-ipa.5.xml:462 sssd-ipa.5.xml:481 sssd-ipa.5.xml:500 -#: sssd-ipa.5.xml:519 +#: sssd-ldap.5.xml:438 sssd-ipa.5.xml:526 sssd-ipa.5.xml:545 sssd-ipa.5.xml:564 +#: sssd-ipa.5.xml:583 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " "multiple search bases." @@ -6661,32 +6678,32 @@ msgstr "" "configuration des bases de recherche multiples." #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:432 sssd-ipa.5.xml:467 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:443 sssd-ipa.5.xml:531 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "Par défaut : la valeur de <emphasis>ldap_search_base</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:450 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:444 +#: sssd-ldap.5.xml:455 msgid "ldap_iphost_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:449 +#: sssd-ldap.5.xml:460 msgid "ldap_ipnetwork_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:465 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:468 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -6697,7 +6714,7 @@ msgstr "" "activation du mode hors ligne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:463 +#: sssd-ldap.5.xml:474 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -6708,12 +6725,12 @@ msgstr "" "différents types de recherches." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:480 +#: sssd-ldap.5.xml:491 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:483 +#: sssd-ldap.5.xml:494 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -6724,12 +6741,12 @@ msgstr "" "résultats mis en cache (et activation du mode hors ligne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:501 +#: sssd-ldap.5.xml:512 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:504 +#: sssd-ldap.5.xml:515 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -6746,12 +6763,12 @@ msgstr "" "citerefentry> rendent la main en cas d'inactivité." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:532 +#: sssd-ldap.5.xml:543 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:546 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -6760,12 +6777,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:566 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:569 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -6778,7 +6795,7 @@ msgstr "" "courte des deux valeurs entre celle-ci et la durée de vie TGT sera utilisée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:577 msgid "" "If the connection is idle (not actively running an operation) within " "<emphasis>ldap_opt_timeout</emphasis> seconds of expiration, then it will be " @@ -6789,38 +6806,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:578 +#: sssd-ldap.5.xml:589 msgid "" "This timeout can be extended of a random value specified by " "<emphasis>ldap_connection_expire_offset</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:588 sssd-ldap.5.xml:631 sssd-ldap.5.xml:1749 +#: sssd-ldap.5.xml:599 sssd-ldap.5.xml:642 sssd-ldap.5.xml:1760 msgid "Default: 900 (15 minutes)" msgstr "Par défaut : 900 (15 minutes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:594 +#: sssd-ldap.5.xml:605 msgid "ldap_connection_expire_offset (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:597 +#: sssd-ldap.5.xml:608 msgid "" "Random offset between 0 and configured value is added to " "<emphasis>ldap_connection_expire_timeout</emphasis>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:624 #, fuzzy #| msgid "ldap_connection_expire_timeout (integer)" msgid "ldap_connection_idle_timeout (integer)" msgstr "ldap_connection_expire_timeout (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 +#: sssd-ldap.5.xml:627 #, fuzzy #| msgid "" #| "Specifies a timeout (in seconds) that a connection to an LDAP server will " @@ -6838,17 +6855,17 @@ msgstr "" "courte des deux valeurs entre celle-ci et la durée de vie TGT sera utilisée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:622 +#: sssd-ldap.5.xml:633 msgid "You can disable this timeout by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:648 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:651 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." @@ -6857,12 +6874,12 @@ msgstr "" "Certains serveurs LDAP imposent une limite maximale par requête." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:662 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:654 +#: sssd-ldap.5.xml:665 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -6874,7 +6891,7 @@ msgstr "" "correctement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:660 +#: sssd-ldap.5.xml:671 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." @@ -6884,7 +6901,7 @@ msgstr "" "sera impossible de l'utiliser." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:666 +#: sssd-ldap.5.xml:677 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -6895,17 +6912,17 @@ msgstr "" "cela peut entraîner l'échec de certaines demandes." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:678 +#: sssd-ldap.5.xml:689 msgid "ldap_disable_range_retrieval (boolean)" msgstr "ldap_disable_range_retrieval (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:681 +#: sssd-ldap.5.xml:692 msgid "Disable Active Directory range retrieval." msgstr "Désactiver la récupération de plage Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:684 +#: sssd-ldap.5.xml:695 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -6921,12 +6938,12 @@ msgstr "" "apparaissant ainsi sans aucun membre." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:699 +#: sssd-ldap.5.xml:710 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 +#: sssd-ldap.5.xml:713 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -6937,19 +6954,19 @@ msgstr "" "de cette option sont définies par OpenLDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:708 sssd-ldap.5.xml:724 +#: sssd-ldap.5.xml:719 sssd-ldap.5.xml:735 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" "Par défaut : Utiliser la valeur par défaut du système (généralement spécifié " "par ldap.conf)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:715 +#: sssd-ldap.5.xml:726 msgid "ldap_sasl_maxssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:718 +#: sssd-ldap.5.xml:729 msgid "" "When communicating with an LDAP server using SASL, specify the maximal " "security level necessary to establish the connection. The values of this " @@ -6957,12 +6974,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:742 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:734 +#: sssd-ldap.5.xml:745 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -6973,7 +6990,7 @@ msgstr "" "membres manquants est inférieur, ils sont recherchés individuellement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:740 +#: sssd-ldap.5.xml:751 msgid "" "You can turn off dereference lookups completely by setting the value to 0. " "Please note that there are some codepaths in SSSD, like the IPA HBAC " @@ -6984,7 +7001,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:751 +#: sssd-ldap.5.xml:762 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -6997,7 +7014,7 @@ msgstr "" "acceptés sont 389/RHDS, OpenLDAP et Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 +#: sssd-ldap.5.xml:770 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -7008,12 +7025,12 @@ msgstr "" "déréférencement est désactivée indépendamment de ce paramètre." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:783 msgid "ldap_ignore_unreadable_references (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 +#: sssd-ldap.5.xml:786 msgid "" "Ignore unreadable LDAP entries referenced in group's member attribute. If " "this parameter is set to false an error will be returned and the operation " @@ -7021,7 +7038,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:782 +#: sssd-ldap.5.xml:793 msgid "" "This parameter may be useful when using the AD provider and the computer " "account that sssd uses to connect to AD does not have access to a particular " @@ -7029,12 +7046,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:795 +#: sssd-ldap.5.xml:806 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:798 +#: sssd-ldap.5.xml:809 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -7043,7 +7060,7 @@ msgstr "" "session TLS, si elle existe. Une des valeurs suivantes est utilisable :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 +#: sssd-ldap.5.xml:815 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -7052,7 +7069,7 @@ msgstr "" "quelconque certificat du serveur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:808 +#: sssd-ldap.5.xml:819 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -7063,7 +7080,7 @@ msgstr "" "certificat est fourni, il est ignoré et la session continue normalement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:826 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -7074,7 +7091,7 @@ msgstr "" "certificat est fourni, la session se termine immédiatement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:821 +#: sssd-ldap.5.xml:832 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -7085,22 +7102,22 @@ msgstr "" "immédiatement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:838 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> : identique à <quote>demand</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:831 +#: sssd-ldap.5.xml:842 msgid "Default: hard" msgstr "Par défaut : hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:837 +#: sssd-ldap.5.xml:848 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:840 +#: sssd-ldap.5.xml:851 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -7109,7 +7126,7 @@ msgstr "" "certification que <command>sssd</command> reconnaîtra." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 sssd-ldap.5.xml:864 sssd-ldap.5.xml:905 +#: sssd-ldap.5.xml:856 sssd-ldap.5.xml:875 sssd-ldap.5.xml:916 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -7118,12 +7135,12 @@ msgstr "" "<filename>/etc/openldap/ldap.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:852 +#: sssd-ldap.5.xml:863 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:866 #, fuzzy #| msgid "" #| "Specifies the path of a directory that contains Certificate Authority " @@ -7145,32 +7162,32 @@ msgstr "" "corrects." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:871 +#: sssd-ldap.5.xml:882 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:885 msgid "Specifies the file that contains the certificate for the client's key." msgstr "Définit le fichier qui contient le certificat pour la clef du client." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 +#: sssd-ldap.5.xml:895 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:898 msgid "Specifies the file that contains the client's key." msgstr "Définit le fichier qui contient la clef du client." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:907 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:910 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -7178,12 +7195,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 +#: sssd-ldap.5.xml:923 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:926 #, fuzzy #| msgid "" #| "Specifies that the id_provider connection must also use <systemitem " @@ -7198,12 +7215,12 @@ msgstr "" "canal." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:937 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:940 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -7215,19 +7232,19 @@ msgstr "" "ldap_group_gid_number." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:946 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" "Cette fonctionnalité ne prend actuellement en charge que la correspondance " "par objectSID avec Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:945 +#: sssd-ldap.5.xml:956 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:959 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -7247,24 +7264,24 @@ msgstr "" "identifiants." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:960 +#: sssd-ldap.5.xml:971 msgid "Default: not set (both options are set to 0)" msgstr "Par défaut : non indiqué (les deux options sont à 0)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:966 +#: sssd-ldap.5.xml:977 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:969 +#: sssd-ldap.5.xml:980 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " "tested and supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 +#: sssd-ldap.5.xml:984 msgid "" "If the backend supports sub-domains the value of ldap_sasl_mech is " "automatically inherited to the sub-domains. If a different value is needed " @@ -7275,12 +7292,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:989 +#: sssd-ldap.5.xml:1000 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1001 +#: sssd-ldap.5.xml:1012 #, no-wrap msgid "" "hostname@REALM\n" @@ -7293,7 +7310,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:992 +#: sssd-ldap.5.xml:1003 msgid "" "Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " "this represents the Kerberos principal used for authentication to the " @@ -7305,17 +7322,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1012 +#: sssd-ldap.5.xml:1023 msgid "Default: host/hostname@REALM" msgstr "Par défaut : host/hostname@REALM" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1018 +#: sssd-ldap.5.xml:1029 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1032 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -7326,17 +7343,17 @@ msgstr "" "domaine, cette option est ignorée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1038 msgid "Default: the value of krb5_realm." msgstr "Par défaut : la valeur de krb5_realm." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 +#: sssd-ldap.5.xml:1044 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 +#: sssd-ldap.5.xml:1047 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." @@ -7345,34 +7362,34 @@ msgstr "" "le nom de l'hôte au cours d'une liaison SASL." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1041 +#: sssd-ldap.5.xml:1052 msgid "Default: false;" msgstr "Défaut : false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1047 +#: sssd-ldap.5.xml:1058 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1050 +#: sssd-ldap.5.xml:1061 msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 sssd-krb5.5.xml:247 +#: sssd-ldap.5.xml:1070 sssd-krb5.5.xml:247 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Par défaut : le fichier keytab du système, normalement <filename>/etc/krb5." "keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 +#: sssd-ldap.5.xml:1076 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 +#: sssd-ldap.5.xml:1079 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -7380,28 +7397,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1080 +#: sssd-ldap.5.xml:1091 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1094 msgid "" "Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1092 sssd-ad.5.xml:1253 +#: sssd-ldap.5.xml:1103 sssd-ad.5.xml:1256 msgid "Default: 86400 (24 hours)" msgstr "Par défaut : 86400 (24 heures)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1098 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1109 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1101 +#: sssd-ldap.5.xml:1112 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -7421,7 +7438,7 @@ msgstr "" "<quote>DÉCOUVERTE DE SERVICES</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1113 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1124 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -7432,7 +7449,7 @@ msgstr "" "comme protocole, et passe sur _tcp si aucune entrée n'est trouvée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1118 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1129 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -7444,29 +7461,29 @@ msgstr "" "l'utilisation de <quote>krb5_server</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1127 sssd-ipa.5.xml:531 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1138 sssd-ipa.5.xml:595 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1130 +#: sssd-ldap.5.xml:1141 msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1134 +#: sssd-ldap.5.xml:1145 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Par défaut : valeur par défaut du système, voir <filename>/etc/krb5.conf</" "filename>" #. type: Content of: <variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1140 include/krb5_options.xml:154 +#: sssd-ldap.5.xml:1151 include/krb5_options.xml:154 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1143 +#: sssd-ldap.5.xml:1154 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" @@ -7476,12 +7493,12 @@ msgstr "" "Kerberos > = 1.7" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1155 sssd-krb5.5.xml:336 +#: sssd-ldap.5.xml:1166 sssd-krb5.5.xml:336 msgid "krb5_use_kdcinfo (boolean)" msgstr "krb5_use_kdcinfo (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1158 sssd-krb5.5.xml:339 +#: sssd-ldap.5.xml:1169 sssd-krb5.5.xml:339 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -7496,7 +7513,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 sssd-krb5.5.xml:350 +#: sssd-ldap.5.xml:1180 sssd-krb5.5.xml:350 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -7508,12 +7525,12 @@ msgstr "" "localisation." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1183 +#: sssd-ldap.5.xml:1194 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1186 +#: sssd-ldap.5.xml:1197 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -7522,7 +7539,7 @@ msgstr "" "valeurs suivantes sont acceptées :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1202 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -7531,7 +7548,7 @@ msgstr "" "peut pas désactiver la politique sur les mots de passe du côté serveur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1196 +#: sssd-ldap.5.xml:1207 #, fuzzy #| msgid "" #| "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" @@ -7548,7 +7565,7 @@ msgstr "" "manvolnum></citerefentry> pour évaluer si le mot de passe a expiré." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1204 +#: sssd-ldap.5.xml:1215 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -7560,7 +7577,7 @@ msgstr "" "est changé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1213 +#: sssd-ldap.5.xml:1224 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." @@ -7569,17 +7586,17 @@ msgstr "" "côté serveur, elle prend le pas sur la politique indiquée avec cette option." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1232 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1235 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "Définit si le déréférencement automatique doit être activé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 +#: sssd-ldap.5.xml:1239 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -7588,7 +7605,7 @@ msgstr "" "compilé avec OpenLDAP version 2.4.13 ou supérieur." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1233 +#: sssd-ldap.5.xml:1244 #, fuzzy #| msgid "" #| "Chasing referrals may incur a performance penalty in environments that " @@ -7612,29 +7629,29 @@ msgstr "" "permettre d'améliorer de façon notable les performances." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1263 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1255 +#: sssd-ldap.5.xml:1266 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "Définit le nom de service à utiliser quand la découverte de services est " "activée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1259 +#: sssd-ldap.5.xml:1270 msgid "Default: ldap" msgstr "Par défaut : ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1265 +#: sssd-ldap.5.xml:1276 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1279 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -7643,19 +7660,19 @@ msgstr "" "un changement de mot de passe quand la découverte de services est activée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 +#: sssd-ldap.5.xml:1284 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" "Par défaut : non défini, c'est-à-dire que le service de découverte est " "désactivé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1290 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 +#: sssd-ldap.5.xml:1293 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." @@ -7665,7 +7682,7 @@ msgstr "" "de passe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1288 +#: sssd-ldap.5.xml:1299 msgid "" "It is recommend to set this option explicitly if \"ldap_pwd_policy = " "shadow\" is used to let SSSD know if the LDAP server will update " @@ -7674,12 +7691,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1313 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1305 +#: sssd-ldap.5.xml:1316 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -7695,12 +7712,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1336 msgid "Example:" msgstr "Exemple :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1328 +#: sssd-ldap.5.xml:1339 #, no-wrap msgid "" "access_provider = ldap\n" @@ -7712,7 +7729,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1332 +#: sssd-ldap.5.xml:1343 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." @@ -7721,7 +7738,7 @@ msgstr "" "dont l'attribut employeeType est « admin »." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 +#: sssd-ldap.5.xml:1348 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -7730,17 +7747,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1345 sssd-ldap.5.xml:1401 +#: sssd-ldap.5.xml:1356 sssd-ldap.5.xml:1412 msgid "Default: Empty" msgstr "Par défaut : vide" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1351 +#: sssd-ldap.5.xml:1362 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1354 +#: sssd-ldap.5.xml:1365 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -7749,7 +7766,7 @@ msgstr "" "être activée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1358 +#: sssd-ldap.5.xml:1369 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -7761,12 +7778,12 @@ msgstr "" "correct." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1365 +#: sssd-ldap.5.xml:1376 msgid "The following values are allowed:" msgstr "Les valeurs suivantes sont autorisées :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1368 +#: sssd-ldap.5.xml:1379 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -7775,7 +7792,7 @@ msgstr "" "pour déterminer si le compte a expiré." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1373 +#: sssd-ldap.5.xml:1384 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -7788,7 +7805,7 @@ msgstr "" "d'expiration du compte est aussi vérifiée." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1380 +#: sssd-ldap.5.xml:1391 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -7799,7 +7816,7 @@ msgstr "" "l'accès est autorisé ou non." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1386 +#: sssd-ldap.5.xml:1397 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -7812,7 +7829,7 @@ msgstr "" "est autorisé. Si les deux attributs sont manquants, l'accès est autorisé." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1394 +#: sssd-ldap.5.xml:1405 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -7823,24 +7840,24 @@ msgstr "" "ldap_account_expire_policy de fonctionner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1407 +#: sssd-ldap.5.xml:1418 msgid "ldap_access_order (string)" msgstr "ldap_access_order (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1410 sssd-ipa.5.xml:356 +#: sssd-ldap.5.xml:1421 sssd-ipa.5.xml:420 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "Liste séparées par des virgules des options de contrôles d'accès. Les " "valeurs autorisées sont :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 +#: sssd-ldap.5.xml:1425 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis> : utiliser ldap_access_filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1417 +#: sssd-ldap.5.xml:1428 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -7850,14 +7867,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1427 +#: sssd-ldap.5.xml:1438 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1434 +#: sssd-ldap.5.xml:1445 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -7870,12 +7887,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1451 +#: sssd-ldap.5.xml:1462 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>expire</emphasis>: utiliser ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 sssd-ipa.5.xml:364 +#: sssd-ldap.5.xml:1466 sssd-ipa.5.xml:428 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -7885,31 +7902,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1465 sssd-ipa.5.xml:374 +#: sssd-ldap.5.xml:1476 sssd-ipa.5.xml:438 msgid "" "The difference between these options is the action taken if user password is " "expired:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1470 sssd-ipa.5.xml:379 +#: sssd-ldap.5.xml:1481 sssd-ipa.5.xml:443 msgid "pwd_expire_policy_reject - user is denied to log in," msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1476 sssd-ipa.5.xml:385 +#: sssd-ldap.5.xml:1487 sssd-ipa.5.xml:449 msgid "pwd_expire_policy_warn - user is still able to log in," msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1482 sssd-ipa.5.xml:391 +#: sssd-ldap.5.xml:1493 sssd-ipa.5.xml:455 msgid "" "pwd_expire_policy_renew - user is prompted to change their password " "immediately." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1490 +#: sssd-ldap.5.xml:1501 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to shadow or mit_kerberos, these " @@ -7917,7 +7934,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1507 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -7926,32 +7943,32 @@ msgstr "" "authorizedService pour déterminer l'accès" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1501 +#: sssd-ldap.5.xml:1512 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis> : utilise l'attribut host pour déterminer l'accès" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1505 +#: sssd-ldap.5.xml:1516 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1520 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1514 +#: sssd-ldap.5.xml:1525 msgid "Default: filter" msgstr "Par défaut : filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1528 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -7960,12 +7977,12 @@ msgstr "" "de configuration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1524 +#: sssd-ldap.5.xml:1535 msgid "ldap_pwdlockout_dn (string)" msgstr "ldap_pwdlockout_dn (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 +#: sssd-ldap.5.xml:1538 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -7974,22 +7991,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:1546 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "Exemple : cn=ppolicy,ou=policies,dc=example,dc=com" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1538 +#: sssd-ldap.5.xml:1549 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1555 msgid "ldap_deref (string)" msgstr "ldap_deref (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1558 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -7998,12 +8015,12 @@ msgstr "" "recherche. Les options suivantes sont autorisées :" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1563 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "<emphasis>never</emphasis> : les alias ne sont jamais déréférencés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1556 +#: sssd-ldap.5.xml:1567 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -8013,7 +8030,7 @@ msgstr "" "recherche." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1561 +#: sssd-ldap.5.xml:1572 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -8022,7 +8039,7 @@ msgstr "" "la localisation de l'objet de base de la recherche." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1566 +#: sssd-ldap.5.xml:1577 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -8031,7 +8048,7 @@ msgstr "" "recherche et et la localisation de l'objet de base de la recherche." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 +#: sssd-ldap.5.xml:1582 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -8040,12 +8057,12 @@ msgstr "" "bibliothèques clientes LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1579 +#: sssd-ldap.5.xml:1590 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1593 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." @@ -8054,7 +8071,7 @@ msgstr "" "LDAP pour les serveurs qui utilisent le schéma RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1586 +#: sssd-ldap.5.xml:1597 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -8072,7 +8089,7 @@ msgstr "" "initgoups()." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1597 +#: sssd-ldap.5.xml:1608 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -8083,64 +8100,64 @@ msgstr "" "ajoutent les utilisateurs locaux aux groupes LDAP." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1609 sssd-ifp.5.xml:152 +#: sssd-ldap.5.xml:1620 sssd-ifp.5.xml:152 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1612 +#: sssd-ldap.5.xml:1623 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1616 +#: sssd-ldap.5.xml:1627 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1631 msgid "Default: 1000 (often the size of one page)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1626 +#: sssd-ldap.5.xml:1637 #, fuzzy #| msgid "debug_level (integer)" msgid "ldap_library_debug_level (integer)" msgstr "debug_level (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1629 +#: sssd-ldap.5.xml:1640 msgid "" "Switches on libldap debugging with the given level. The libldap debug " "messages will be written independent of the general debug_level." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1634 +#: sssd-ldap.5.xml:1645 msgid "" "OpenLDAP uses a bitmap to enable debugging for specific components, -1 will " "enable full debug output." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1639 +#: sssd-ldap.5.xml:1650 #, fuzzy #| msgid "Default: 0 (disabled)" msgid "Default: 0 (libldap debugging disabled)" msgstr "Par défaut : 0 (désactivé)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1645 +#: sssd-ldap.5.xml:1656 #, fuzzy #| msgid "ldap_id_mapping (boolean)" msgid "ldap_use_ppolicy (boolean)" msgstr "ldap_id_mapping (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1659 msgid "" "Turns on requesting and relying on the server-side password policy controls. " "Disabling this allows interacting with services which send back invalid " @@ -8148,14 +8165,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1671 #, fuzzy #| msgid "ldap_deref_threshold (integer)" msgid "ldap_ppolicy_pwd_change_threshold (integer)" msgstr "ldap_deref_threshold (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1663 +#: sssd-ldap.5.xml:1674 msgid "" "Forces a password change when server side password policy controls are " "enabled and remaining grace logins returned by the server after the " @@ -8178,12 +8195,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1683 +#: sssd-ldap.5.xml:1694 msgid "SUDO OPTIONS" msgstr "OPTIONS DE SUDO" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1685 +#: sssd-ldap.5.xml:1696 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -8191,12 +8208,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 +#: sssd-ldap.5.xml:1707 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 +#: sssd-ldap.5.xml:1710 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." @@ -8206,7 +8223,7 @@ msgstr "" "règles qui sont stockées sur le serveur)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1715 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" @@ -8215,24 +8232,24 @@ msgstr "" "emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1709 +#: sssd-ldap.5.xml:1720 msgid "" "You can disable full refresh by setting this option to 0. However, either " "smart or full refresh must be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1725 msgid "Default: 21600 (6 hours)" msgstr "Par défaut : 21600 (6 heures)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1720 +#: sssd-ldap.5.xml:1731 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1734 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest " @@ -8240,7 +8257,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1740 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." @@ -8249,7 +8266,7 @@ msgstr "" "modifyTimestamp est utilisé à la place." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1733 +#: sssd-ldap.5.xml:1744 msgid "" "<emphasis>Note:</emphasis> the highest USN value can be updated by three " "tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " @@ -8259,21 +8276,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1744 +#: sssd-ldap.5.xml:1755 msgid "" "You can disable smart refresh by setting this option to 0. However, either " "smart or full refresh must be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1755 +#: sssd-ldap.5.xml:1766 #, fuzzy #| msgid "ldap_idmap_range_size (integer)" msgid "ldap_sudo_random_offset (integer)" msgstr "ldap_idmap_range_size (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1758 +#: sssd-ldap.5.xml:1769 msgid "" "Random offset between 0 and configured value is added to smart and full " "refresh periods each time the periodic task is scheduled. The value is in " @@ -8281,7 +8298,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 +#: sssd-ldap.5.xml:1775 msgid "" "Note that this random offset is also applied on the first SSSD start which " "delays the first sudo rules refresh. This prolongs the time when the sudo " @@ -8289,17 +8306,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1770 +#: sssd-ldap.5.xml:1781 msgid "You can disable this offset by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1780 +#: sssd-ldap.5.xml:1791 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1794 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." @@ -8309,12 +8326,12 @@ msgstr "" "noms de systèmes)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1794 +#: sssd-ldap.5.xml:1805 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1797 +#: sssd-ldap.5.xml:1808 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." @@ -8323,7 +8340,7 @@ msgstr "" "doivent être utilisés pour filtrer les règles." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1813 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." @@ -8332,8 +8349,8 @@ msgstr "" "nom de système et le nom de domaine pleinement qualifié." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1807 sssd-ldap.5.xml:1830 sssd-ldap.5.xml:1848 -#: sssd-ldap.5.xml:1866 +#: sssd-ldap.5.xml:1818 sssd-ldap.5.xml:1841 sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1877 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." @@ -8342,17 +8359,17 @@ msgstr "" "emphasis>, alors cette option n'a aucun effet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1812 sssd-ldap.5.xml:1835 +#: sssd-ldap.5.xml:1823 sssd-ldap.5.xml:1846 msgid "Default: not specified" msgstr "Par défaut : non spécifié" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1818 +#: sssd-ldap.5.xml:1829 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1821 +#: sssd-ldap.5.xml:1832 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." @@ -8361,7 +8378,7 @@ msgstr "" "IPv6 qui doivent être utilisés pour filtrer les règles." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1826 +#: sssd-ldap.5.xml:1837 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." @@ -8370,12 +8387,12 @@ msgstr "" "automatiquement." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1841 +#: sssd-ldap.5.xml:1852 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "ldap_sudo_include_netgroups (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1855 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." @@ -8384,12 +8401,12 @@ msgstr "" "netgroup dans l'attribut sudoHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1870 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1862 +#: sssd-ldap.5.xml:1873 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." @@ -8398,14 +8415,14 @@ msgstr "" "un joker dans l'attribut sudoHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:1872 +#: sssd-ldap.5.xml:1883 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1884 +#: sssd-ldap.5.xml:1895 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -8418,59 +8435,59 @@ msgstr "" "manvolnum></citerefentry>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1894 +#: sssd-ldap.5.xml:1905 msgid "AUTOFS OPTIONS" msgstr "OPTIONS AUTOFS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1896 +#: sssd-ldap.5.xml:1907 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1913 msgid "ldap_autofs_map_master_name (string)" msgstr "ldap_autofs_map_master_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1905 +#: sssd-ldap.5.xml:1916 msgid "The name of the automount master map in LDAP." msgstr "Le nom de la table de montage automatique maîtresse dans LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1919 msgid "Default: auto.master" msgstr "Par défaut : auto.master" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1919 +#: sssd-ldap.5.xml:1930 msgid "ADVANCED OPTIONS" msgstr "OPTIONS AVANCÉES" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1926 +#: sssd-ldap.5.xml:1937 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1931 +#: sssd-ldap.5.xml:1942 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1936 +#: sssd-ldap.5.xml:1947 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (chaînes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:1941 +#: sssd-ldap.5.xml:1952 msgid "<note>" msgstr "<note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:1943 +#: sssd-ldap.5.xml:1954 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -8479,22 +8496,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:1950 +#: sssd-ldap.5.xml:1961 msgid "</note>" msgstr "</note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:1963 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1968 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1921 +#: sssd-ldap.5.xml:1932 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -8503,14 +8520,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1972 sssd-simple.5.xml:131 sssd-ipa.5.xml:930 -#: sssd-ad.5.xml:1392 sssd-krb5.5.xml:483 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:1983 sssd-simple.5.xml:131 sssd-ipa.5.xml:994 +#: sssd-ad.5.xml:1459 sssd-krb5.5.xml:483 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:155 sssd-session-recording.5.xml:176 msgid "EXAMPLE" msgstr "EXEMPLE" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1974 +#: sssd-ldap.5.xml:1985 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -8521,7 +8538,7 @@ msgstr "" "replaceable>." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1980 +#: sssd-ldap.5.xml:1991 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -8541,27 +8558,27 @@ msgstr "" "cache_credentials = true\n" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:1979 sssd-ldap.5.xml:1997 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:938 sssd-ad.5.xml:1400 sssd-sudo.5.xml:56 sssd-krb5.5.xml:492 -#: sssd-files.5.xml:162 sssd-files.5.xml:173 sssd-session-recording.5.xml:182 -#: include/ldap_id_mapping.xml:105 +#: sssd-ldap.5.xml:1990 sssd-ldap.5.xml:2008 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:1002 sssd-ad.5.xml:1467 sssd-sudo.5.xml:56 +#: sssd-krb5.5.xml:492 sssd-files.5.xml:162 sssd-files.5.xml:173 +#: sssd-session-recording.5.xml:182 include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1991 +#: sssd-ldap.5.xml:2002 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1993 +#: sssd-ldap.5.xml:2004 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1998 +#: sssd-ldap.5.xml:2009 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -8587,13 +8604,13 @@ msgstr "" "cache_credentials = true\n" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2013 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1415 sssd.8.xml:270 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2024 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1482 sssd.8.xml:270 sss_seed.8.xml:163 msgid "NOTES" msgstr "NOTES" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2015 +#: sssd-ldap.5.xml:2026 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -9573,8 +9590,8 @@ msgstr "sssd-simple" #: sssd-simple.5.xml:17 msgid "the configuration file for SSSD's 'simple' access-control provider" msgstr "" -"le fichier de configuration pour le fournisseur de contrôle d'accès « " -"simple » de SSSD." +"le fichier de configuration pour le fournisseur de contrôle d'accès " +"« simple » de SSSD." #. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:24 @@ -10959,7 +10976,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 sssd-ad.5.xml:1182 +#: sssd-ipa.5.xml:129 sssd-ad.5.xml:1185 msgid "dyndns_update (boolean)" msgstr "dyndns_update (booléen)" @@ -10974,7 +10991,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:141 sssd-ad.5.xml:1196 +#: sssd-ipa.5.xml:141 sssd-ad.5.xml:1199 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -10996,12 +11013,12 @@ msgstr "" "configuration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:158 sssd-ad.5.xml:1207 +#: sssd-ipa.5.xml:158 sssd-ad.5.xml:1210 msgid "dyndns_ttl (integer)" msgstr "dyndns_ttl (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:161 sssd-ad.5.xml:1210 +#: sssd-ipa.5.xml:161 sssd-ad.5.xml:1213 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -11028,12 +11045,12 @@ msgid "Default: 1200 (seconds)" msgstr "Par défaut : 1200 (secondes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:178 sssd-ad.5.xml:1221 +#: sssd-ipa.5.xml:178 sssd-ad.5.xml:1224 msgid "dyndns_iface (string)" msgstr "dyndns_iface (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:181 sssd-ad.5.xml:1224 +#: sssd-ipa.5.xml:181 sssd-ad.5.xml:1227 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -11061,17 +11078,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:198 sssd-ad.5.xml:1235 +#: sssd-ipa.5.xml:198 sssd-ad.5.xml:1238 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:204 sssd-ad.5.xml:1291 +#: sssd-ipa.5.xml:204 sssd-ad.5.xml:1294 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:207 sssd-ad.5.xml:1294 +#: sssd-ipa.5.xml:207 sssd-ad.5.xml:1297 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -11079,19 +11096,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:213 sssd-ad.5.xml:1300 +#: sssd-ipa.5.xml:213 sssd-ad.5.xml:1303 msgid "Default: GSS-TSIG" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:219 sssd-ad.5.xml:1306 +#: sssd-ipa.5.xml:219 sssd-ad.5.xml:1309 #, fuzzy #| msgid "dyndns_iface (string)" msgid "dyndns_auth_ptr (string)" msgstr "dyndns_iface (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:222 sssd-ad.5.xml:1309 +#: sssd-ipa.5.xml:222 sssd-ad.5.xml:1312 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "PTR updates with the DNS server, insecure updates can be sent by setting " @@ -11099,7 +11116,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:228 sssd-ad.5.xml:1315 +#: sssd-ipa.5.xml:228 sssd-ad.5.xml:1318 msgid "Default: Same as dyndns_auth" msgstr "" @@ -11134,7 +11151,7 @@ msgstr "" "seront utilisés comme serveurs de repli" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1241 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1244 msgid "dyndns_refresh_interval (integer)" msgstr "dyndns_refresh_interval (entier)" @@ -11151,12 +11168,12 @@ msgstr "" "configurée à true." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:276 sssd-ad.5.xml:1259 +#: sssd-ipa.5.xml:276 sssd-ad.5.xml:1262 msgid "dyndns_update_ptr (bool)" msgstr "dyndns_update_ptr (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 sssd-ad.5.xml:1262 +#: sssd-ipa.5.xml:279 sssd-ad.5.xml:1265 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -11176,7 +11193,7 @@ msgstr "" "quand les enregistrements directs sont modifiés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:290 sssd-ad.5.xml:1267 +#: sssd-ipa.5.xml:290 sssd-ad.5.xml:1270 msgid "" "Note that <emphasis>dyndns_update_per_family</emphasis> parameter does not " "apply for PTR record updates. Those updates are always sent separately." @@ -11188,12 +11205,12 @@ msgid "Default: False (disabled)" msgstr "Par défaut : False (désactivé)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1278 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1281 msgid "dyndns_force_tcp (bool)" msgstr "dyndns_force_tcp (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:304 sssd-ad.5.xml:1281 +#: sssd-ipa.5.xml:304 sssd-ad.5.xml:1284 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." @@ -11202,48 +11219,65 @@ msgstr "" "communication avec le serveur DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:308 sssd-ad.5.xml:1285 +#: sssd-ipa.5.xml:308 sssd-ad.5.xml:1288 msgid "Default: False (let nsupdate choose the protocol)" msgstr "Par défaut : False (laisser nsupdate choisir le protocole)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:314 sssd-ad.5.xml:1321 +#: sssd-ipa.5.xml:314 sssd-ad.5.xml:1324 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1324 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1327 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 sssd-ad.5.xml:1329 +#: sssd-ipa.5.xml:322 sssd-ad.5.xml:1332 msgid "" "Setting this option makes sense for environments where the DNS server is " -"different from the identity server." +"different from the identity server or when we use encrypted DNS." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:327 sssd-ad.5.xml:1337 +msgid "" +"The parameter can be a simple string containing DNS name or IP address. It " +"can also be an URI. The URI can look like <emphasis>dns://servername/</" +"emphasis> or <emphasis>dns+tls://1.2.3.4:853#servername/</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:334 sssd-ad.5.xml:1344 +msgid "" +"The second example enables DNS-over-TLS protocol for DNS updates. The " +"nsupdate utility must support DoT - check the <emphasis>man nsupdate</" +"emphasis> before enabling it in SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:327 sssd-ad.5.xml:1334 +#: sssd-ipa.5.xml:340 sssd-ad.5.xml:1350 msgid "" "Please note that this option will be only used in fallback attempt when " -"previous attempt using autodetected settings failed." +"previous attempt using autodetected settings failed or when DNS-over-TLS is " +"enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:332 sssd-ad.5.xml:1339 +#: sssd-ipa.5.xml:346 sssd-ad.5.xml:1356 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:338 sssd-ad.5.xml:1345 +#: sssd-ipa.5.xml:352 sssd-ad.5.xml:1362 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:341 sssd-ad.5.xml:1348 +#: sssd-ipa.5.xml:355 sssd-ad.5.xml:1365 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -11251,52 +11285,118 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:353 +#: sssd-ipa.5.xml:367 sssd-ad.5.xml:1377 +#, fuzzy +#| msgid "dyndns_iface (string)" +msgid "dyndns_dot_cacert (string)" +msgstr "dyndns_iface (chaîne)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:370 sssd-ad.5.xml:1380 +msgid "" +"This option specifies the file of the certificate authorities certificates " +"(in PEM format) in order to verify the remote server TLS certificate when " +"using DoT." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:376 sssd-ad.5.xml:1386 +msgid "Default: None (use global certificate store)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:382 sssd-ad.5.xml:1392 +#, fuzzy +#| msgid "dyndns_iface (string)" +msgid "dyndns_dot_cert (string)" +msgstr "dyndns_iface (chaîne)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:385 sssd-ad.5.xml:1395 +msgid "" +"This option sets the certificate(s) file for authentication for the DoT " +"transport to the remote server. The certificate chain file is expected to be " +"in PEM format." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:391 sssd-ad.5.xml:1401 +msgid "" +"The <emphasis>dyndns_dot_cert</emphasis> and <emphasis>dyndns_dot_key</" +"emphasis> options must be both set to achieve mutual TLS authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:396 sssd-ipa.5.xml:411 sssd-ad.5.xml:1406 sssd-ad.5.xml:1421 +#, fuzzy +#| msgid "Default: not set (no substitution for unset home directories)" +msgid "Default: None (Do not use TLS authentication)" +msgstr "" +"Par défaut : non défini (aucune substitution pour les répertoires d'accueil " +"non définis)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:402 sssd-ad.5.xml:1412 +#, fuzzy +#| msgid "dyndns_iface (string)" +msgid "dyndns_dot_key (string)" +msgstr "dyndns_iface (chaîne)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:405 sssd-ad.5.xml:1415 +msgid "" +"This option sets the key file for authenticated encryption for the DoT " +"transport to the remote server. The private key file is expected to be in " +"PEM format." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:417 #, fuzzy #| msgid "ldap_access_order (string)" msgid "ipa_access_order (string)" msgstr "ldap_access_order (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:360 +#: sssd-ipa.5.xml:424 #, fuzzy #| msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgid "<emphasis>expire</emphasis>: use IPA's account expiration policy." msgstr "<emphasis>expire</emphasis>: utiliser ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:399 +#: sssd-ipa.5.xml:463 msgid "" "Please note that 'access_provider = ipa' must be set for this feature to " "work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:406 +#: sssd-ipa.5.xml:470 msgid "ipa_deskprofile_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:409 +#: sssd-ipa.5.xml:473 msgid "" "Optional. Use the given string as search base for Desktop Profile related " "objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:413 sssd-ipa.5.xml:440 +#: sssd-ipa.5.xml:477 sssd-ipa.5.xml:504 msgid "Default: Use base DN" msgstr "Par défaut : utilise le DN de base" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:419 +#: sssd-ipa.5.xml:483 #, fuzzy #| msgid "ipa_subdomains_search_base (string)" msgid "ipa_subid_ranges_search_base (string)" msgstr "ipa_subdomains_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:422 +#: sssd-ipa.5.xml:486 #, fuzzy #| msgid "" #| "Optional. Use the given string as search base for HBAC related objects." @@ -11308,97 +11408,97 @@ msgstr "" "HBAC associés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:426 +#: sssd-ipa.5.xml:490 #, fuzzy #| msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgid "Default: the value of <emphasis>cn=subids,%basedn</emphasis>" msgstr "Par défaut : la valeur de <emphasis>cn=trusts,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:433 +#: sssd-ipa.5.xml:497 msgid "ipa_hbac_search_base (string)" msgstr "ipa_hbac_search_base (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:436 +#: sssd-ipa.5.xml:500 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" "Facultatif. Utilise la chaîne donnée comme base de recherche pour les objets " "HBAC associés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:446 +#: sssd-ipa.5.xml:510 msgid "ipa_host_search_base (string)" msgstr "ipa_host_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:449 +#: sssd-ipa.5.xml:513 msgid "Deprecated. Use ldap_host_search_base instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:455 +#: sssd-ipa.5.xml:519 msgid "ipa_selinux_search_base (string)" msgstr "ipa_selinux_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:458 +#: sssd-ipa.5.xml:522 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" "Facultatif. Utiliser la chaîne donnée comme base de recherche pour les " "mappages utilisateur SELinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:474 +#: sssd-ipa.5.xml:538 msgid "ipa_subdomains_search_base (string)" msgstr "ipa_subdomains_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:477 +#: sssd-ipa.5.xml:541 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" "Facultatif. Utiliser la chaîne donnée comme base de recherche pour les " "domaines approuvés." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 +#: sssd-ipa.5.xml:550 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "Par défaut : la valeur de <emphasis>cn=trusts,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:493 +#: sssd-ipa.5.xml:557 msgid "ipa_master_domain_search_base (string)" msgstr "ipa_master_domain_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:496 +#: sssd-ipa.5.xml:560 msgid "Optional. Use the given string as search base for master domain object." msgstr "" "Facultatif. Utiliser la chaîne donnée comme base de recherche objet de " "domaine maître." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:505 +#: sssd-ipa.5.xml:569 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "Par défaut : la valeur de <emphasis>cn=ad,cn=etc,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 +#: sssd-ipa.5.xml:576 msgid "ipa_views_search_base (string)" msgstr "ipa_views_search_base (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 +#: sssd-ipa.5.xml:579 msgid "Optional. Use the given string as search base for views containers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:524 +#: sssd-ipa.5.xml:588 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:534 +#: sssd-ipa.5.xml:598 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." @@ -11407,7 +11507,7 @@ msgstr "" "valeur de <quote>ipa_domain</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:538 +#: sssd-ipa.5.xml:602 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." @@ -11416,37 +11516,37 @@ msgstr "" "convertit en DN de base pour effectuer les opérations LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:546 sssd-ad.5.xml:1363 +#: sssd-ipa.5.xml:610 sssd-ad.5.xml:1430 msgid "krb5_confd_path (string)" msgstr "krb5_confd_path (chaîne)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:549 sssd-ad.5.xml:1366 +#: sssd-ipa.5.xml:613 sssd-ad.5.xml:1433 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:553 sssd-ad.5.xml:1370 +#: sssd-ipa.5.xml:617 sssd-ad.5.xml:1437 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:557 sssd-ad.5.xml:1374 +#: sssd-ipa.5.xml:621 sssd-ad.5.xml:1441 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:564 +#: sssd-ipa.5.xml:628 msgid "ipa_deskprofile_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:567 +#: sssd-ipa.5.xml:631 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server. This will reduce the latency and load on the IPA server if there " @@ -11454,34 +11554,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:574 sssd-ipa.5.xml:604 sssd-ipa.5.xml:620 sssd-ad.5.xml:600 +#: sssd-ipa.5.xml:638 sssd-ipa.5.xml:668 sssd-ipa.5.xml:684 sssd-ad.5.xml:600 msgid "Default: 5 (seconds)" msgstr "Par défaut : 5 (secondes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:580 +#: sssd-ipa.5.xml:644 msgid "ipa_deskprofile_request_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:583 +#: sssd-ipa.5.xml:647 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server in case the last request did not return any rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:588 +#: sssd-ipa.5.xml:652 msgid "Default: 60 (minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:594 +#: sssd-ipa.5.xml:658 msgid "ipa_hbac_refresh (integer)" msgstr "ipa_hbac_refresh (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:597 +#: sssd-ipa.5.xml:661 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -11492,12 +11592,12 @@ msgstr "" "beaucoup de requêtes de contrôle d'accès sur une courte période." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:610 +#: sssd-ipa.5.xml:674 msgid "ipa_hbac_selinux (integer)" msgstr "ipa_hbac_selinux (entier)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:613 +#: sssd-ipa.5.xml:677 msgid "" "The amount of time between lookups of the SELinux maps against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -11508,33 +11608,33 @@ msgstr "" "requêtes de connexions utilisateurs sur une courte période." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:626 +#: sssd-ipa.5.xml:690 msgid "ipa_server_mode (boolean)" msgstr "ipa_server_mode (booléen)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:629 +#: sssd-ipa.5.xml:693 msgid "" "This option will be set by the IPA installer (ipa-server-install) " "automatically and denotes if SSSD is running on an IPA server or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:634 +#: sssd-ipa.5.xml:698 msgid "" "On an IPA server SSSD will lookup users and groups from trusted domains " "directly while on a client it will ask an IPA server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:639 +#: sssd-ipa.5.xml:703 msgid "" "NOTE: There are currently some assumptions that must be met when SSSD is " "running on an IPA server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:644 +#: sssd-ipa.5.xml:708 msgid "" "The <quote>ipa_server</quote> option must be configured to point to the IPA " "server itself. This is already the default set by the IPA installer, so no " @@ -11542,59 +11642,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:653 +#: sssd-ipa.5.xml:717 msgid "" "The <quote>full_name_format</quote> option must not be tweaked to only print " "short names for users from trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:668 +#: sssd-ipa.5.xml:732 msgid "ipa_automount_location (string)" msgstr "ipa_automount_location (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:671 +#: sssd-ipa.5.xml:735 msgid "The automounter location this IPA client will be using" msgstr "L'emplacement à automonter qu'utilisera ce client IPA" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:674 +#: sssd-ipa.5.xml:738 msgid "Default: The location named \"default\"" msgstr "Par défaut : Le lieu nommé « default »" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:682 +#: sssd-ipa.5.xml:746 msgid "VIEWS AND OVERRIDES" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:691 +#: sssd-ipa.5.xml:755 msgid "ipa_view_class (string)" msgstr "ipa_view_class (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:694 +#: sssd-ipa.5.xml:758 msgid "Objectclass of the view container." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:697 +#: sssd-ipa.5.xml:761 msgid "Default: nsContainer" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:703 +#: sssd-ipa.5.xml:767 msgid "ipa_view_name (string)" msgstr "ipa_view_name (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:706 +#: sssd-ipa.5.xml:770 msgid "Name of the attribute holding the name of the view." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:710 sssd-ldap-attributes.5.xml:496 +#: sssd-ipa.5.xml:774 sssd-ldap-attributes.5.xml:496 #: sssd-ldap-attributes.5.xml:832 sssd-ldap-attributes.5.xml:913 #: sssd-ldap-attributes.5.xml:1010 sssd-ldap-attributes.5.xml:1068 #: sssd-ldap-attributes.5.xml:1226 sssd-ldap-attributes.5.xml:1271 @@ -11602,128 +11702,128 @@ msgid "Default: cn" msgstr "Par défaut : cn" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:716 +#: sssd-ipa.5.xml:780 msgid "ipa_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:719 +#: sssd-ipa.5.xml:783 msgid "Objectclass of the override objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:722 +#: sssd-ipa.5.xml:786 msgid "Default: ipaOverrideAnchor" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:728 +#: sssd-ipa.5.xml:792 msgid "ipa_anchor_uuid (string)" msgstr "ipa_anchor_uuid (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:731 +#: sssd-ipa.5.xml:795 msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:735 +#: sssd-ipa.5.xml:799 msgid "Default: ipaAnchorUUID" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:741 +#: sssd-ipa.5.xml:805 msgid "ipa_user_override_object_class (string)" msgstr "ipa_user_override_object_class (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:744 +#: sssd-ipa.5.xml:808 msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:749 +#: sssd-ipa.5.xml:813 msgid "User overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:752 +#: sssd-ipa.5.xml:816 msgid "ldap_user_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:755 +#: sssd-ipa.5.xml:819 msgid "ldap_user_uid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:758 +#: sssd-ipa.5.xml:822 msgid "ldap_user_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:761 +#: sssd-ipa.5.xml:825 msgid "ldap_user_gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:764 +#: sssd-ipa.5.xml:828 msgid "ldap_user_home_directory" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:767 +#: sssd-ipa.5.xml:831 msgid "ldap_user_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:770 +#: sssd-ipa.5.xml:834 msgid "ldap_user_ssh_public_key" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:775 +#: sssd-ipa.5.xml:839 msgid "Default: ipaUserOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:781 +#: sssd-ipa.5.xml:845 msgid "ipa_group_override_object_class (string)" msgstr "ipa_group_override_object_class (chaîne)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:784 +#: sssd-ipa.5.xml:848 msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:789 +#: sssd-ipa.5.xml:853 msgid "Group overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:792 +#: sssd-ipa.5.xml:856 msgid "ldap_group_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:795 +#: sssd-ipa.5.xml:859 msgid "ldap_group_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:800 +#: sssd-ipa.5.xml:864 msgid "Default: ipaGroupOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:684 +#: sssd-ipa.5.xml:748 msgid "" "SSSD can handle views and overrides which are offered by FreeIPA 4.1 and " "later version. Since all paths and objectclasses are fixed on the server " @@ -11733,12 +11833,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:812 +#: sssd-ipa.5.xml:876 msgid "SUBDOMAINS PROVIDER" msgstr "FOURNISSEURS DE SOUS-DOMAINES" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:814 +#: sssd-ipa.5.xml:878 msgid "" "The IPA subdomains provider behaves slightly differently if it is configured " "explicitly or implicitly." @@ -11747,7 +11847,7 @@ msgstr "" "configuré explicitement ou implicitement." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:818 +#: sssd-ipa.5.xml:882 msgid "" "If the option 'subdomains_provider = ipa' is found in the domain section of " "sssd.conf, the IPA subdomains provider is configured explicitly, and all " @@ -11759,7 +11859,7 @@ msgstr "" "serveur IPA si nécessaire." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:824 +#: sssd-ipa.5.xml:888 msgid "" "If the option 'subdomains_provider' is not set in the domain section of sssd." "conf but there is the option 'id_provider = ipa', the IPA subdomains " @@ -11779,12 +11879,12 @@ msgstr "" "fournisseur de sous-domaines est à nouveau activé." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:835 +#: sssd-ipa.5.xml:899 msgid "TRUSTED DOMAINS CONFIGURATION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:843 +#: sssd-ipa.5.xml:907 #, no-wrap msgid "" "[domain/ipa.domain.com/ad.domain.com]\n" @@ -11792,7 +11892,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:837 +#: sssd-ipa.5.xml:901 msgid "" "Some configuration options can also be set for a trusted domain. A trusted " "domain configuration can be set using the trusted domain subsection as shown " @@ -11802,80 +11902,80 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:848 +#: sssd-ipa.5.xml:912 msgid "" "For more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:855 +#: sssd-ipa.5.xml:919 msgid "" "Different configuration options are tunable for a trusted domain depending " "on whether you are configuring SSSD on an IPA server or an IPA client." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:860 +#: sssd-ipa.5.xml:924 msgid "OPTIONS TUNABLE ON IPA MASTERS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:862 +#: sssd-ipa.5.xml:926 msgid "" "The following options can be set in a subdomain section on an IPA master:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:866 sssd-ipa.5.xml:896 +#: sssd-ipa.5.xml:930 sssd-ipa.5.xml:960 msgid "ad_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:869 +#: sssd-ipa.5.xml:933 msgid "ad_backup_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:872 sssd-ipa.5.xml:899 +#: sssd-ipa.5.xml:936 sssd-ipa.5.xml:963 msgid "ad_site" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:875 +#: sssd-ipa.5.xml:939 msgid "ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:878 +#: sssd-ipa.5.xml:942 msgid "ldap_user_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:881 +#: sssd-ipa.5.xml:945 msgid "ldap_group_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:890 +#: sssd-ipa.5.xml:954 msgid "OPTIONS TUNABLE ON IPA CLIENTS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:892 +#: sssd-ipa.5.xml:956 msgid "" "The following options can be set in a subdomain section on an IPA client:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:904 +#: sssd-ipa.5.xml:968 msgid "" "Note that if both options are set, only <quote>ad_server</quote> is " "evaluated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:908 +#: sssd-ipa.5.xml:972 msgid "" "Since any request for a user or a group identity from a trusted domain " "triggered from an IPA client is resolved by the IPA server, the " @@ -11889,7 +11989,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:932 +#: sssd-ipa.5.xml:996 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -11900,7 +12000,7 @@ msgstr "" "exemples montrent seulement les options spécifiques au fournisseur IPA." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:939 +#: sssd-ipa.5.xml:1003 #, no-wrap msgid "" "[domain/example.com]\n" @@ -13060,6 +13160,13 @@ msgstr "ldap_sudo_include_netgroups (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:1136 +#, fuzzy +#| msgid "This option can also be set per-domain." +msgid "This option is deprecated." +msgstr "Cette option peut aussi être définie pour chaque domaine." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1139 msgid "" "If this option is set to <quote>true</quote> SSSD will not filter out Domain " "Local groups from remote domains in the AD forest. By default they are " @@ -13070,7 +13177,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1146 +#: sssd-ad.5.xml:1149 msgid "" "Please note that setting this option to <quote>true</quote> will be against " "the intention of Domain Local group in Active Directory and <emphasis>SHOULD " @@ -13085,7 +13192,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1162 +#: sssd-ad.5.xml:1165 msgid "" "Given the comments above, if this option is set to <quote>true</quote> the " "tokenGroups request must be disabled by setting <quote>ldap_use_tokengroups</" @@ -13097,7 +13204,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1185 +#: sssd-ad.5.xml:1188 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -13115,19 +13222,19 @@ msgstr "" "<quote>dyndns_iface</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1215 +#: sssd-ad.5.xml:1218 msgid "Default: 3600 (seconds)" msgstr "Par défaut : 3600 (secondes)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1231 +#: sssd-ad.5.xml:1234 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1244 +#: sssd-ad.5.xml:1247 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -13137,7 +13244,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1394 +#: sssd-ad.5.xml:1461 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -13148,7 +13255,7 @@ msgstr "" "exemples montrent seulement les options spécifiques au fournisseur AD." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1401 +#: sssd-ad.5.xml:1468 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -13172,7 +13279,7 @@ msgstr "" "ad_domain = example.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1421 +#: sssd-ad.5.xml:1488 #, no-wrap msgid "" "access_provider = ldap\n" @@ -13184,7 +13291,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1417 +#: sssd-ad.5.xml:1484 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -13195,7 +13302,7 @@ msgstr "" "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1427 +#: sssd-ad.5.xml:1494 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -13205,7 +13312,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1435 +#: sssd-ad.5.xml:1502 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -19364,14 +19471,19 @@ msgstr "" #. type: Content of: <refsect1><refsect2><para> #: include/ldap_id_mapping.xml:67 +#, fuzzy +#| msgid "" +#| "The SSSD ID-mapping algorithm takes a range of available UIDs and divides " +#| "it into equally-sized component sections - called \"slices\"-. Each slice " +#| "represents the space available to an Active Directory domain." msgid "" "The SSSD ID-mapping algorithm takes a range of available UIDs and divides it " -"into equally-sized component sections - called \"slices\"-. Each slice " +"into equally-sized component sections - called \"slices\". Each slice " "represents the space available to an Active Directory domain." msgstr "" "L'algorithme de mise en correspondance des ID de SSSD tient un éventail " -"d'uid disponibles et le divise en sections de même taille, appelées « " -"tranches ». Chaque tranche représente l'espace disponible dans un domaine " +"d'uid disponibles et le divise en sections de même taille, appelées " +"« tranches ». Chaque tranche représente l'espace disponible dans un domaine " "Active Directory." #. type: Content of: <refsect1><refsect2><para> @@ -19558,7 +19670,7 @@ msgid "" "For example, if your most recently-added Active Directory user has " "objectSid=S-1-5-21-2153326666-2176343378-3404031434-1107, " "<quote>ldap_idmap_range_size</quote> must be at least 1108 as range size is " -"equal to maximal SID minus minimal SID plus one (e.g. 1108 = 1107 - 0 + 1)." +"equal to maximal RID minus minimal RID plus one (e.g. 1108 = 1107 - 0 + 1)." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> diff --git a/src/man/po/ja.po b/src/man/po/ja.po index 0c582a45670..c8884a94604 100644 --- a/src/man/po/ja.po +++ b/src/man/po/ja.po @@ -12,7 +12,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 2.3.0\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2024-10-15 11:44+0200\n" +"POT-Creation-Date: 2024-12-10 14:33+0100\n" "PO-Revision-Date: 2021-07-20 07:04+0000\n" "Last-Translator: Ludek Janda <ljanda@redhat.com>\n" "Language-Team: Japanese <https://translate.fedoraproject.org/projects/sssd/" @@ -139,19 +139,19 @@ msgstr "" #| "<filename>sssd.conf</filename> must be a regular file, owned by root and " #| "only root may read from or write to the file." msgid "" -"<filename>sssd.conf</filename> must be a regular file that is owned, " -"readable, and writeable by the same user as configured to run SSSD service." +"<filename>sssd.conf</filename> must be a regular file that is accessible " +"only by the user used to run SSSD service or root." msgstr "" "<filename>sssd.conf</filename> は、root により所有され、root のみが読み書きで" "きる、通常のファイルである必要があります。" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:67 +#: sssd.conf.5.xml:66 msgid "CONFIGURATION SNIPPETS FROM INCLUDE DIRECTORY" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:70 +#: sssd.conf.5.xml:69 msgid "" "The configuration file <filename>sssd.conf</filename> will include " "configuration snippets using the include directory <filename>conf.d</" @@ -159,7 +159,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:76 +#: sssd.conf.5.xml:75 msgid "" "Any file placed in <filename>conf.d</filename> that ends in " "<quote><filename>.conf</filename></quote> and does not begin with a dot " @@ -168,7 +168,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:84 +#: sssd.conf.5.xml:83 msgid "" "The configuration snippets from <filename>conf.d</filename> have higher " "priority than <filename>sssd.conf</filename> and will override " @@ -181,39 +181,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:98 +#: sssd.conf.5.xml:97 msgid "" "The snippet files require the same owner and permissions as <filename>sssd." "conf</filename>." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:104 +#: sssd.conf.5.xml:103 msgid "GENERAL OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:106 +#: sssd.conf.5.xml:105 msgid "Following options are usable in more than one configuration sections." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:110 +#: sssd.conf.5.xml:109 msgid "Options usable in all sections" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:114 +#: sssd.conf.5.xml:113 msgid "debug_level (integer)" msgstr "debug_level (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:118 +#: sssd.conf.5.xml:117 msgid "debug (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:121 +#: sssd.conf.5.xml:120 msgid "" "SSSD 1.14 and later also includes the <replaceable>debug</replaceable> alias " "for <replaceable>debug_level</replaceable> as a convenience feature. If both " @@ -222,64 +222,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:131 +#: sssd.conf.5.xml:130 msgid "debug_timestamps (bool)" msgstr "debug_timestamps (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:134 +#: sssd.conf.5.xml:133 msgid "" "Add a timestamp to the debug messages. If journald is enabled for SSSD " "debug logging this option is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 sssd.conf.5.xml:176 sssd.conf.5.xml:338 -#: sssd.conf.5.xml:698 sssd.conf.5.xml:713 sssd.conf.5.xml:923 -#: sssd.conf.5.xml:1041 sssd.conf.5.xml:2169 sssd-ldap.5.xml:920 -#: sssd-ldap.5.xml:1074 sssd-ldap.5.xml:1177 sssd-ldap.5.xml:1246 -#: sssd-ldap.5.xml:1654 sssd-ldap.5.xml:1788 sssd-ldap.5.xml:1853 -#: sssd-ipa.5.xml:347 sssd-ad.5.xml:252 sssd-ad.5.xml:367 sssd-ad.5.xml:1201 -#: sssd-ad.5.xml:1354 sssd-krb5.5.xml:358 +#: sssd.conf.5.xml:138 sssd.conf.5.xml:175 sssd.conf.5.xml:337 +#: sssd.conf.5.xml:701 sssd.conf.5.xml:716 sssd.conf.5.xml:926 +#: sssd.conf.5.xml:1044 sssd.conf.5.xml:2172 sssd-ldap.5.xml:931 +#: sssd-ldap.5.xml:1085 sssd-ldap.5.xml:1188 sssd-ldap.5.xml:1257 +#: sssd-ldap.5.xml:1665 sssd-ldap.5.xml:1799 sssd-ldap.5.xml:1864 +#: sssd-ipa.5.xml:361 sssd-ad.5.xml:252 sssd-ad.5.xml:367 sssd-ad.5.xml:1204 +#: sssd-ad.5.xml:1371 sssd-krb5.5.xml:358 msgid "Default: true" msgstr "初期値: true" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:144 +#: sssd.conf.5.xml:143 msgid "debug_microseconds (bool)" msgstr "debug_microseconds (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:147 +#: sssd.conf.5.xml:146 msgid "" "Add microseconds to the timestamp in debug messages. If journald is enabled " "for SSSD debug logging this option is ignored." msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:152 sssd.conf.5.xml:636 sssd.conf.5.xml:920 -#: sssd.conf.5.xml:2072 sssd.conf.5.xml:2139 sssd.conf.5.xml:4231 -#: sssd-ldap.5.xml:313 sssd-ldap.5.xml:939 sssd-ldap.5.xml:1149 -#: sssd-ldap.5.xml:1603 sssd-ldap.5.xml:1877 sssd-ipa.5.xml:152 -#: sssd-ipa.5.xml:254 sssd-ipa.5.xml:662 sssd-ad.5.xml:1107 sssd-krb5.5.xml:268 +#: sssd.conf.5.xml:151 sssd.conf.5.xml:639 sssd.conf.5.xml:923 +#: sssd.conf.5.xml:2075 sssd.conf.5.xml:2142 sssd.conf.5.xml:4234 +#: sssd-ldap.5.xml:324 sssd-ldap.5.xml:950 sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1888 sssd-ipa.5.xml:152 +#: sssd-ipa.5.xml:254 sssd-ipa.5.xml:726 sssd-ad.5.xml:1107 sssd-krb5.5.xml:268 #: sssd-krb5.5.xml:330 sssd-krb5.5.xml:432 include/krb5_options.xml:163 msgid "Default: false" msgstr "初期値: false" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:157 +#: sssd.conf.5.xml:156 #, fuzzy #| msgid "debug_microseconds (bool)" msgid "debug_backtrace_enabled (bool)" msgstr "debug_microseconds (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:160 +#: sssd.conf.5.xml:159 msgid "Enable debug backtrace." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:163 +#: sssd.conf.5.xml:162 msgid "" "In case SSSD is run with debug_level less than 9, everything is logged to a " "ring buffer in memory and flushed to a log file on any error up to and " @@ -289,15 +289,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:172 +#: sssd.conf.5.xml:171 msgid "" "Feature is only supported for `logger == files` (i.e. setting doesn't have " "effect for other logger types)." msgstr "" #. type: Content of: outside any tag (error?) -#: sssd.conf.5.xml:112 sssd.conf.5.xml:187 sssd-ldap.5.xml:1694 -#: sssd-ldap.5.xml:1900 sss-certmap.5.xml:645 sssd-systemtap.5.xml:82 +#: sssd.conf.5.xml:111 sssd.conf.5.xml:186 sssd-ldap.5.xml:1705 +#: sssd-ldap.5.xml:1911 sss-certmap.5.xml:645 sssd-systemtap.5.xml:82 #: sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 #: sssd-systemtap.5.xml:330 sssd-ldap-attributes.5.xml:40 #: sssd-ldap-attributes.5.xml:661 sssd-ldap-attributes.5.xml:803 @@ -309,17 +309,17 @@ msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:185 +#: sssd.conf.5.xml:184 msgid "Options usable in SERVICE and DOMAIN sections" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:189 +#: sssd.conf.5.xml:188 msgid "timeout (integer)" msgstr "timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:192 +#: sssd.conf.5.xml:191 msgid "" "Timeout in seconds between heartbeats for this service. This is used to " "ensure that the process is alive and capable of answering requests. Note " @@ -327,33 +327,33 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:199 sssd.conf.5.xml:1261 sssd.conf.5.xml:1738 -#: sssd.conf.5.xml:4247 sssd-ldap.5.xml:766 include/ldap_id_mapping.xml:270 +#: sssd.conf.5.xml:198 sssd.conf.5.xml:1264 sssd.conf.5.xml:1741 +#: sssd.conf.5.xml:4250 sssd-ldap.5.xml:777 include/ldap_id_mapping.xml:270 msgid "Default: 10" msgstr "初期値: 10" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:209 +#: sssd.conf.5.xml:208 msgid "SPECIAL SECTIONS" msgstr "特別セクション" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:212 +#: sssd.conf.5.xml:211 msgid "The [sssd] section" msgstr "[sssd] セクション" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><title> -#: sssd.conf.5.xml:221 +#: sssd.conf.5.xml:220 msgid "Section parameters" msgstr "セクションのパラメーター" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:223 +#: sssd.conf.5.xml:222 msgid "services" msgstr "services" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:226 +#: sssd.conf.5.xml:225 msgid "" "Comma separated list of services that are started when sssd itself starts. " "<phrase condition=\"have_systemd\"> The services' list is optional on " @@ -362,7 +362,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:235 +#: sssd.conf.5.xml:234 msgid "" "Supported services: nss, pam, ifp <phrase condition=\"with_sudo\">, sudo</" "phrase> <phrase condition=\"with_autofs\">, autofs</phrase> <phrase " @@ -371,7 +371,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:242 +#: sssd.conf.5.xml:241 msgid "" "<phrase condition=\"have_systemd\"> By default, all services are disabled " "and the administrator must enable the ones allowed to be used by executing: " @@ -379,12 +379,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:251 +#: sssd.conf.5.xml:250 msgid "domains" msgstr "domains" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:254 +#: sssd.conf.5.xml:253 msgid "" "A domain is a database containing user information. SSSD can use more " "domains at the same time, but at least one must be configured or SSSD won't " @@ -395,19 +395,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:267 sssd.conf.5.xml:3535 +#: sssd.conf.5.xml:266 sssd.conf.5.xml:3538 msgid "re_expression (string)" msgstr "re_expression (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:270 +#: sssd.conf.5.xml:269 msgid "" "Default regular expression that describes how to parse the string containing " "user name and domain into these components." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:275 +#: sssd.conf.5.xml:274 msgid "" "Each domain can have an individual regular expression configured. For some " "ID providers there are also default regular expressions. See DOMAIN SECTIONS " @@ -415,12 +415,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:284 sssd.conf.5.xml:3592 +#: sssd.conf.5.xml:283 sssd.conf.5.xml:3595 msgid "full_name_format (string)" msgstr "full_name_format (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:3595 +#: sssd.conf.5.xml:286 sssd.conf.5.xml:3598 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -431,39 +431,39 @@ msgstr "" "manvolnum> </citerefentry> 互換形式。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:298 sssd.conf.5.xml:3606 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:3609 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 sssd.conf.5.xml:3607 +#: sssd.conf.5.xml:298 sssd.conf.5.xml:3610 msgid "user name" msgstr "ユーザー名" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:302 sssd.conf.5.xml:3610 +#: sssd.conf.5.xml:301 sssd.conf.5.xml:3613 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:305 sssd.conf.5.xml:3613 +#: sssd.conf.5.xml:304 sssd.conf.5.xml:3616 msgid "domain name as specified in the SSSD config file." msgstr "SSSD 設定ファイルにおいて指定されるドメイン名。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:311 sssd.conf.5.xml:3619 +#: sssd.conf.5.xml:310 sssd.conf.5.xml:3622 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:314 sssd.conf.5.xml:3622 +#: sssd.conf.5.xml:313 sssd.conf.5.xml:3625 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:295 sssd.conf.5.xml:3603 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:3606 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -472,19 +472,19 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:324 +#: sssd.conf.5.xml:323 msgid "" "Each domain can have an individual format string configured. See DOMAIN " "SECTIONS for more info on this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:330 +#: sssd.conf.5.xml:329 msgid "monitor_resolv_conf (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:333 +#: sssd.conf.5.xml:332 msgid "" "Controls if SSSD should monitor the state of resolv.conf to identify when it " "needs to update its internal DNS resolver." @@ -493,12 +493,12 @@ msgstr "" "conf の状態を監視するかどうかを制御します。" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:343 +#: sssd.conf.5.xml:342 msgid "try_inotify (boolean)" msgstr "try_inotify (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:346 +#: sssd.conf.5.xml:345 msgid "" "By default, SSSD will attempt to use inotify to monitor configuration files " "changes and will fall back to polling every five seconds if inotify cannot " @@ -506,7 +506,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:352 +#: sssd.conf.5.xml:351 msgid "" "There are some limited situations where it is preferred that we should skip " "even trying to use inotify. In these rare cases, this option should be set " @@ -517,7 +517,7 @@ msgstr "" "です" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:358 +#: sssd.conf.5.xml:357 msgid "" "Default: true on platforms where inotify is supported. False on other " "platforms." @@ -526,7 +526,7 @@ msgstr "" "トフォームにおいては偽です。" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:362 +#: sssd.conf.5.xml:361 msgid "" "Note: this option will have no effect on platforms where inotify is " "unavailable. On these platforms, polling will always be used." @@ -535,12 +535,12 @@ msgstr "" "ません。これらのプラットフォームにおいては、ポーリングが常に使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 +#: sssd.conf.5.xml:368 msgid "krb5_rcache_dir (string)" msgstr "krb5_rcache_dir (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 +#: sssd.conf.5.xml:371 msgid "" "Directory on the filesystem where SSSD should store Kerberos replay cache " "files." @@ -549,7 +549,7 @@ msgstr "" "クトリーです。" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:376 +#: sssd.conf.5.xml:375 msgid "" "This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " "SSSD to let libkrb5 decide the appropriate location for the replay cache." @@ -558,7 +558,7 @@ msgstr "" "よう SSSD に指示する、特別な値 __LIBKRB5_DEFAULTS__ を受け付けます。" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:382 +#: sssd.conf.5.xml:381 msgid "" "Default: Distribution-specific and specified at build-time. " "(__LIBKRB5_DEFAULTS__ if not configured)" @@ -567,12 +567,12 @@ msgstr "" "ければ __LIBKRB5_DEFAULTS__ です)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:389 +#: sssd.conf.5.xml:388 msgid "user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:392 +#: sssd.conf.5.xml:391 msgid "" "A legacy (deprecated) method to configure the user to drop the privileges to " "where appropriate to avoid running as the root user. The only supported " @@ -580,14 +580,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 +#: sssd.conf.5.xml:398 msgid "" "This option is ignored if main SSSD process is started under non-root user " "initially (preferred method)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:404 +#: sssd.conf.5.xml:403 msgid "" "This option doesn't apply to socket activated services, as in this case the " "user to run the processes is configured in systemd service files. Keep in " @@ -597,17 +597,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:415 +#: sssd.conf.5.xml:414 msgid "Default: not set, process will run as root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:420 +#: sssd.conf.5.xml:419 msgid "default_domain_suffix (string)" msgstr "default_domain_suffix (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:423 +#: sssd.conf.5.xml:422 +msgid "" +"Please note that this option is deprecated and domain_resolution_order " +"should be used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:426 msgid "" "This string will be used as a default domain name for all names without a " "domain name component. The main use case is environments where the primary " @@ -617,7 +624,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 +#: sssd.conf.5.xml:436 msgid "" "Please note that if this option is set all users from the primary domain " "have to use their fully qualified name, e.g. user@domain.name, to log in. " @@ -630,8 +637,8 @@ msgid "" msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:450 sssd-ldap.5.xml:878 sssd-ldap.5.xml:890 -#: sssd-ldap.5.xml:983 sssd-ad.5.xml:921 sssd-ad.5.xml:996 sssd-krb5.5.xml:468 +#: sssd.conf.5.xml:453 sssd-ldap.5.xml:889 sssd-ldap.5.xml:901 +#: sssd-ldap.5.xml:994 sssd-ad.5.xml:921 sssd-ad.5.xml:996 sssd-krb5.5.xml:468 #: sssd-ldap-attributes.5.xml:470 sssd-ldap-attributes.5.xml:978 #: include/ldap_id_mapping.xml:211 include/ldap_id_mapping.xml:222 #: include/krb5_options.xml:148 @@ -639,12 +646,12 @@ msgid "Default: not set" msgstr "初期値: 設定されません" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:455 +#: sssd.conf.5.xml:458 msgid "override_space (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:458 +#: sssd.conf.5.xml:461 msgid "" "This parameter will replace spaces (space bar) with the given character for " "user and group names. e.g. (_). User name "john doe" will be " @@ -654,7 +661,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:467 +#: sssd.conf.5.xml:470 msgid "" "Please note it is a configuration error to use a replacement character that " "might be used in user or group names. If a name contains the replacement " @@ -663,22 +670,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:475 +#: sssd.conf.5.xml:478 msgid "Default: not set (spaces will not be replaced)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:480 +#: sssd.conf.5.xml:483 msgid "certificate_verification (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:488 +#: sssd.conf.5.xml:491 msgid "no_ocsp" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:490 +#: sssd.conf.5.xml:493 msgid "" "Disables Online Certificate Status Protocol (OCSP) checks. This might be " "needed if the OCSP servers defined in the certificate are not reachable from " @@ -686,12 +693,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:498 +#: sssd.conf.5.xml:501 msgid "soft_ocsp" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:500 +#: sssd.conf.5.xml:503 msgid "" "If a connection cannot be established to an OCSP responder the OCSP check is " "skipped. This option should be used to allow authentication when the system " @@ -699,61 +706,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:510 +#: sssd.conf.5.xml:513 msgid "ocsp_dgst" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:512 +#: sssd.conf.5.xml:515 msgid "" "Digest (hash) function used to create the certificate ID for the OCSP " "request. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:516 +#: sssd.conf.5.xml:519 msgid "sha1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:517 +#: sssd.conf.5.xml:520 msgid "sha256" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:518 +#: sssd.conf.5.xml:521 msgid "sha384" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:519 +#: sssd.conf.5.xml:522 msgid "sha512" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:522 +#: sssd.conf.5.xml:525 msgid "Default: sha1 (to allow compatibility with RFC5019-compliant responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:528 +#: sssd.conf.5.xml:531 msgid "no_verification" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:530 +#: sssd.conf.5.xml:533 msgid "" "Disables verification completely. This option should only be used for " "testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:536 +#: sssd.conf.5.xml:539 msgid "partial_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:538 +#: sssd.conf.5.xml:541 msgid "" "Allow verification to succeed even if a <replaceable>complete</replaceable> " "chain cannot be built to a self-signed trust-anchor, provided it is possible " @@ -761,12 +768,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:547 +#: sssd.conf.5.xml:550 msgid "ocsp_default_responder=URL" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:549 +#: sssd.conf.5.xml:552 msgid "" "Sets the OCSP default responder which should be used instead of the one " "mentioned in the certificate. URL must be replaced with the URL of the OCSP " @@ -774,24 +781,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:559 +#: sssd.conf.5.xml:562 msgid "ocsp_default_responder_signing_cert=NAME" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:561 +#: sssd.conf.5.xml:564 msgid "" "This option is currently ignored. All needed certificates must be available " "in the PEM file given by pam_cert_db_path." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:569 +#: sssd.conf.5.xml:572 msgid "crl_file=/PATH/TO/CRL/FILE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:571 +#: sssd.conf.5.xml:574 #, fuzzy #| msgid "" #| "Please refer to the <quote>dns_discovery_domain</quote> parameter in the " @@ -808,12 +815,12 @@ msgstr "" "<quote>dns_discovery_domain</quote> パラメーターを参照してください。" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:584 +#: sssd.conf.5.xml:587 msgid "soft_crl" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:587 +#: sssd.conf.5.xml:590 msgid "" "If a Certificate Revocation List (CRL) is expired ignore the expiration " "time of the CRL and check the related certificates with the expired CRL. " @@ -822,7 +829,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:483 +#: sssd.conf.5.xml:486 msgid "" "With this parameter the certificate verification can be tuned with a comma " "separated list of options. Supported options are: <placeholder " @@ -830,58 +837,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 +#: sssd.conf.5.xml:603 msgid "Unknown options are reported but ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:603 +#: sssd.conf.5.xml:606 msgid "Default: not set, i.e. do not restrict certificate verification" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:609 +#: sssd.conf.5.xml:612 msgid "disable_netlink (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:612 +#: sssd.conf.5.xml:615 msgid "" "SSSD hooks into the netlink interface to monitor changes to routes, " "addresses, links and trigger certain actions." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 +#: sssd.conf.5.xml:620 msgid "" "The SSSD state changes caused by netlink events may be undesirable and can " "be disabled by setting this option to 'true'" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:622 +#: sssd.conf.5.xml:625 msgid "Default: false (netlink changes are detected)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:627 +#: sssd.conf.5.xml:630 msgid "enable_files_domain (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:630 +#: sssd.conf.5.xml:633 msgid "" "When this option is enabled, SSSD prepends an implicit domain with " "<quote>id_provider=files</quote> before any explicitly configured domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:641 +#: sssd.conf.5.xml:644 msgid "domain_resolution_order" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:644 +#: sssd.conf.5.xml:647 msgid "" "Comma separated list of domains and subdomains representing the lookup order " "that will be followed. The list doesn't have to include all possible " @@ -892,7 +899,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:656 +#: sssd.conf.5.xml:659 msgid "" "Please, note that when this option is set the output format of all commands " "is always fully-qualified even when using short names for input <phrase " @@ -910,20 +917,20 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:684 sssd.conf.5.xml:1762 sssd.conf.5.xml:4297 +#: sssd.conf.5.xml:687 sssd.conf.5.xml:1765 sssd.conf.5.xml:4300 #: sssd-ad.5.xml:187 sssd-ad.5.xml:328 sssd-ad.5.xml:342 msgid "Default: Not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:692 #, fuzzy #| msgid "ipa_server_mode (boolean)" msgid "implicit_pac_responder (boolean)" msgstr "ipa_server_mode (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 +#: sssd.conf.5.xml:695 msgid "" "The PAC responder is enabled automatically for the IPA and AD provider to " "evaluate and check the PAC. If it has to be disabled set this option to " @@ -931,14 +938,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:703 +#: sssd.conf.5.xml:706 #, fuzzy #| msgid "dyndns_update (boolean)" msgid "core_dumpable (boolean)" msgstr "dyndns_update (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:706 +#: sssd.conf.5.xml:709 msgid "" "This option can be used for general system hardening: setting it to 'false' " "forbids core dumps for all SSSD processes to avoid leaking plain text " @@ -946,28 +953,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:718 +#: sssd.conf.5.xml:721 #, fuzzy #| msgid "ipa_automount_location (string)" msgid "passkey_verification (string)" msgstr "ipa_automount_location (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:726 +#: sssd.conf.5.xml:729 #, fuzzy #| msgid "ipa_automount_location (string)" msgid "user_verification (boolean)" msgstr "ipa_automount_location (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 +#: sssd.conf.5.xml:731 msgid "" "Enable or disable the user verification (i.e. PIN, fingerprint) during " "authentication. If enabled, the PIN will always be requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 +#: sssd.conf.5.xml:737 msgid "" "The default is that the key settings decide what to do. In the IPA or " "kerberos pre-authentication case, this value will be overwritten by the " @@ -975,7 +982,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:721 +#: sssd.conf.5.xml:724 #, fuzzy #| msgid "" #| "The following expansions are supported: <placeholder " @@ -989,7 +996,7 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:214 +#: sssd.conf.5.xml:213 msgid "" "Individual pieces of SSSD functionality are provided by special SSSD " "services that are started and stopped together with SSSD. The services are " @@ -1005,12 +1012,12 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:753 +#: sssd.conf.5.xml:756 msgid "SERVICES SECTIONS" msgstr "サービスセクション" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:755 +#: sssd.conf.5.xml:758 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -1022,22 +1029,22 @@ msgstr "" "ば、NSS サービスは <quote>[nss]</quote> セクションです" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:762 +#: sssd.conf.5.xml:765 msgid "General service configuration options" msgstr "サービス設定の全体オプション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:764 +#: sssd.conf.5.xml:767 msgid "These options can be used to configure any service." msgstr "これらのオプションはすべてのサービスを設定するために使用できます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:768 +#: sssd.conf.5.xml:771 msgid "fd_limit" msgstr "fd_limit" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:771 +#: sssd.conf.5.xml:774 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -1047,17 +1054,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:780 +#: sssd.conf.5.xml:783 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:785 +#: sssd.conf.5.xml:788 msgid "client_idle_timeout" msgstr "client_idle_timeout" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:788 +#: sssd.conf.5.xml:791 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " @@ -1067,19 +1074,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:797 +#: sssd.conf.5.xml:800 #, fuzzy #| msgid "Default: 300" msgid "Default: 60, KCM: 300" msgstr "初期値: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 +#: sssd.conf.5.xml:805 msgid "offline_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 +#: sssd.conf.5.xml:808 msgid "" "When SSSD switches to offline mode the amount of time before it tries to go " "back online will increase based upon the time spent disconnected. By " @@ -1090,14 +1097,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:816 sssd.conf.5.xml:872 +#: sssd.conf.5.xml:819 sssd.conf.5.xml:875 msgid "" "new_delay = Minimum(old_delay * 2, offline_timeout_max) + random[0..." "offline_timeout_random_offset]" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:822 msgid "" "The offline_timeout default value is 60. The offline_timeout_max default " "value is 3600. The offline_timeout_random_offset default value is 30. The " @@ -1105,46 +1112,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:825 +#: sssd.conf.5.xml:828 msgid "" "Note that the maximum length of each interval is defined by " "offline_timeout_max (apart of random part)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:829 sssd.conf.5.xml:1172 sssd.conf.5.xml:1555 -#: sssd.conf.5.xml:1851 sssd-ldap.5.xml:495 +#: sssd.conf.5.xml:832 sssd.conf.5.xml:1175 sssd.conf.5.xml:1558 +#: sssd.conf.5.xml:1854 sssd-ldap.5.xml:506 msgid "Default: 60" msgstr "初期値: 60" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:834 +#: sssd.conf.5.xml:837 #, fuzzy #| msgid "timeout (integer)" msgid "offline_timeout_max (integer)" msgstr "timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:837 +#: sssd.conf.5.xml:840 msgid "" "Controls by how much the time between attempts to go online can be " "incremented following unsuccessful attempts to go online." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:842 +#: sssd.conf.5.xml:845 msgid "A value of 0 disables the incrementing behaviour." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:845 +#: sssd.conf.5.xml:848 msgid "" "The value of this parameter should be set in correlation to offline_timeout " "parameter value." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:849 +#: sssd.conf.5.xml:852 msgid "" "With offline_timeout set to 60 (default value) there is no point in setting " "offlinet_timeout_max to less than 120 as it will saturate instantly. General " @@ -1153,64 +1160,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:858 msgid "" "Although a value between 0 and offline_timeout may be specified, it has the " "effect of overriding the offline_timeout value so is of little use." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:863 #, fuzzy #| msgid "Default: 300" msgid "Default: 3600" msgstr "初期値: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:865 +#: sssd.conf.5.xml:868 #, fuzzy #| msgid "offline_failed_login_attempts (integer)" msgid "offline_timeout_random_offset (integer)" msgstr "offline_failed_login_attempts (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:868 +#: sssd.conf.5.xml:871 msgid "" "When SSSD is in offline mode it keeps probing backend servers in specified " "time intervals:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:875 +#: sssd.conf.5.xml:878 msgid "" "This parameter controls the value of the random offset used for the above " "equation. Final random_offset value will be random number in range:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:880 +#: sssd.conf.5.xml:883 msgid "[0 - offline_timeout_random_offset]" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:883 +#: sssd.conf.5.xml:886 msgid "A value of 0 disables the random offset addition." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:886 +#: sssd.conf.5.xml:889 #, fuzzy #| msgid "Default: 300" msgid "Default: 30" msgstr "初期値: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:894 msgid "responder_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:894 +#: sssd.conf.5.xml:897 msgid "" "This option specifies the number of seconds that an SSSD responder process " "can be up without being used. This value is limited in order to avoid " @@ -1222,30 +1229,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:908 sssd.conf.5.xml:1185 sssd.conf.5.xml:2304 -#: sssd-ldap.5.xml:332 +#: sssd.conf.5.xml:911 sssd.conf.5.xml:1188 sssd.conf.5.xml:2307 +#: sssd-ldap.5.xml:343 msgid "Default: 300" msgstr "初期値: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:913 +#: sssd.conf.5.xml:916 msgid "cache_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:916 +#: sssd.conf.5.xml:919 msgid "" "This option specifies whether the responder should query all caches before " "querying the Data Providers." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:934 msgid "NSS configuration options" msgstr "NSS 設定オプション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:933 +#: sssd.conf.5.xml:936 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" @@ -1253,12 +1260,12 @@ msgstr "" "きます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:938 +#: sssd.conf.5.xml:941 msgid "enum_cache_timeout (integer)" msgstr "enum_cache_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:941 +#: sssd.conf.5.xml:944 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" @@ -1267,17 +1274,17 @@ msgstr "" "要求)。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:945 +#: sssd.conf.5.xml:948 msgid "Default: 120" msgstr "初期値: 120" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:950 +#: sssd.conf.5.xml:953 msgid "entry_cache_nowait_percentage (integer)" msgstr "entry_cache_nowait_percentage (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:956 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -1288,7 +1295,7 @@ msgstr "" "す。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:959 +#: sssd.conf.5.xml:962 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -1303,7 +1310,7 @@ msgstr "" "とをブロックする必要がありません。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:969 +#: sssd.conf.5.xml:972 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -1316,17 +1323,17 @@ msgstr "" "(0 はこの機能を無効にします)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:977 sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:980 sssd.conf.5.xml:2096 msgid "Default: 50" msgstr "初期値: 50" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:985 msgid "entry_negative_timeout (integer)" msgstr "entry_negative_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:985 +#: sssd.conf.5.xml:988 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -1337,17 +1344,17 @@ msgstr "" "せ)をキャッシュする秒数を指定します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:991 sssd.conf.5.xml:1750 sssd.conf.5.xml:2117 +#: sssd.conf.5.xml:994 sssd.conf.5.xml:1753 sssd.conf.5.xml:2120 msgid "Default: 15" msgstr "初期値: 15" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:996 +#: sssd.conf.5.xml:999 msgid "local_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:999 +#: sssd.conf.5.xml:1002 msgid "" "Specifies for how many seconds nss_sss should keep local users and groups in " "negative cache before trying to look it up in the back end again. Setting " @@ -1355,17 +1362,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1005 +#: sssd.conf.5.xml:1008 msgid "Default: 14400 (4 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1013 msgid "filter_users, filter_groups (string)" msgstr "filter_users, filter_groups (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1013 +#: sssd.conf.5.xml:1016 msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " @@ -1374,7 +1381,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1024 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1383,17 +1390,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1029 +#: sssd.conf.5.xml:1032 msgid "Default: root" msgstr "初期値: root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1037 msgid "filter_users_in_groups (bool)" msgstr "filter_users_in_groups (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1037 +#: sssd.conf.5.xml:1040 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" @@ -1401,12 +1408,12 @@ msgstr "" "ションを偽に設定します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1048 +#: sssd.conf.5.xml:1051 msgid "fallback_homedir (string)" msgstr "fallback_homedir (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 +#: sssd.conf.5.xml:1054 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." @@ -1415,7 +1422,7 @@ msgstr "" "ホームディレクトリーの標準テンプレートを設定します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1056 +#: sssd.conf.5.xml:1059 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" @@ -1423,7 +1430,7 @@ msgstr "" "同じです。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1062 +#: sssd.conf.5.xml:1065 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1433,23 +1440,23 @@ msgstr "" " " #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 sssd.conf.5.xml:1622 sssd.conf.5.xml:1641 -#: sssd.conf.5.xml:1718 sssd-krb5.5.xml:451 include/override_homedir.xml:66 +#: sssd.conf.5.xml:1063 sssd.conf.5.xml:1625 sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1721 sssd-krb5.5.xml:451 include/override_homedir.xml:66 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "例: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1069 msgid "Default: not set (no substitution for unset home directories)" msgstr "初期値: 設定なし (ホームディレクトリーの設定がない場合は代替なし)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1072 +#: sssd.conf.5.xml:1075 msgid "override_shell (string)" msgstr "override_shell (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 +#: sssd.conf.5.xml:1078 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1457,17 +1464,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1084 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "初期値: 設定なし (SSSD は LDAP から取得された値を使用します)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1090 msgid "allowed_shells (string)" msgstr "allowed_shells (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1093 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" @@ -1475,13 +1482,13 @@ msgstr "" "す:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:1096 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" "1. シェルが <quote>/etc/shells</quote> に存在すると、それが使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1097 +#: sssd.conf.5.xml:1100 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." @@ -1490,7 +1497,7 @@ msgstr "" "ば、shell_fallback パラメーターの値を使用します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1105 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." @@ -1499,12 +1506,12 @@ msgstr "" "ば、nologin シェルが使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 +#: sssd.conf.5.xml:1110 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1110 +#: sssd.conf.5.xml:1113 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1512,12 +1519,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1117 +#: sssd.conf.5.xml:1120 msgid "An empty string for shell is passed as-is to libc." msgstr "シェルの空文字列は libc にそのまま渡されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1123 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." @@ -1527,27 +1534,27 @@ msgstr "" "ます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1127 msgid "Default: Not set. The user shell is automatically used." msgstr "初期値: 設定されません。ユーザーシェルが自動的に使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1132 msgid "vetoed_shells (string)" msgstr "vetoed_shells (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1132 +#: sssd.conf.5.xml:1135 msgid "Replace any instance of these shells with the shell_fallback" msgstr "これらのシェルのインスタンスをすべて shell_fallback に置き換えます" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1140 msgid "shell_fallback (string)" msgstr "shell_fallback (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1143 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" @@ -1555,79 +1562,79 @@ msgstr "" "す。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1147 msgid "Default: /bin/sh" msgstr "初期値: /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1152 msgid "default_shell" msgstr "default_shell" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1155 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1161 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 sssd.conf.5.xml:1548 +#: sssd.conf.5.xml:1168 sssd.conf.5.xml:1551 msgid "get_domains_timeout (int)" msgstr "get_domains_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 sssd.conf.5.xml:1551 +#: sssd.conf.5.xml:1171 sssd.conf.5.xml:1554 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "サブドメインのリストが有効とみなされる時間を秒単位で指定します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1180 #, fuzzy #| msgid "enum_cache_timeout (integer)" msgid "memcache_timeout (integer)" msgstr "enum_cache_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1180 +#: sssd.conf.5.xml:1183 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1191 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 sssd.conf.5.xml:1219 sssd.conf.5.xml:1244 -#: sssd.conf.5.xml:1269 sssd.conf.5.xml:1296 +#: sssd.conf.5.xml:1197 sssd.conf.5.xml:1222 sssd.conf.5.xml:1247 +#: sssd.conf.5.xml:1272 sssd.conf.5.xml:1299 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1202 +#: sssd.conf.5.xml:1205 #, fuzzy #| msgid "enum_cache_timeout (integer)" msgid "memcache_size_passwd (integer)" msgstr "enum_cache_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1205 +#: sssd.conf.5.xml:1208 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for passwd requests. Setting the size to 0 will disable the passwd in-" @@ -1635,27 +1642,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:2963 sssd-ldap.5.xml:549 +#: sssd.conf.5.xml:1214 sssd.conf.5.xml:2966 sssd-ldap.5.xml:560 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1214 sssd.conf.5.xml:1239 sssd.conf.5.xml:1264 -#: sssd.conf.5.xml:1291 +#: sssd.conf.5.xml:1217 sssd.conf.5.xml:1242 sssd.conf.5.xml:1267 +#: sssd.conf.5.xml:1294 msgid "" "WARNING: Disabled or too small in-memory cache can have significant negative " "impact on SSSD's performance." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1230 #, fuzzy #| msgid "enum_cache_timeout (integer)" msgid "memcache_size_group (integer)" msgstr "enum_cache_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1233 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for group requests. Setting the size to 0 will disable the group in-memory " @@ -1663,21 +1670,21 @@ msgid "" msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1236 sssd.conf.5.xml:1288 sssd.conf.5.xml:3724 -#: sssd-ldap.5.xml:474 sssd-ldap.5.xml:526 include/failover.xml:116 +#: sssd.conf.5.xml:1239 sssd.conf.5.xml:1291 sssd.conf.5.xml:3727 +#: sssd-ldap.5.xml:485 sssd-ldap.5.xml:537 include/failover.xml:116 #: include/krb5_options.xml:11 msgid "Default: 6" msgstr "初期値: 6" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1252 +#: sssd.conf.5.xml:1255 #, fuzzy #| msgid "enum_cache_timeout (integer)" msgid "memcache_size_initgroups (integer)" msgstr "enum_cache_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1255 +#: sssd.conf.5.xml:1258 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for initgroups requests. Setting the size to 0 will disable the initgroups " @@ -1685,14 +1692,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 +#: sssd.conf.5.xml:1280 #, fuzzy #| msgid "enum_cache_timeout (integer)" msgid "memcache_size_sid (integer)" msgstr "enum_cache_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 +#: sssd.conf.5.xml:1283 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for SID related requests. Only SID-by-ID and ID-by-SID requests are " @@ -1701,12 +1708,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1304 sssd-ifp.5.xml:90 +#: sssd.conf.5.xml:1307 sssd-ifp.5.xml:90 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1307 +#: sssd.conf.5.xml:1310 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1717,38 +1724,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1320 +#: sssd.conf.5.xml:1323 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1325 +#: sssd.conf.5.xml:1328 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1330 +#: sssd.conf.5.xml:1333 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1336 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1341 #, fuzzy #| msgid "Default: <quote>permit</quote>" msgid "Default: <quote>*</quote>" msgstr "初期値: <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1341 +#: sssd.conf.5.xml:1344 #, fuzzy #| msgid "This option can also be set per-domain." msgid "" @@ -1757,7 +1764,7 @@ msgid "" msgstr "このオプションはドメインごとに設定できます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1348 msgid "" "Default: <quote>not set</quote> (remote domains), <phrase " "condition=\"with_files_provider\"> <quote>x</quote> (the files domain), </" @@ -1766,12 +1773,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1360 msgid "PAM configuration options" msgstr "PAM 設定オプション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1359 +#: sssd.conf.5.xml:1362 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." @@ -1780,12 +1787,12 @@ msgstr "" "ために使用できます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1364 +#: sssd.conf.5.xml:1367 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1367 +#: sssd.conf.5.xml:1370 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." @@ -1794,17 +1801,17 @@ msgstr "" "ラインログインの最終成功からの日数)です。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1372 sssd.conf.5.xml:1385 +#: sssd.conf.5.xml:1375 sssd.conf.5.xml:1388 msgid "Default: 0 (No limit)" msgstr "初期値: 0 (無制限)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1381 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1384 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." @@ -1812,12 +1819,12 @@ msgstr "" "認証プロバイダーがオフラインの場合、ログイン試行の失敗が許容される回数です。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1391 +#: sssd.conf.5.xml:1394 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1394 +#: sssd.conf.5.xml:1397 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." @@ -1826,7 +1833,7 @@ msgstr "" "渡される分単位の時間です。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1399 +#: sssd.conf.5.xml:1402 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1837,17 +1844,17 @@ msgstr "" "効にできます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1405 sssd.conf.5.xml:1515 +#: sssd.conf.5.xml:1408 sssd.conf.5.xml:1518 msgid "Default: 5" msgstr "初期値: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1411 +#: sssd.conf.5.xml:1414 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1414 +#: sssd.conf.5.xml:1417 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." @@ -1856,44 +1863,44 @@ msgstr "" "きいほどメッセージが表示されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1422 msgid "Currently sssd supports the following values:" msgstr "現在 sssd は以下の値をサポートします:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1422 +#: sssd.conf.5.xml:1425 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis>: 何もメッセージを表示しない" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1425 +#: sssd.conf.5.xml:1428 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis>: 重要なメッセージのみを表示する" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1432 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis>: 情報レベルのメッセージを表示する" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1435 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "<emphasis>3</emphasis>: すべてのメッセージとデバッグ情報を表示する" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1436 sssd.8.xml:63 +#: sssd.conf.5.xml:1439 sssd.8.xml:63 msgid "Default: 1" msgstr "初期値: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1442 +#: sssd.conf.5.xml:1445 #, fuzzy #| msgid "ldap_access_filter (string)" msgid "pam_response_filter (string)" msgstr "ldap_access_filter (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:1448 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1902,51 +1909,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1453 +#: sssd.conf.5.xml:1456 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1463 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1461 +#: sssd.conf.5.xml:1464 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1464 +#: sssd.conf.5.xml:1467 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1465 +#: sssd.conf.5.xml:1468 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:1472 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1470 +#: sssd.conf.5.xml:1473 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1458 +#: sssd.conf.5.xml:1461 msgid "" "Currently the following filters are supported: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1477 +#: sssd.conf.5.xml:1480 msgid "" "The list of strings can either be the list of filters which would set this " "list of filters and overwrite the defaults. Or each element of the list can " @@ -1957,23 +1964,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1488 +#: sssd.conf.5.xml:1491 msgid "Default: ENV:KRB5CCNAME:sudo, ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1491 +#: sssd.conf.5.xml:1494 msgid "" "Example: -ENV:KRB5CCNAME:sudo-i will remove the filter from the default list" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1498 +#: sssd.conf.5.xml:1501 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1501 +#: sssd.conf.5.xml:1504 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1983,7 +1990,7 @@ msgstr "" "されるよう、SSSD は直ちにキャッシュされた識別情報を更新しようとします。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1507 +#: sssd.conf.5.xml:1510 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1996,17 +2003,17 @@ msgstr "" "アプリケーションごとに)制御します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1521 +#: sssd.conf.5.xml:1524 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1524 sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:1527 sssd.conf.5.xml:2990 msgid "Display a warning N days before the password expires." msgstr "パスワードの期限が切れる前に N 日間警告を表示します。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1527 +#: sssd.conf.5.xml:1530 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2016,32 +2023,32 @@ msgstr "" "ことに注意してください。この情報がなければ、sssd は警告を表示します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1533 sssd.conf.5.xml:2990 +#: sssd.conf.5.xml:1536 sssd.conf.5.xml:2993 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1541 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1543 sssd.conf.5.xml:3990 sssd-ldap.5.xml:607 -#: sssd-ldap.5.xml:1673 sssd.8.xml:79 +#: sssd.conf.5.xml:1546 sssd.conf.5.xml:3993 sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:1684 sssd.8.xml:79 msgid "Default: 0" msgstr "初期値: 0" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1560 +#: sssd.conf.5.xml:1563 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1563 +#: sssd.conf.5.xml:1566 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -2051,75 +2058,75 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1573 +#: sssd.conf.5.xml:1576 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1577 +#: sssd.conf.5.xml:1580 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1584 +#: sssd.conf.5.xml:1587 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1587 +#: sssd.conf.5.xml:1590 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1591 +#: sssd.conf.5.xml:1594 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1595 +#: sssd.conf.5.xml:1598 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1602 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1603 sssd.conf.5.xml:1628 sssd.conf.5.xml:1647 -#: sssd.conf.5.xml:1884 sssd.conf.5.xml:2725 sssd.conf.5.xml:3919 -#: sssd-ldap.5.xml:1210 +#: sssd.conf.5.xml:1606 sssd.conf.5.xml:1631 sssd.conf.5.xml:1650 +#: sssd.conf.5.xml:1887 sssd.conf.5.xml:2728 sssd.conf.5.xml:3922 +#: sssd-ldap.5.xml:1221 msgid "Default: none" msgstr "初期値: none" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1611 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1611 +#: sssd.conf.5.xml:1614 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1616 +#: sssd.conf.5.xml:1619 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1627 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -2127,19 +2134,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1633 +#: sssd.conf.5.xml:1636 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1639 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1643 +#: sssd.conf.5.xml:1646 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -2147,48 +2154,48 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1652 +#: sssd.conf.5.xml:1655 #, fuzzy #| msgid "ldap_chpass_update_last_change (bool)" msgid "pam_passkey_auth (bool)" msgstr "ldap_chpass_update_last_change (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1655 +#: sssd.conf.5.xml:1658 msgid "Enable passkey device based authentication." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1658 sssd.conf.5.xml:1970 sssd-ad.5.xml:1272 +#: sssd.conf.5.xml:1661 sssd.conf.5.xml:1973 sssd-ad.5.xml:1275 #: sss_rpcidmapd.5.xml:76 sssd-files.5.xml:145 msgid "Default: True" msgstr "初期値: True" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1663 +#: sssd.conf.5.xml:1666 msgid "passkey_debug_libfido2 (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1666 +#: sssd.conf.5.xml:1669 msgid "Enable libfido2 library debug messages." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1669 sssd.conf.5.xml:1683 sssd-ldap.5.xml:672 -#: sssd-ldap.5.xml:693 sssd-ldap.5.xml:789 sssd-ldap.5.xml:1296 -#: sssd-ad.5.xml:506 sssd-ad.5.xml:582 sssd-ad.5.xml:1127 sssd-ad.5.xml:1176 +#: sssd.conf.5.xml:1672 sssd.conf.5.xml:1686 sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:704 sssd-ldap.5.xml:800 sssd-ldap.5.xml:1307 +#: sssd-ad.5.xml:506 sssd-ad.5.xml:582 sssd-ad.5.xml:1127 sssd-ad.5.xml:1179 #: include/ldap_id_mapping.xml:250 msgid "Default: False" msgstr "初期値: 偽" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1674 +#: sssd.conf.5.xml:1677 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1677 +#: sssd.conf.5.xml:1680 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -2196,36 +2203,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1688 +#: sssd.conf.5.xml:1691 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1691 +#: sssd.conf.5.xml:1694 msgid "The path to the certificate database." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1694 sssd.conf.5.xml:2219 sssd.conf.5.xml:4411 +#: sssd.conf.5.xml:1697 sssd.conf.5.xml:2222 sssd.conf.5.xml:4414 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1696 sssd.conf.5.xml:2221 +#: sssd.conf.5.xml:1699 sssd.conf.5.xml:2224 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (path to a file with trusted CA " "certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:1709 #, fuzzy #| msgid "ipa_automount_location (string)" msgid "pam_cert_verification (string)" msgstr "ipa_automount_location (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:1712 msgid "" "With this parameter the PAM certificate verification can be tuned with a " "comma separated list of options that override the " @@ -2235,7 +2242,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:1723 #, fuzzy, no-wrap #| msgid "" #| "fallback_homedir = /home/%u\n" @@ -2248,63 +2255,63 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:1727 msgid "" "Default: not set, i.e. use default <quote>certificate_verification</quote> " "option defined in <quote>[sssd]</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1731 +#: sssd.conf.5.xml:1734 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1734 +#: sssd.conf.5.xml:1737 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1743 +#: sssd.conf.5.xml:1746 #, fuzzy #| msgid "pam_id_timeout (integer)" msgid "passkey_child_timeout (integer)" msgstr "pam_id_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 +#: sssd.conf.5.xml:1749 msgid "" "How many seconds will the PAM responder wait for passkey_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1758 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1761 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1767 +#: sssd.conf.5.xml:1770 #, fuzzy #| msgid "simple_allow_users (string)" msgid "pam_p11_allowed_services (string)" msgstr "simple_allow_users (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1770 +#: sssd.conf.5.xml:1773 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1785 +#: sssd.conf.5.xml:1788 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -2312,7 +2319,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1774 +#: sssd.conf.5.xml:1777 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -2324,63 +2331,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1789 sssd-ad.5.xml:645 sssd-ad.5.xml:754 sssd-ad.5.xml:812 +#: sssd.conf.5.xml:1792 sssd-ad.5.xml:645 sssd-ad.5.xml:754 sssd-ad.5.xml:812 #: sssd-ad.5.xml:870 sssd-ad.5.xml:948 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1794 sssd-ad.5.xml:649 +#: sssd.conf.5.xml:1797 sssd-ad.5.xml:649 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1799 sssd-ad.5.xml:654 +#: sssd.conf.5.xml:1802 sssd-ad.5.xml:654 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1804 sssd-ad.5.xml:659 +#: sssd.conf.5.xml:1807 sssd-ad.5.xml:659 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1809 sssd-ad.5.xml:674 +#: sssd.conf.5.xml:1812 sssd-ad.5.xml:674 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1814 sssd-ad.5.xml:669 +#: sssd.conf.5.xml:1817 sssd-ad.5.xml:669 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1819 sssd-ad.5.xml:679 +#: sssd.conf.5.xml:1822 sssd-ad.5.xml:679 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1824 sssd-ad.5.xml:957 +#: sssd.conf.5.xml:1827 sssd-ad.5.xml:957 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1829 sssd-ad.5.xml:962 +#: sssd.conf.5.xml:1832 sssd-ad.5.xml:962 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1837 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1845 msgid "p11_wait_for_card_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1845 +#: sssd.conf.5.xml:1848 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2388,12 +2395,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1856 +#: sssd.conf.5.xml:1859 msgid "p11_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1859 +#: sssd.conf.5.xml:1862 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " @@ -2404,7 +2411,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1872 +#: sssd.conf.5.xml:1875 #, no-wrap msgid "" "p11_uri = pkcs11:slot-description=My%20Smartcard%20Reader\n" @@ -2412,7 +2419,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1876 +#: sssd.conf.5.xml:1879 #, no-wrap msgid "" "p11_uri = pkcs11:library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2420,7 +2427,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1870 +#: sssd.conf.5.xml:1873 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2429,47 +2436,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1892 msgid "pam_initgroups_scheme" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1897 +#: sssd.conf.5.xml:1900 msgid "always" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1898 +#: sssd.conf.5.xml:1901 msgid "" "Always do an online lookup, please note that pam_id_timeout still applies" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1902 +#: sssd.conf.5.xml:1905 msgid "no_session" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1903 +#: sssd.conf.5.xml:1906 msgid "" "Only do an online lookup if there is no active session of the user, i.e. if " "the user is currently not logged in" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1908 +#: sssd.conf.5.xml:1911 msgid "never" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1909 +#: sssd.conf.5.xml:1912 msgid "" "Never force an online lookup, use the data from the cache as long as they " "are not expired" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1892 +#: sssd.conf.5.xml:1895 msgid "" "The PAM responder can force an online lookup to get the current group " "memberships of the user trying to log in. This option controls when this " @@ -2478,17 +2485,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1916 +#: sssd.conf.5.xml:1919 msgid "Default: no_session" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1921 sssd.conf.5.xml:4350 +#: sssd.conf.5.xml:1924 sssd.conf.5.xml:4353 msgid "pam_gssapi_services" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1924 +#: sssd.conf.5.xml:1927 #, fuzzy #| msgid "Comma separated list of users who are allowed to log in." msgid "" @@ -2497,13 +2504,13 @@ msgid "" msgstr "ログインが許可されたユーザーのカンマ区切り一覧です。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:1932 msgid "" "To disable GSSAPI authentication, set this option to <quote>-</quote> (dash)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1933 sssd.conf.5.xml:1964 sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:1936 sssd.conf.5.xml:1967 sssd.conf.5.xml:2005 msgid "" "Note: This option can also be set per-domain which overwrites the value in " "[pam] section. It can also be set for trusted domain which overwrites the " @@ -2511,7 +2518,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1941 +#: sssd.conf.5.xml:1944 #, fuzzy, no-wrap #| msgid "" #| "fallback_homedir = /home/%u\n" @@ -2524,22 +2531,22 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1939 sssd.conf.5.xml:3913 +#: sssd.conf.5.xml:1942 sssd.conf.5.xml:3916 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1945 +#: sssd.conf.5.xml:1948 msgid "Default: - (GSSAPI authentication is disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1950 sssd.conf.5.xml:4351 +#: sssd.conf.5.xml:1953 sssd.conf.5.xml:4354 msgid "pam_gssapi_check_upn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1953 +#: sssd.conf.5.xml:1956 msgid "" "If True, SSSD will require that the Kerberos user principal that " "successfully authenticated through GSSAPI can be associated with the user " @@ -2547,19 +2554,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1960 +#: sssd.conf.5.xml:1963 msgid "" "If False, every user that is able to obtained required service ticket will " "be authenticated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:1978 msgid "pam_gssapi_indicators_map" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1978 +#: sssd.conf.5.xml:1981 msgid "" "Comma separated list of authentication indicators required to be present in " "a Kerberos ticket to access a PAM service that is allowed to try GSSAPI " @@ -2567,7 +2574,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1984 +#: sssd.conf.5.xml:1987 msgid "" "Each element of the list can be either an authentication indicator name or a " "pair <quote>service:indicator</quote>. Indicators not prefixed with the PAM " @@ -2582,7 +2589,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1997 +#: sssd.conf.5.xml:2000 msgid "" "To disable GSSAPI authentication indicator check, set this option to <quote>-" "</quote> (dash). To disable the check for a specific PAM service, add " @@ -2590,45 +2597,45 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2008 +#: sssd.conf.5.xml:2011 msgid "" "Following authentication indicators are supported by IPA Kerberos " "deployments:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2011 +#: sssd.conf.5.xml:2014 msgid "" "pkinit -- pre-authentication using X.509 certificates -- whether stored in " "files or on smart cards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2014 +#: sssd.conf.5.xml:2017 msgid "" "hardened -- SPAKE pre-authentication or any pre-authentication wrapped in a " "FAST channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2017 +#: sssd.conf.5.xml:2020 msgid "radius -- pre-authentication with the help of a RADIUS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2020 +#: sssd.conf.5.xml:2023 msgid "" "otp -- pre-authentication using integrated two-factor authentication (2FA or " "one-time password, OTP) in IPA." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2023 +#: sssd.conf.5.xml:2026 msgid "idp -- pre-authentication using external identity provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2033 +#: sssd.conf.5.xml:2036 #, no-wrap msgid "" "pam_gssapi_indicators_map = sudo:pkinit, sudo-i:pkinit\n" @@ -2636,7 +2643,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2028 +#: sssd.conf.5.xml:2031 msgid "" "Example: to require access to SUDO services only for users which obtained " "their Kerberos tickets with a X.509 certificate pre-authentication (PKINIT), " @@ -2644,19 +2651,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2037 +#: sssd.conf.5.xml:2040 #, fuzzy #| msgid "Default: not set (no substitution for unset home directories)" msgid "Default: not set (use of authentication indicators is not required)" msgstr "初期値: 設定なし (ホームディレクトリーの設定がない場合は代替なし)" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2048 msgid "SUDO configuration options" msgstr "SUDO 設定オプション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2047 +#: sssd.conf.5.xml:2050 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2667,12 +2674,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2064 +#: sssd.conf.5.xml:2067 msgid "sudo_timed (bool)" msgstr "sudo_timed (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2067 +#: sssd.conf.5.xml:2070 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." @@ -2681,12 +2688,12 @@ msgstr "" "を評価するかしないかです。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2079 +#: sssd.conf.5.xml:2082 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2082 +#: sssd.conf.5.xml:2085 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2696,22 +2703,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2101 +#: sssd.conf.5.xml:2104 msgid "AUTOFS configuration options" msgstr "Autofs 設定オプション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2103 +#: sssd.conf.5.xml:2106 msgid "These options can be used to configure the autofs service." msgstr "これらのオプションが autofs サービスを設定するために使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2107 +#: sssd.conf.5.xml:2110 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2110 +#: sssd.conf.5.xml:2113 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2722,51 +2729,51 @@ msgstr "" "ヒットする秒数を指定します。" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2126 +#: sssd.conf.5.xml:2129 msgid "SSH configuration options" msgstr "SSH 設定オプション" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2128 +#: sssd.conf.5.xml:2131 msgid "These options can be used to configure the SSH service." msgstr "これらのオプションは SSH サービスを設定するために使用されます。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:2135 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (論理値)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2135 +#: sssd.conf.5.xml:2138 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2144 +#: sssd.conf.5.xml:2147 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2147 +#: sssd.conf.5.xml:2150 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2154 msgid "Default: 180" msgstr "初期値: 180" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2156 +#: sssd.conf.5.xml:2159 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2159 +#: sssd.conf.5.xml:2162 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2775,12 +2782,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2174 +#: sssd.conf.5.xml:2177 msgid "ssh_use_certificate_matching_rules (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2177 +#: sssd.conf.5.xml:2180 msgid "" "By default the ssh responder will use all available certificate matching " "rules to filter the certificates so that ssh keys are only derived from the " @@ -2790,7 +2797,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2186 +#: sssd.conf.5.xml:2189 msgid "" "There are two special key words 'all_rules' and 'no_rules' which will enable " "all or no rules, respectively. The latter means that no certificates will be " @@ -2798,7 +2805,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2193 +#: sssd.conf.5.xml:2196 msgid "" "If no rules are configured using 'all_rules' will enable a default rule " "which enables all certificates suitable for client authentication. This is " @@ -2807,38 +2814,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2200 +#: sssd.conf.5.xml:2203 msgid "" "A non-existing rule name is considered an error. If as a result no rule is " "selected all certificates will be ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2205 +#: sssd.conf.5.xml:2208 msgid "" "Default: not set, equivalent to 'all_rules', all found rules or the default " "rule are used" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2211 +#: sssd.conf.5.xml:2214 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2214 +#: sssd.conf.5.xml:2217 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2234 +#: sssd.conf.5.xml:2237 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2239 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2849,7 +2856,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2245 +#: sssd.conf.5.xml:2248 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2860,24 +2867,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2253 +#: sssd.conf.5.xml:2256 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2259 +#: sssd.conf.5.xml:2262 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2263 sssd-ifp.5.xml:66 +#: sssd.conf.5.xml:2266 sssd-ifp.5.xml:66 msgid "allowed_uids (string)" msgstr "allowed_uids (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2266 +#: sssd.conf.5.xml:2269 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2885,19 +2892,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2272 +#: sssd.conf.5.xml:2275 msgid "" "Default: 0, &sssd_user_name; (only root and SSSD service users are allowed " "to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2279 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2280 +#: sssd.conf.5.xml:2283 msgid "" "Please note that defaults will be overwritten with this option. If you still " "want to allow the root and/or '&sssd_user_name;' user to access the PAC " @@ -2906,7 +2913,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2287 +#: sssd.conf.5.xml:2290 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2915,26 +2922,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2296 +#: sssd.conf.5.xml:2299 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2299 +#: sssd.conf.5.xml:2302 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2309 +#: sssd.conf.5.xml:2312 #, fuzzy #| msgid "ldap_schema (string)" msgid "pac_check (string)" msgstr "ldap_schema (文字列)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2312 +#: sssd.conf.5.xml:2315 msgid "" "Apply additional checks on the PAC of the Kerberos ticket which is available " "in Active Directory and FreeIPA domains, if configured. Please note that " @@ -2945,24 +2952,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2326 +#: sssd.conf.5.xml:2329 msgid "no_check" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2328 +#: sssd.conf.5.xml:2331 msgid "" "The PAC must not be present and even if it is present no additional checks " "will be done." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2334 +#: sssd.conf.5.xml:2337 msgid "pac_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:2339 msgid "" "The PAC must be present in the service ticket which SSSD will request with " "the help of the user's TGT. If the PAC is not available the authentication " @@ -2970,24 +2977,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2344 +#: sssd.conf.5.xml:2347 msgid "check_upn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2346 +#: sssd.conf.5.xml:2349 msgid "" "If the PAC is present check if the user principal name (UPN) information is " "consistent." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2352 +#: sssd.conf.5.xml:2355 msgid "check_upn_allow_missing" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2357 msgid "" "This option should be used together with 'check_upn' and handles the case " "where a UPN is set on the server-side but is not read by SSSD. The typical " @@ -2999,7 +3006,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2366 +#: sssd.conf.5.xml:2369 msgid "" "Currently this option is set by default to avoid regressions in such " "environments. A log message will be added to the system log and SSSD's debug " @@ -3010,41 +3017,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2380 +#: sssd.conf.5.xml:2383 msgid "upn_dns_info_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2382 +#: sssd.conf.5.xml:2385 msgid "The PAC must contain the UPN-DNS-INFO buffer, implies 'check_upn'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2387 +#: sssd.conf.5.xml:2390 msgid "check_upn_dns_info_ex" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2389 +#: sssd.conf.5.xml:2392 msgid "" "If the PAC is present and the extension to the UPN-DNS-INFO buffer is " "available check if the information in the extension is consistent." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2396 +#: sssd.conf.5.xml:2399 msgid "upn_dns_info_ex_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2401 msgid "" "The PAC must contain the extension of the UPN-DNS-INFO buffer, implies " "'check_upn_dns_info_ex', 'upn_dns_info_present' and 'check_upn'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2325 #, fuzzy #| msgid "" #| "The following expansions are supported: <placeholder " @@ -3057,19 +3064,19 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2408 +#: sssd.conf.5.xml:2411 msgid "" "Default: no_check (AD and IPA provider 'check_upn, check_upn_allow_missing, " "check_upn_dns_info_ex')" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2417 +#: sssd.conf.5.xml:2420 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2419 +#: sssd.conf.5.xml:2422 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -3079,66 +3086,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2432 +#: sssd.conf.5.xml:2435 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2436 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:2439 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2443 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:2446 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2446 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:2449 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2451 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:2454 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2454 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:2457 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2463 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:2466 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2466 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:2469 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2439 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:2442 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:2476 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2478 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:2481 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2481 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:2484 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -3149,17 +3156,17 @@ msgstr "" "の可能性がある場合には、その後になります。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2487 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:2490 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2492 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:2495 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2495 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:2498 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -3170,7 +3177,7 @@ msgstr "" "文字の変更などの可能性がある場合には、その後になります。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2501 sssd.conf.5.xml:2533 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:2504 sssd.conf.5.xml:2536 sssd-session-recording.5.xml:129 #: sssd-session-recording.5.xml:161 msgid "" "NOTE: using this option (having it set to anything) has a considerable " @@ -3179,65 +3186,65 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2508 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:2511 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2513 sssd-session-recording.5.xml:141 +#: sssd.conf.5.xml:2516 sssd-session-recording.5.xml:141 #, fuzzy #| msgid "simple_deny_users (string)" msgid "exclude_users (string)" msgstr "simple_deny_users (文字列)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2516 sssd-session-recording.5.xml:144 +#: sssd.conf.5.xml:2519 sssd-session-recording.5.xml:144 msgid "" "A comma-separated list of users to be excluded from recording, only " "applicable with 'scope=all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2520 sssd-session-recording.5.xml:148 +#: sssd.conf.5.xml:2523 sssd-session-recording.5.xml:148 #, fuzzy #| msgid "Default: empty, i.e. ldap_uri is used." msgid "Default: Empty. No users excluded." msgstr "初期値: 空、つまり ldap_uri が使用されます。" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2525 sssd-session-recording.5.xml:153 +#: sssd.conf.5.xml:2528 sssd-session-recording.5.xml:153 #, fuzzy #| msgid "simple_deny_groups (string)" msgid "exclude_groups (string)" msgstr "simple_deny_groups (文字列)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2528 sssd-session-recording.5.xml:156 +#: sssd.conf.5.xml:2531 sssd-session-recording.5.xml:156 msgid "" "A comma-separated list of groups, members of which should be excluded from " "recording. Only applicable with 'scope=all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2540 sssd-session-recording.5.xml:168 +#: sssd.conf.5.xml:2543 sssd-session-recording.5.xml:168 #, fuzzy #| msgid "Default: empty, i.e. ldap_uri is used." msgid "Default: Empty. No groups excluded." msgstr "初期値: 空、つまり ldap_uri が使用されます。" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:2550 +#: sssd.conf.5.xml:2553 msgid "DOMAIN SECTIONS" msgstr "ドメインセクション" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para> -#: sssd.conf.5.xml:2557 sssd.conf.5.xml:4041 sssd.conf.5.xml:4042 -#: sssd.conf.5.xml:4045 +#: sssd.conf.5.xml:2560 sssd.conf.5.xml:4044 sssd.conf.5.xml:4045 +#: sssd.conf.5.xml:4048 msgid "enabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2560 +#: sssd.conf.5.xml:2563 msgid "" "Explicitly enable or disable the domain. If <quote>true</quote>, the domain " "is always <quote>enabled</quote>. If <quote>false</quote>, the domain is " @@ -3247,12 +3254,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2572 +#: sssd.conf.5.xml:2575 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2578 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -3261,14 +3268,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2583 +#: sssd.conf.5.xml:2586 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2587 +#: sssd.conf.5.xml:2590 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -3277,31 +3284,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2595 +#: sssd.conf.5.xml:2598 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2602 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2603 +#: sssd.conf.5.xml:2606 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2609 +#: sssd.conf.5.xml:2612 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2615 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -3310,7 +3317,7 @@ msgstr "" "トリーを含む場合、それは無視されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2617 +#: sssd.conf.5.xml:2620 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -3322,24 +3329,24 @@ msgstr "" "バーに対して、範囲内にあるものは予期されたものとして報告されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2627 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2631 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "初期値: min_id は 1, max_id は 0 (無制限)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2637 msgid "enumerate (bool)" msgstr "enumerate (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2637 +#: sssd.conf.5.xml:2640 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -3348,36 +3355,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:2648 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = ユーザーとグループが列挙されます" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:2651 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = このドメインに対して列挙しません" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2651 sssd.conf.5.xml:2942 sssd.conf.5.xml:3119 +#: sssd.conf.5.xml:2654 sssd.conf.5.xml:2945 sssd.conf.5.xml:3122 msgid "Default: FALSE" msgstr "初期値: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2654 +#: sssd.conf.5.xml:2657 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2659 +#: sssd.conf.5.xml:2662 msgid "" "Feature is only supported for domains with id_provider = ldap or id_provider " "= proxy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2663 +#: sssd.conf.5.xml:2666 msgid "" "Note: Enabling enumeration has a severe performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -3391,7 +3398,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2678 +#: sssd.conf.5.xml:2681 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -3400,7 +3407,7 @@ msgstr "" "れが完了するまで結果を返しません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2683 +#: sssd.conf.5.xml:2686 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -3413,14 +3420,14 @@ msgstr "" "てください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2694 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2696 +#: sssd.conf.5.xml:2699 msgid "" "Note: the proxy provider is tested with open source modules like " "'libnss_files' and 'libnss_ldap'. 3rd party modules must follow the " @@ -3428,32 +3435,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2705 +#: sssd.conf.5.xml:2708 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2712 +#: sssd.conf.5.xml:2715 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2716 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2716 +#: sssd.conf.5.xml:2719 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2717 +#: sssd.conf.5.xml:2720 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2708 +#: sssd.conf.5.xml:2711 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -3462,12 +3469,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2731 +#: sssd.conf.5.xml:2734 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2734 +#: sssd.conf.5.xml:2737 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -3476,7 +3483,7 @@ msgstr "" "数です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2738 +#: sssd.conf.5.xml:2741 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -3487,17 +3494,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2751 +#: sssd.conf.5.xml:2754 msgid "Default: 5400" msgstr "初期値: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2757 +#: sssd.conf.5.xml:2760 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2760 +#: sssd.conf.5.xml:2763 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" @@ -3506,19 +3513,19 @@ msgstr "" "考える秒数です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2764 sssd.conf.5.xml:2777 sssd.conf.5.xml:2790 -#: sssd.conf.5.xml:2803 sssd.conf.5.xml:2817 sssd.conf.5.xml:2830 -#: sssd.conf.5.xml:2844 sssd.conf.5.xml:2858 sssd.conf.5.xml:2871 +#: sssd.conf.5.xml:2767 sssd.conf.5.xml:2780 sssd.conf.5.xml:2793 +#: sssd.conf.5.xml:2806 sssd.conf.5.xml:2820 sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2847 sssd.conf.5.xml:2861 sssd.conf.5.xml:2874 msgid "Default: entry_cache_timeout" msgstr "初期値: entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2773 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2776 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" @@ -3527,12 +3534,12 @@ msgstr "" "考える秒数です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2783 +#: sssd.conf.5.xml:2786 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2786 +#: sssd.conf.5.xml:2789 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" @@ -3541,12 +3548,12 @@ msgstr "" "有効であると考える秒数です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2796 +#: sssd.conf.5.xml:2799 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2799 +#: sssd.conf.5.xml:2802 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" @@ -3555,48 +3562,48 @@ msgstr "" "考える秒数です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2812 msgid "entry_cache_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2812 +#: sssd.conf.5.xml:2815 msgid "" "How many seconds should nss_sss consider hosts and networks entries valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:2826 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2826 +#: sssd.conf.5.xml:2829 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2836 +#: sssd.conf.5.xml:2839 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2839 +#: sssd.conf.5.xml:2842 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2850 +#: sssd.conf.5.xml:2853 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2853 +#: sssd.conf.5.xml:2856 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." @@ -3605,31 +3612,31 @@ msgstr "" "秒キャッシュするか。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2867 msgid "entry_cache_computer_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2867 +#: sssd.conf.5.xml:2870 msgid "" "How many seconds to keep the local computer entry before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2877 +#: sssd.conf.5.xml:2880 msgid "refresh_expired_interval (integer)" msgstr "refresh_expired_interval (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2880 +#: sssd.conf.5.xml:2883 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2885 +#: sssd.conf.5.xml:2888 msgid "" "The background refresh will process users, groups and netgroups in the " "cache. For users who have performed the initgroups (get group membership for " @@ -3638,17 +3645,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2893 +#: sssd.conf.5.xml:2896 msgid "This option is automatically inherited for all trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2897 +#: sssd.conf.5.xml:2900 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2901 +#: sssd.conf.5.xml:2904 msgid "" "Cache entry will be refreshed by background task when 2/3 of cache timeout " "has already passed. If there are existing cached entries, the background " @@ -3660,18 +3667,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2914 sssd-ldap.5.xml:361 sssd-ldap.5.xml:1774 +#: sssd.conf.5.xml:2917 sssd-ldap.5.xml:372 sssd-ldap.5.xml:1785 #: sssd-ipa.5.xml:270 msgid "Default: 0 (disabled)" msgstr "初期値: 0 (無効)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2920 +#: sssd.conf.5.xml:2923 msgid "cache_credentials (bool)" msgstr "cache_credentials (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:2926 msgid "" "Determines if user credentials are also cached in the local LDB cache. The " "cached credentials refer to passwords, which includes the first (long term) " @@ -3682,7 +3689,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2934 +#: sssd.conf.5.xml:2937 msgid "" "Take a note that while credentials are stored as a salted SHA512 hash, this " "still potentially poses some security risk in case an attacker manages to " @@ -3691,12 +3698,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:2951 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2951 +#: sssd.conf.5.xml:2954 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -3707,19 +3714,19 @@ msgstr "" "に保存する必要がある最小の長さを決定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2958 +#: sssd.conf.5.xml:2961 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:2972 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:2975 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -3731,17 +3738,17 @@ msgstr "" "offline_credentials_expiration と同等以上でなければいけません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2979 +#: sssd.conf.5.xml:2982 msgid "Default: 0 (unlimited)" msgstr "初期値: 0 (無制限)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:2987 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2995 +#: sssd.conf.5.xml:2998 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -3750,17 +3757,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3002 +#: sssd.conf.5.xml:3005 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "初期値: 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3008 +#: sssd.conf.5.xml:3011 msgid "id_provider (string)" msgstr "id_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3011 +#: sssd.conf.5.xml:3014 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" @@ -3768,12 +3775,12 @@ msgstr "" "ダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3015 +#: sssd.conf.5.xml:3018 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3018 +#: sssd.conf.5.xml:3021 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3781,7 +3788,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3026 +#: sssd.conf.5.xml:3029 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3792,8 +3799,8 @@ msgstr "" "manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3034 sssd.conf.5.xml:3145 sssd.conf.5.xml:3196 -#: sssd.conf.5.xml:3259 +#: sssd.conf.5.xml:3037 sssd.conf.5.xml:3148 sssd.conf.5.xml:3199 +#: sssd.conf.5.xml:3262 #, fuzzy #| msgid "" #| "<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " @@ -3811,8 +3818,8 @@ msgstr "" "い。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3043 sssd.conf.5.xml:3154 sssd.conf.5.xml:3205 -#: sssd.conf.5.xml:3268 +#: sssd.conf.5.xml:3046 sssd.conf.5.xml:3157 sssd.conf.5.xml:3208 +#: sssd.conf.5.xml:3271 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3823,12 +3830,12 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3054 +#: sssd.conf.5.xml:3057 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3057 +#: sssd.conf.5.xml:3060 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." @@ -3837,7 +3844,7 @@ msgstr "" "名形式により整形されたように) を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3062 +#: sssd.conf.5.xml:3065 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -3850,7 +3857,7 @@ msgstr "" "んが、<command>getent passwd test@LOCAL</command> は見つけられます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3070 +#: sssd.conf.5.xml:3073 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -3858,24 +3865,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3077 +#: sssd.conf.5.xml:3080 msgid "" "Default: FALSE (TRUE for trusted domain/sub-domains or if " "default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3084 +#: sssd.conf.5.xml:3087 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3087 +#: sssd.conf.5.xml:3090 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3090 +#: sssd.conf.5.xml:3093 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -3887,7 +3894,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3111 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -3895,23 +3902,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3114 sssd.conf.5.xml:3835 sssd-ldap.5.xml:327 -#: sssd-ldap.5.xml:356 sssd-ldap.5.xml:409 sssd-ldap.5.xml:469 -#: sssd-ldap.5.xml:490 sssd-ldap.5.xml:521 sssd-ldap.5.xml:544 -#: sssd-ldap.5.xml:583 sssd-ldap.5.xml:602 sssd-ldap.5.xml:626 -#: sssd-ldap.5.xml:1054 sssd-ldap.5.xml:1087 +#: sssd.conf.5.xml:3117 sssd.conf.5.xml:3838 sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:367 sssd-ldap.5.xml:420 sssd-ldap.5.xml:480 +#: sssd-ldap.5.xml:501 sssd-ldap.5.xml:532 sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:594 sssd-ldap.5.xml:613 sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:1065 sssd-ldap.5.xml:1098 msgid "" "This option can be also set per subdomain or inherited via " "<emphasis>subdomain_inherit</emphasis>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3124 +#: sssd.conf.5.xml:3127 msgid "auth_provider (string)" msgstr "auth_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3127 +#: sssd.conf.5.xml:3130 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -3920,7 +3927,7 @@ msgstr "" "ダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3131 sssd.conf.5.xml:3189 +#: sssd.conf.5.xml:3134 sssd.conf.5.xml:3192 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3931,7 +3938,7 @@ msgstr "" "manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3138 +#: sssd.conf.5.xml:3141 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3942,19 +3949,19 @@ msgstr "" "manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3162 +#: sssd.conf.5.xml:3165 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" "<quote>proxy</quote> はいくつかの他の PAM ターゲットに認証を中継します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3168 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> は明示的に認証を無効化します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3168 +#: sssd.conf.5.xml:3171 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -3963,12 +3970,12 @@ msgstr "" "ならば、それが使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3174 +#: sssd.conf.5.xml:3177 msgid "access_provider (string)" msgstr "access_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3177 +#: sssd.conf.5.xml:3180 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3979,7 +3986,7 @@ msgstr "" "えます)。内部の特別プロバイダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3183 +#: sssd.conf.5.xml:3186 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." @@ -3988,12 +3995,12 @@ msgstr "" "ロバイダーのみアクセスが許可されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3186 +#: sssd.conf.5.xml:3189 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> は常にアクセスを拒否します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3213 +#: sssd.conf.5.xml:3216 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -4006,7 +4013,7 @@ msgstr "" "citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3223 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -4014,22 +4021,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3227 +#: sssd.conf.5.xml:3230 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3230 +#: sssd.conf.5.xml:3233 msgid "Default: <quote>permit</quote>" msgstr "初期値: <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3235 +#: sssd.conf.5.xml:3238 msgid "chpass_provider (string)" msgstr "chpass_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3238 +#: sssd.conf.5.xml:3241 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -4038,7 +4045,7 @@ msgstr "" "パスワード変更プロバイダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3243 +#: sssd.conf.5.xml:3246 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -4046,7 +4053,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3251 +#: sssd.conf.5.xml:3254 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4057,7 +4064,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3276 +#: sssd.conf.5.xml:3279 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" @@ -4065,12 +4072,12 @@ msgstr "" "します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3280 +#: sssd.conf.5.xml:3283 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "<quote>none</quote> は明示的にパスワードの変更を無効化します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3283 +#: sssd.conf.5.xml:3286 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -4079,19 +4086,19 @@ msgstr "" "うことができるならば、それが使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3290 +#: sssd.conf.5.xml:3293 msgid "sudo_provider (string)" msgstr "sudo_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3293 +#: sssd.conf.5.xml:3296 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" "ドメインに使用される SUDO プロバイダーです。サポートされる SUDO プロバイダー" "は次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3297 +#: sssd.conf.5.xml:3300 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4102,33 +4109,33 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry> を参照します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3305 +#: sssd.conf.5.xml:3308 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3309 +#: sssd.conf.5.xml:3312 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3313 +#: sssd.conf.5.xml:3316 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "<quote>none</quote> は SUDO を明示的に無効化します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3316 sssd.conf.5.xml:3402 sssd.conf.5.xml:3467 -#: sssd.conf.5.xml:3492 sssd.conf.5.xml:3528 +#: sssd.conf.5.xml:3319 sssd.conf.5.xml:3405 sssd.conf.5.xml:3470 +#: sssd.conf.5.xml:3495 sssd.conf.5.xml:3531 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" "初期値: <quote>id_provider</quote> の値が設定されていると使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3320 +#: sssd.conf.5.xml:3323 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -4139,7 +4146,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3335 +#: sssd.conf.5.xml:3338 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -4148,12 +4155,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3345 +#: sssd.conf.5.xml:3348 msgid "selinux_provider (string)" msgstr "selinux_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3348 +#: sssd.conf.5.xml:3351 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -4161,7 +4168,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3354 +#: sssd.conf.5.xml:3357 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -4169,31 +4176,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3362 +#: sssd.conf.5.xml:3365 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3365 +#: sssd.conf.5.xml:3368 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3371 +#: sssd.conf.5.xml:3374 msgid "subdomains_provider (string)" msgstr "subdomains_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3374 +#: sssd.conf.5.xml:3377 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3380 +#: sssd.conf.5.xml:3383 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -4201,7 +4208,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3389 +#: sssd.conf.5.xml:3392 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -4210,17 +4217,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3398 +#: sssd.conf.5.xml:3401 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "<quote>none</quote> はサブドメインの取り出しを明示的に無効化します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3408 +#: sssd.conf.5.xml:3411 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3411 +#: sssd.conf.5.xml:3414 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -4228,30 +4235,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3418 +#: sssd.conf.5.xml:3421 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3422 +#: sssd.conf.5.xml:3425 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3426 +#: sssd.conf.5.xml:3429 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3433 +#: sssd.conf.5.xml:3436 msgid "autofs_provider (string)" msgstr "autofs_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3436 +#: sssd.conf.5.xml:3439 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" @@ -4259,7 +4266,7 @@ msgstr "" "プロバイダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3440 +#: sssd.conf.5.xml:3443 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4270,7 +4277,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3447 +#: sssd.conf.5.xml:3450 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4281,7 +4288,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3455 +#: sssd.conf.5.xml:3458 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4289,17 +4296,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3464 +#: sssd.conf.5.xml:3467 msgid "<quote>none</quote> disables autofs explicitly." msgstr "<quote>none</quote> は明示的に autofs を無効にします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3474 +#: sssd.conf.5.xml:3477 msgid "hostid_provider (string)" msgstr "hostid_provider (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3477 +#: sssd.conf.5.xml:3480 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" @@ -4308,7 +4315,7 @@ msgstr "" "hostid プロバイダーは次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3481 +#: sssd.conf.5.xml:3484 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -4319,31 +4326,31 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> を参照してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3492 msgid "<quote>none</quote> disables hostid explicitly." msgstr "<quote>none</quote> は明示的に hostid を無効にします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3499 +#: sssd.conf.5.xml:3502 msgid "resolver_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3502 +#: sssd.conf.5.xml:3505 msgid "" "The provider which should handle hosts and networks lookups. Supported " "resolver providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3506 +#: sssd.conf.5.xml:3509 msgid "" "<quote>proxy</quote> to forward lookups to another NSS library. See " "<quote>proxy_resolver_lib_name</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3510 +#: sssd.conf.5.xml:3513 msgid "" "<quote>ldap</quote> to fetch hosts and networks stored in LDAP. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -4351,7 +4358,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3517 +#: sssd.conf.5.xml:3520 msgid "" "<quote>ad</quote> to fetch hosts and networks stored in AD. See " "<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" @@ -4360,12 +4367,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3525 +#: sssd.conf.5.xml:3528 msgid "<quote>none</quote> disallows fetching hosts and networks explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3538 +#: sssd.conf.5.xml:3541 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -4375,24 +4382,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3547 +#: sssd.conf.5.xml:3550 msgid "" "Default: <quote>^((?P<name>.+)@(?P<domain>[^@]*)|(?P<name>" "[^@]+))$</quote> which allows two different styles for user names:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3552 sssd.conf.5.xml:3566 +#: sssd.conf.5.xml:3555 sssd.conf.5.xml:3569 msgid "username" msgstr "username" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3555 sssd.conf.5.xml:3569 +#: sssd.conf.5.xml:3558 sssd.conf.5.xml:3572 msgid "username@domain.name" msgstr "username@domain.name" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3560 +#: sssd.conf.5.xml:3563 msgid "" "Default for the AD and IPA provider: <quote>^(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+))|((?P<name>.+)@(?P<domain>[^@]+))|((?P<" @@ -4401,19 +4408,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3572 +#: sssd.conf.5.xml:3575 msgid "domain\\username" msgstr "domain\\username" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3575 +#: sssd.conf.5.xml:3578 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3580 +#: sssd.conf.5.xml:3583 msgid "" "The default re_expression uses the <quote>@</quote> character as a separator " "between the name and the domain. As a result of this setting the default " @@ -4423,17 +4430,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3632 +#: sssd.conf.5.xml:3635 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "初期値: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3638 +#: sssd.conf.5.xml:3641 msgid "lookup_family_order (string)" msgstr "lookup_family_order (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3641 +#: sssd.conf.5.xml:3644 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -4442,80 +4449,80 @@ msgstr "" "します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3645 +#: sssd.conf.5.xml:3648 msgid "Supported values:" msgstr "サポートする値:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3648 +#: sssd.conf.5.xml:3651 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" "ipv4_first: IPv4 アドレスの検索を試行します。失敗すると IPv6 を試行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3651 +#: sssd.conf.5.xml:3654 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" "ipv4_only: ホスト名を IPv4 アドレスに名前解決することのみを試行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3654 +#: sssd.conf.5.xml:3657 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" "ipv6_first: IPv6 アドレスの検索を試行します。失敗すると IPv4 を試行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3657 +#: sssd.conf.5.xml:3660 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" "ipv6_only: ホスト名を IPv6 アドレスに名前解決することのみを試行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3660 +#: sssd.conf.5.xml:3663 msgid "Default: ipv4_first" msgstr "初期値: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3666 +#: sssd.conf.5.xml:3669 #, fuzzy #| msgid "dns_resolver_timeout (integer)" msgid "dns_resolver_server_timeout (integer)" msgstr "dns_resolver_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3669 +#: sssd.conf.5.xml:3672 msgid "" "Defines the amount of time (in milliseconds) SSSD would try to talk to DNS " "server before trying next DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3674 +#: sssd.conf.5.xml:3677 msgid "" "The AD provider will use this option for the CLDAP ping timeouts as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3678 sssd.conf.5.xml:3698 sssd.conf.5.xml:3719 +#: sssd.conf.5.xml:3681 sssd.conf.5.xml:3701 sssd.conf.5.xml:3722 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3683 sssd-ldap.5.xml:645 include/failover.xml:84 +#: sssd.conf.5.xml:3686 sssd-ldap.5.xml:656 include/failover.xml:84 msgid "Default: 1000" msgstr "初期値: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3689 +#: sssd.conf.5.xml:3692 #, fuzzy #| msgid "dns_resolver_timeout (integer)" msgid "dns_resolver_op_timeout (integer)" msgstr "dns_resolver_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3692 +#: sssd.conf.5.xml:3695 msgid "" "Defines the amount of time (in seconds) to wait to resolve single DNS query " "(e.g. resolution of a hostname or an SRV record) before trying the next " @@ -4523,17 +4530,17 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3703 include/failover.xml:100 +#: sssd.conf.5.xml:3706 include/failover.xml:100 msgid "Default: 3" msgstr "初期値: 3" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3709 +#: sssd.conf.5.xml:3712 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3712 +#: sssd.conf.5.xml:3715 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -4542,14 +4549,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3730 +#: sssd.conf.5.xml:3733 #, fuzzy #| msgid "dns_resolver_timeout (integer)" msgid "dns_resolver_use_search_list (bool)" msgstr "dns_resolver_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3733 +#: sssd.conf.5.xml:3736 msgid "" "Normally, the DNS resolver searches the domain list defined in the " "\"search\" directive from the resolv.conf file. This can lead to delays in " @@ -4557,7 +4564,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3739 +#: sssd.conf.5.xml:3742 msgid "" "If fully qualified domain names (or _srv_) are used in the SSSD " "configuration, setting this option to FALSE can prevent unnecessary DNS " @@ -4565,17 +4572,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3745 +#: sssd.conf.5.xml:3748 msgid "Default: TRUE" msgstr "初期値: TRUE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3751 +#: sssd.conf.5.xml:3754 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3754 +#: sssd.conf.5.xml:3757 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -4584,19 +4591,19 @@ msgstr "" "イン部分を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3758 +#: sssd.conf.5.xml:3761 msgid "Default: Use the domain part of machine's hostname" msgstr "初期値: マシンのホスト名のドメイン部分を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3764 +#: sssd.conf.5.xml:3767 #, fuzzy #| msgid "pam_id_timeout (integer)" msgid "failover_primary_timeout (integer)" msgstr "pam_id_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3767 +#: sssd.conf.5.xml:3770 msgid "" "When no primary server is available, SSSD fails over to a backup server. " "This option defines the number of seconds SSSD waits before attempting to " @@ -4604,59 +4611,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3774 +#: sssd.conf.5.xml:3777 msgid "Note: The minimum value is 31." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3777 +#: sssd.conf.5.xml:3780 #, fuzzy #| msgid "Default: 3" msgid "Default: 31" msgstr "初期値: 3" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3783 +#: sssd.conf.5.xml:3786 msgid "override_gid (integer)" msgstr "override_gid (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3786 +#: sssd.conf.5.xml:3789 msgid "Override the primary GID value with the one specified." msgstr "プライマリー GID の値を指定されたもので上書きします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3792 +#: sssd.conf.5.xml:3795 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3799 +#: sssd.conf.5.xml:3802 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3802 +#: sssd.conf.5.xml:3805 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3808 +#: sssd.conf.5.xml:3811 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3810 +#: sssd.conf.5.xml:3813 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3814 +#: sssd.conf.5.xml:3817 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3817 +#: sssd.conf.5.xml:3820 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -4664,14 +4671,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3825 +#: sssd.conf.5.xml:3828 msgid "" "If you want to set this value for trusted domain with IPA provider, you need " "to set it on both the client and SSSD on the server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3795 +#: sssd.conf.5.xml:3798 #, fuzzy #| msgid "" #| "The following expansions are supported: <placeholder " @@ -4684,17 +4691,17 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3840 +#: sssd.conf.5.xml:3843 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3846 +#: sssd.conf.5.xml:3849 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3849 +#: sssd.conf.5.xml:3852 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -4702,128 +4709,128 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3855 +#: sssd.conf.5.xml:3858 #, fuzzy #| msgid "ldap_search_timeout (integer)" msgid "ldap_search_timeout" msgstr "ldap_search_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3858 +#: sssd.conf.5.xml:3861 #, fuzzy #| msgid "ldap_network_timeout (integer)" msgid "ldap_network_timeout" msgstr "ldap_network_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3861 +#: sssd.conf.5.xml:3864 #, fuzzy #| msgid "ldap_opt_timeout (integer)" msgid "ldap_opt_timeout" msgstr "ldap_opt_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3864 +#: sssd.conf.5.xml:3867 #, fuzzy #| msgid "ldap_connection_expire_timeout (integer)" msgid "ldap_offline_timeout" msgstr "ldap_connection_expire_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3867 +#: sssd.conf.5.xml:3870 #, fuzzy #| msgid "ldap_enumeration_refresh_timeout (integer)" msgid "ldap_enumeration_refresh_timeout" msgstr "ldap_enumeration_refresh_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3870 +#: sssd.conf.5.xml:3873 #, fuzzy #| msgid "ldap_enumeration_refresh_timeout (integer)" msgid "ldap_enumeration_refresh_offset" msgstr "ldap_enumeration_refresh_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3873 +#: sssd.conf.5.xml:3876 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3876 +#: sssd.conf.5.xml:3879 #, fuzzy #| msgid "ldap_purge_cache_timeout (integer)" msgid "ldap_purge_cache_offset" msgstr "ldap_purge_cache_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3879 +#: sssd.conf.5.xml:3882 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3883 +#: sssd.conf.5.xml:3886 #, fuzzy #| msgid "ldap_krb5_ticket_lifetime (integer)" msgid "ldap_krb5_ticket_lifetime" msgstr "ldap_krb5_ticket_lifetime (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3886 +#: sssd.conf.5.xml:3889 #, fuzzy #| msgid "ldap_enumeration_search_timeout (integer)" msgid "ldap_enumeration_search_timeout" msgstr "ldap_enumeration_search_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3889 +#: sssd.conf.5.xml:3892 #, fuzzy #| msgid "ldap_connection_expire_timeout (integer)" msgid "ldap_connection_expire_timeout" msgstr "ldap_connection_expire_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3892 +#: sssd.conf.5.xml:3895 #, fuzzy #| msgid "ldap_connection_expire_timeout (integer)" msgid "ldap_connection_expire_offset" msgstr "ldap_connection_expire_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3895 +#: sssd.conf.5.xml:3898 #, fuzzy #| msgid "ldap_connection_expire_timeout (integer)" msgid "ldap_connection_idle_timeout" msgstr "ldap_connection_expire_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3898 sssd-ldap.5.xml:401 +#: sssd.conf.5.xml:3901 sssd-ldap.5.xml:412 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3901 +#: sssd.conf.5.xml:3904 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3904 +#: sssd.conf.5.xml:3907 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3907 +#: sssd.conf.5.xml:3910 msgid "auto_private_groups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3910 +#: sssd.conf.5.xml:3913 msgid "case_sensitive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3915 +#: sssd.conf.5.xml:3918 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -4831,27 +4838,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3922 +#: sssd.conf.5.xml:3925 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3929 +#: sssd.conf.5.xml:3932 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3940 +#: sssd.conf.5.xml:3943 msgid "%F" msgstr "%F" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3941 +#: sssd.conf.5.xml:3944 msgid "flat (NetBIOS) name of a subdomain." msgstr "サブドメインのフラット (NetBIOS) 名。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3932 +#: sssd.conf.5.xml:3935 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -4861,35 +4868,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3946 +#: sssd.conf.5.xml:3949 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" "値は <emphasis>override_homedir</emphasis> オプションにより上書きできます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3950 +#: sssd.conf.5.xml:3953 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "初期値: <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3955 +#: sssd.conf.5.xml:3958 msgid "realmd_tags (string)" msgstr "realmd_tags (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3958 +#: sssd.conf.5.xml:3961 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "このドメインのための realmd 設定サービスによって格納された様々なタグ。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3964 +#: sssd.conf.5.xml:3967 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3967 +#: sssd.conf.5.xml:3970 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -4898,19 +4905,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3975 +#: sssd.conf.5.xml:3978 msgid "" "This option's value is inherited by all trusted domains. At the moment it is " "not possible to set a different value per trusted domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3980 +#: sssd.conf.5.xml:3983 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3984 +#: sssd.conf.5.xml:3987 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -4918,14 +4925,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3995 +#: sssd.conf.5.xml:3998 #, fuzzy #| msgid "ldap_pwd_policy (string)" msgid "local_auth_policy (string)" msgstr "ldap_pwd_policy (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3998 +#: sssd.conf.5.xml:4001 msgid "" "Local authentication methods policy. Some backends (i.e. LDAP, proxy " "provider) only support a password based authentication, while others can " @@ -4937,7 +4944,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4010 +#: sssd.conf.5.xml:4013 msgid "" "There are three possible values for this option: match, only, enable. " "<quote>match</quote> is used to match offline and online states for Kerberos " @@ -4949,7 +4956,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4023 +#: sssd.conf.5.xml:4026 msgid "" "The following table shows which authentication methods, if configured " "properly, are currently enabled or disabled for each backend, with the " @@ -4957,44 +4964,44 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4036 +#: sssd.conf.5.xml:4039 #, fuzzy #| msgid "ldap_pwd_policy (string)" msgid "local_auth_policy = match (default)" msgstr "ldap_pwd_policy (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4037 +#: sssd.conf.5.xml:4040 msgid "Passkey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4038 +#: sssd.conf.5.xml:4041 msgid "Smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4041 sssd-ldap.5.xml:189 +#: sssd.conf.5.xml:4044 sssd-ldap.5.xml:189 msgid "IPA" msgstr "IPA" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4044 sssd-ldap.5.xml:194 +#: sssd.conf.5.xml:4047 sssd-ldap.5.xml:194 msgid "AD" msgstr "AD" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para> -#: sssd.conf.5.xml:4044 sssd.conf.5.xml:4047 sssd.conf.5.xml:4048 +#: sssd.conf.5.xml:4047 sssd.conf.5.xml:4050 sssd.conf.5.xml:4051 msgid "disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry> -#: sssd.conf.5.xml:4047 +#: sssd.conf.5.xml:4050 msgid "LDAP" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4052 +#: sssd.conf.5.xml:4055 msgid "" "Please note that if local Smartcard authentication is enabled and a " "Smartcard is present, Smartcard authentication will be preferred over the " @@ -5003,7 +5010,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4064 +#: sssd.conf.5.xml:4067 #, no-wrap msgid "" "[domain/shadowutils]\n" @@ -5014,7 +5021,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4060 +#: sssd.conf.5.xml:4063 msgid "" "The following configuration example allows local users to authenticate " "locally using any enabled method (i.e. smartcard, passkey). <placeholder " @@ -5022,38 +5029,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4072 +#: sssd.conf.5.xml:4075 msgid "" "It is expected that the <quote>files</quote> provider ignores the " "local_auth_policy option and supports Smartcard authentication by default." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4077 +#: sssd.conf.5.xml:4080 #, fuzzy #| msgid "Default: cn" msgid "Default: match" msgstr "初期値: cn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4082 +#: sssd.conf.5.xml:4085 msgid "auto_private_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4088 +#: sssd.conf.5.xml:4091 msgid "true" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4091 +#: sssd.conf.5.xml:4094 msgid "" "Create user's private group unconditionally from user's UID number. The GID " "number is ignored in this case." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4095 +#: sssd.conf.5.xml:4098 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -5062,24 +5069,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4104 +#: sssd.conf.5.xml:4107 msgid "false" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4107 +#: sssd.conf.5.xml:4110 msgid "" "Always use the user's primary GID number. The GID number must refer to a " "group object in the LDAP database." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4113 +#: sssd.conf.5.xml:4116 msgid "hybrid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4116 +#: sssd.conf.5.xml:4119 msgid "" "A primary group is autogenerated for user entries whose UID and GID numbers " "have the same value and at the same time the GID number does not correspond " @@ -5089,14 +5096,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4129 +#: sssd.conf.5.xml:4132 msgid "" "If the UID and GID of a user are different, then the GID must correspond to " "a group entry, otherwise the GID is simply not resolvable." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4136 +#: sssd.conf.5.xml:4139 msgid "" "This feature is useful for environments that wish to stop maintaining a " "separate group objects for the user private groups, but also wish to retain " @@ -5104,21 +5111,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4085 +#: sssd.conf.5.xml:4088 msgid "" "This option takes any of three available values: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4148 +#: sssd.conf.5.xml:4151 msgid "" "For subdomains, the default value is False for subdomains that use assigned " "POSIX IDs and True for subdomains that use automatic ID-mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4156 +#: sssd.conf.5.xml:4159 #, no-wrap msgid "" "[domain/forest.domain/sub.domain]\n" @@ -5126,7 +5133,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4162 +#: sssd.conf.5.xml:4165 #, no-wrap msgid "" "[domain/forest.domain]\n" @@ -5135,7 +5142,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4153 +#: sssd.conf.5.xml:4156 msgid "" "The value of auto_private_groups can either be set per subdomains in a " "subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " @@ -5144,7 +5151,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2552 +#: sssd.conf.5.xml:2555 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -5155,17 +5162,17 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4177 +#: sssd.conf.5.xml:4180 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4180 +#: sssd.conf.5.xml:4183 msgid "The proxy target PAM proxies to." msgstr "中継するプロキシターゲット PAM です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4183 +#: sssd.conf.5.xml:4186 #, fuzzy #| msgid "" #| "Default: not set by default, you have to take an existing pam " @@ -5179,12 +5186,12 @@ msgstr "" "をここに追加する必要があります。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4193 +#: sssd.conf.5.xml:4196 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4196 +#: sssd.conf.5.xml:4199 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -5195,12 +5202,12 @@ msgstr "" "_nss_files_getpwent です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4206 +#: sssd.conf.5.xml:4209 msgid "proxy_resolver_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4209 +#: sssd.conf.5.xml:4212 msgid "" "The name of the NSS library to use for hosts and networks lookups in proxy " "domains. The NSS functions searched for in the library are in the form of " @@ -5208,12 +5215,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4220 +#: sssd.conf.5.xml:4223 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4223 +#: sssd.conf.5.xml:4226 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -5222,12 +5229,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4237 +#: sssd.conf.5.xml:4240 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4240 +#: sssd.conf.5.xml:4243 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -5235,7 +5242,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4173 +#: sssd.conf.5.xml:4176 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -5244,12 +5251,12 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:4256 +#: sssd.conf.5.xml:4259 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4258 +#: sssd.conf.5.xml:4261 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -5266,7 +5273,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4278 +#: sssd.conf.5.xml:4281 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -5274,17 +5281,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:4284 +#: sssd.conf.5.xml:4287 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4286 +#: sssd.conf.5.xml:4289 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4289 +#: sssd.conf.5.xml:4292 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -5293,7 +5300,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4303 +#: sssd.conf.5.xml:4306 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -5303,7 +5310,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:4311 +#: sssd.conf.5.xml:4314 #, no-wrap msgid "" "[sssd]\n" @@ -5323,12 +5330,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4331 +#: sssd.conf.5.xml:4334 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4333 +#: sssd.conf.5.xml:4336 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -5339,69 +5346,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4340 +#: sssd.conf.5.xml:4343 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4341 +#: sssd.conf.5.xml:4344 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4342 +#: sssd.conf.5.xml:4345 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4343 +#: sssd.conf.5.xml:4346 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4344 +#: sssd.conf.5.xml:4347 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4345 +#: sssd.conf.5.xml:4348 msgid "ldap_sasl_mech," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4346 +#: sssd.conf.5.xml:4349 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4347 +#: sssd.conf.5.xml:4350 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4348 +#: sssd.conf.5.xml:4351 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4349 sssd-ipa.5.xml:884 +#: sssd.conf.5.xml:4352 sssd-ipa.5.xml:948 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4353 +#: sssd.conf.5.xml:4356 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4359 +#: sssd.conf.5.xml:4362 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4361 +#: sssd.conf.5.xml:4364 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -5414,7 +5421,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4375 +#: sssd.conf.5.xml:4378 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -5422,7 +5429,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4384 +#: sssd.conf.5.xml:4387 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -5431,55 +5438,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4391 +#: sssd.conf.5.xml:4394 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4394 +#: sssd.conf.5.xml:4397 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4398 +#: sssd.conf.5.xml:4401 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4405 +#: sssd.conf.5.xml:4408 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4408 +#: sssd.conf.5.xml:4411 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4414 +#: sssd.conf.5.xml:4417 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4420 +#: sssd.conf.5.xml:4423 msgid "" -"The RULE_NAME for the <quote>files</quote> provider which tries to find a " -"user with the same name." +"If maprule is not set and provider is <quote>proxy</quote><phrase " +"condition=\"with_files_provider\">  or <quote>files</quote></phrase>, " +"the RULE_NAME name is assumed to be the name of the matching user." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4429 +#: sssd.conf.5.xml:4434 msgid "domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4432 +#: sssd.conf.5.xml:4437 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -5488,17 +5496,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4439 +#: sssd.conf.5.xml:4444 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4444 +#: sssd.conf.5.xml:4449 msgid "priority (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4447 +#: sssd.conf.5.xml:4452 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -5506,26 +5514,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4453 +#: sssd.conf.5.xml:4458 msgid "Default: the lowest priority" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4459 +#: sssd.conf.5.xml:4464 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4465 +#: sssd.conf.5.xml:4470 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4471 +#: sssd.conf.5.xml:4476 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -5534,17 +5542,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4480 +#: sssd.conf.5.xml:4485 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4488 +#: sssd.conf.5.xml:4493 msgid "PROMPTING CONFIGURATION SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4490 +#: sssd.conf.5.xml:4495 msgid "" "If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" "filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " @@ -5554,7 +5562,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4498 +#: sssd.conf.5.xml:4503 msgid "" "With the growing number of authentication methods and the possibility that " "there are multiple ones for a single user the heuristic used by pam_sss to " @@ -5563,59 +5571,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4510 +#: sssd.conf.5.xml:4515 msgid "[prompting/password]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4513 +#: sssd.conf.5.xml:4518 msgid "password_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4514 +#: sssd.conf.5.xml:4519 msgid "to change the string of the password prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4512 +#: sssd.conf.5.xml:4517 msgid "" "to configure password prompting, allowed options are: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4522 +#: sssd.conf.5.xml:4527 msgid "[prompting/2fa]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4526 +#: sssd.conf.5.xml:4531 msgid "first_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4527 +#: sssd.conf.5.xml:4532 msgid "to change the string of the prompt for the first factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4530 +#: sssd.conf.5.xml:4535 msgid "second_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4531 +#: sssd.conf.5.xml:4536 msgid "to change the string of the prompt for the second factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4534 +#: sssd.conf.5.xml:4539 msgid "single_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4535 +#: sssd.conf.5.xml:4540 msgid "" "boolean value, if True there will be only a single prompt using the value of " "first_prompt where it is expected that both factors are entered as a single " @@ -5624,7 +5632,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4524 +#: sssd.conf.5.xml:4529 msgid "" "to configure two-factor authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/> If the second factor is " @@ -5633,7 +5641,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4548 +#: sssd.conf.5.xml:4553 msgid "" "Some clients, such as SSH with 'PasswordAuthentication yes', generate their " "own prompts and do not use prompts provided by SSSD or other PAM modules. " @@ -5644,17 +5652,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4563 +#: sssd.conf.5.xml:4568 msgid "[prompting/passkey]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4569 sssd-ad.5.xml:1022 +#: sssd.conf.5.xml:4574 sssd-ad.5.xml:1022 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4571 +#: sssd.conf.5.xml:4576 msgid "" "boolean value, if True prompt a message and wait before testing the presence " "of a passkey device. Recommended if your device doesn’t have a tactile " @@ -5662,39 +5670,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4579 +#: sssd.conf.5.xml:4584 msgid "interactive_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4581 +#: sssd.conf.5.xml:4586 msgid "to change the message of the interactive prompt." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4586 +#: sssd.conf.5.xml:4591 msgid "touch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4588 +#: sssd.conf.5.xml:4593 msgid "" "boolean value, if True prompt a message to remind the user to touch the " "device." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4594 +#: sssd.conf.5.xml:4599 msgid "touch_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4596 +#: sssd.conf.5.xml:4601 msgid "to change the message of the touch prompt." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4565 +#: sssd.conf.5.xml:4570 #, fuzzy #| msgid "" #| "The following expansions are supported: <placeholder " @@ -5707,7 +5715,7 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4505 +#: sssd.conf.5.xml:4510 msgid "" "Each supported authentication method has its own configuration subsection " "under <quote>[prompting/...]</quote>. Currently there are: <placeholder " @@ -5716,7 +5724,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4607 +#: sssd.conf.5.xml:4612 msgid "" "It is possible to add a subsection for specific PAM services, e.g. " "<quote>[prompting/password/sshd]</quote> to individual change the prompting " @@ -5724,12 +5732,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4614 pam_sss_gss.8.xml:157 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:4619 pam_sss_gss.8.xml:157 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4620 +#: sssd.conf.5.xml:4625 #, fuzzy, no-wrap #| msgid "" #| "[sssd]\n" @@ -5807,7 +5815,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4616 +#: sssd.conf.5.xml:4621 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -5816,7 +5824,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4652 +#: sssd.conf.5.xml:4657 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -5824,7 +5832,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4646 +#: sssd.conf.5.xml:4651 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -5835,7 +5843,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4663 +#: sssd.conf.5.xml:4668 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -5846,7 +5854,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4657 +#: sssd.conf.5.xml:4662 msgid "" "3. The following example shows the configuration of a certificate mapping " "rule. It is valid for the configured domain <quote>my.domain</quote> and " @@ -6148,8 +6156,17 @@ msgstr "" msgid "ldap_modify - Direct modification of userPassword (not recommended)." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:239 +msgid "" +"exop_force - Try Password Modify Extended Operation (RFC 3062) even if there " +"are no grace logins left. Depending on the type and configuration of the " +"LDAP server the password change might fail because an authenticated bind is " +"not possible." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:240 +#: sssd-ldap.5.xml:251 msgid "" "Note: First, a new connection is established to verify current password by " "binding as the user that requested password change. If successful, this " @@ -6158,74 +6175,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:248 +#: sssd-ldap.5.xml:259 msgid "Default: exop" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:265 msgid "ldap_default_bind_dn (string)" msgstr "ldap_default_bind_dn (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:268 msgid "The default bind DN to use for performing LDAP operations." msgstr "LDAP ユーザー操作を実行するために使用される初期バインド DN です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:264 +#: sssd-ldap.5.xml:275 msgid "ldap_default_authtok_type (string)" msgstr "ldap_default_authtok_type (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:267 +#: sssd-ldap.5.xml:278 msgid "The type of the authentication token of the default bind DN." msgstr "初期バインド DN の認証トークンの形式です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:271 +#: sssd-ldap.5.xml:282 msgid "The two mechanisms currently supported are:" msgstr "現在 2 つのメカニズムがサポートされます:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:274 +#: sssd-ldap.5.xml:285 msgid "password" msgstr "password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:288 msgid "obfuscated_password" msgstr "obfuscated_password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:291 msgid "Default: password" msgstr "初期値: password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:283 +#: sssd-ldap.5.xml:294 msgid "" "See the <citerefentry> <refentrytitle>sss_obfuscate</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> manual page for more information." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:294 +#: sssd-ldap.5.xml:305 msgid "ldap_default_authtok (string)" msgstr "ldap_default_authtok (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 +#: sssd-ldap.5.xml:308 msgid "The authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:314 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:317 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -6237,12 +6254,12 @@ msgstr "" "場合、このオプションを 0 以外に設定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:319 +#: sssd-ldap.5.xml:330 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:322 +#: sssd-ldap.5.xml:333 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." @@ -6250,12 +6267,12 @@ msgstr "" "SSSD が列挙レコードのキャッシュを更新する前に待つ必要がある秒数を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:349 msgid "ldap_purge_cache_timeout (integer)" msgstr "ldap_purge_cache_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:341 +#: sssd-ldap.5.xml:352 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -6266,7 +6283,7 @@ msgstr "" "削除する間隔を決めます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:358 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -6275,12 +6292,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:367 +#: sssd-ldap.5.xml:378 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:370 +#: sssd-ldap.5.xml:381 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -6291,7 +6308,7 @@ msgstr "" "のオプションは RFC2307 スキーマにおいて効果がありません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:377 +#: sssd-ldap.5.xml:388 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -6301,7 +6318,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:397 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -6311,37 +6328,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:395 +#: sssd-ldap.5.xml:406 msgid "Default: 2" msgstr "初期値: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 +#: sssd-ldap.5.xml:415 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:414 +#: sssd-ldap.5.xml:425 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:420 +#: sssd-ldap.5.xml:431 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:423 +#: sssd-ldap.5.xml:434 msgid "Optional. Use the given string as search base for host objects." msgstr "" "オプションです。ホストオブジェクトの検索ベースとして与えられた文字列を使用し" "ます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:427 sssd-ipa.5.xml:462 sssd-ipa.5.xml:481 sssd-ipa.5.xml:500 -#: sssd-ipa.5.xml:519 +#: sssd-ldap.5.xml:438 sssd-ipa.5.xml:526 sssd-ipa.5.xml:545 sssd-ipa.5.xml:564 +#: sssd-ipa.5.xml:583 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " "multiple search bases." @@ -6350,32 +6367,32 @@ msgstr "" "してください。" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:432 sssd-ipa.5.xml:467 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:443 sssd-ipa.5.xml:531 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "初期値: <emphasis>ldap_search_base</emphasis> の値" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:450 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:444 +#: sssd-ldap.5.xml:455 msgid "ldap_iphost_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:449 +#: sssd-ldap.5.xml:460 msgid "ldap_ipnetwork_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:465 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:468 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -6383,7 +6400,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:463 +#: sssd-ldap.5.xml:474 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -6394,12 +6411,12 @@ msgstr "" "かもしれません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:480 +#: sssd-ldap.5.xml:491 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:483 +#: sssd-ldap.5.xml:494 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -6407,12 +6424,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:501 +#: sssd-ldap.5.xml:512 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:504 +#: sssd-ldap.5.xml:515 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -6428,12 +6445,12 @@ msgstr "" "citerefentry> が未使用を返した後のタイムアウト(秒単位)を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:532 +#: sssd-ldap.5.xml:543 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:546 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -6442,12 +6459,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:566 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:569 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -6456,7 +6473,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:577 msgid "" "If the connection is idle (not actively running an operation) within " "<emphasis>ldap_opt_timeout</emphasis> seconds of expiration, then it will be " @@ -6467,38 +6484,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:578 +#: sssd-ldap.5.xml:589 msgid "" "This timeout can be extended of a random value specified by " "<emphasis>ldap_connection_expire_offset</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:588 sssd-ldap.5.xml:631 sssd-ldap.5.xml:1749 +#: sssd-ldap.5.xml:599 sssd-ldap.5.xml:642 sssd-ldap.5.xml:1760 msgid "Default: 900 (15 minutes)" msgstr "初期値: 900 (15 分)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:594 +#: sssd-ldap.5.xml:605 msgid "ldap_connection_expire_offset (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:597 +#: sssd-ldap.5.xml:608 msgid "" "Random offset between 0 and configured value is added to " "<emphasis>ldap_connection_expire_timeout</emphasis>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:624 #, fuzzy #| msgid "ldap_connection_expire_timeout (integer)" msgid "ldap_connection_idle_timeout (integer)" msgstr "ldap_connection_expire_timeout (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 +#: sssd-ldap.5.xml:627 msgid "" "Specifies a timeout (in seconds) that an idle connection to an LDAP server " "will be maintained. If the connection is idle for more than this time then " @@ -6506,17 +6523,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:622 +#: sssd-ldap.5.xml:633 msgid "You can disable this timeout by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:648 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:651 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." @@ -6525,12 +6542,12 @@ msgstr "" "バーは 1 要求あたりの最大数の制限を強制します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:662 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:654 +#: sssd-ldap.5.xml:665 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -6541,7 +6558,7 @@ msgstr "" "ことを報告する場合に、このオプションが使用されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:660 +#: sssd-ldap.5.xml:671 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." @@ -6551,7 +6568,7 @@ msgstr "" "す。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:666 +#: sssd-ldap.5.xml:677 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -6562,17 +6579,17 @@ msgstr "" "があります。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:678 +#: sssd-ldap.5.xml:689 msgid "ldap_disable_range_retrieval (boolean)" msgstr "ldap_disable_range_retrieval (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:681 +#: sssd-ldap.5.xml:692 msgid "Disable Active Directory range retrieval." msgstr "Active Directory の範囲の取得を無効化します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:684 +#: sssd-ldap.5.xml:695 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -6582,12 +6599,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:699 +#: sssd-ldap.5.xml:710 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 +#: sssd-ldap.5.xml:713 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -6595,17 +6612,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:708 sssd-ldap.5.xml:724 +#: sssd-ldap.5.xml:719 sssd-ldap.5.xml:735 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:715 +#: sssd-ldap.5.xml:726 msgid "ldap_sasl_maxssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:718 +#: sssd-ldap.5.xml:729 msgid "" "When communicating with an LDAP server using SASL, specify the maximal " "security level necessary to establish the connection. The values of this " @@ -6613,12 +6630,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:742 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:734 +#: sssd-ldap.5.xml:745 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -6626,7 +6643,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:740 +#: sssd-ldap.5.xml:751 msgid "" "You can turn off dereference lookups completely by setting the value to 0. " "Please note that there are some codepaths in SSSD, like the IPA HBAC " @@ -6637,7 +6654,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:751 +#: sssd-ldap.5.xml:762 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -6646,7 +6663,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 +#: sssd-ldap.5.xml:770 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -6654,12 +6671,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:783 msgid "ldap_ignore_unreadable_references (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 +#: sssd-ldap.5.xml:786 msgid "" "Ignore unreadable LDAP entries referenced in group's member attribute. If " "this parameter is set to false an error will be returned and the operation " @@ -6667,7 +6684,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:782 +#: sssd-ldap.5.xml:793 msgid "" "This parameter may be useful when using the AD provider and the computer " "account that sssd uses to connect to AD does not have access to a particular " @@ -6675,12 +6692,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:795 +#: sssd-ldap.5.xml:806 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:798 +#: sssd-ldap.5.xml:809 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -6689,7 +6706,7 @@ msgstr "" "クするものを指定します。以下の値のうち 1 つを指定できます:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 +#: sssd-ldap.5.xml:815 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -6698,7 +6715,7 @@ msgstr "" "確認しません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:808 +#: sssd-ldap.5.xml:819 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6709,7 +6726,7 @@ msgstr "" "無視され、セッションが通常通り進められます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:826 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6720,7 +6737,7 @@ msgstr "" "ンが直ちに終了します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:821 +#: sssd-ldap.5.xml:832 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -6730,22 +6747,22 @@ msgstr "" "なければ、もしくは不正な証明書が提供されれば、セッションが直ちに終了します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:838 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> = <quote>demand</quote> と同じです" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:831 +#: sssd-ldap.5.xml:842 msgid "Default: hard" msgstr "初期値: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:837 +#: sssd-ldap.5.xml:848 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:840 +#: sssd-ldap.5.xml:851 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -6755,7 +6772,7 @@ msgstr "" "書を含むファイルを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 sssd-ldap.5.xml:864 sssd-ldap.5.xml:905 +#: sssd-ldap.5.xml:856 sssd-ldap.5.xml:875 sssd-ldap.5.xml:916 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -6764,12 +6781,12 @@ msgstr "" "filename> にあります" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:852 +#: sssd-ldap.5.xml:863 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:866 #, fuzzy #| msgid "" #| "Specifies the path of a directory that contains Certificate Authority " @@ -6790,32 +6807,32 @@ msgstr "" "ます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:871 +#: sssd-ldap.5.xml:882 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:885 msgid "Specifies the file that contains the certificate for the client's key." msgstr "クライアントのキーに対する証明書を含むファイルを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 +#: sssd-ldap.5.xml:895 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:898 msgid "Specifies the file that contains the client's key." msgstr "クライアントのキーを含むファイルを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:907 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:910 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -6823,12 +6840,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 +#: sssd-ldap.5.xml:923 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:926 #, fuzzy #| msgid "" #| "Specifies that the id_provider connection must also use <systemitem " @@ -6842,12 +6859,12 @@ msgstr "" "用する必要がある id_provider 接続を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:937 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:940 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -6855,18 +6872,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:946 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" "この機能は現在 ActiveDirectory objectSID マッピングのみサポートします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:945 +#: sssd-ldap.5.xml:956 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:959 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -6877,24 +6894,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:960 +#: sssd-ldap.5.xml:971 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:966 +#: sssd-ldap.5.xml:977 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:969 +#: sssd-ldap.5.xml:980 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " "tested and supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 +#: sssd-ldap.5.xml:984 msgid "" "If the backend supports sub-domains the value of ldap_sasl_mech is " "automatically inherited to the sub-domains. If a different value is needed " @@ -6905,12 +6922,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:989 +#: sssd-ldap.5.xml:1000 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1001 +#: sssd-ldap.5.xml:1012 #, no-wrap msgid "" "hostname@REALM\n" @@ -6923,7 +6940,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:992 +#: sssd-ldap.5.xml:1003 msgid "" "Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " "this represents the Kerberos principal used for authentication to the " @@ -6935,17 +6952,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1012 +#: sssd-ldap.5.xml:1023 msgid "Default: host/hostname@REALM" msgstr "初期値: host/hostname@REALM" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1018 +#: sssd-ldap.5.xml:1029 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1032 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6953,17 +6970,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1038 msgid "Default: the value of krb5_realm." msgstr "初期値: krb5_realm の値" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 +#: sssd-ldap.5.xml:1044 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 +#: sssd-ldap.5.xml:1047 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." @@ -6972,33 +6989,33 @@ msgstr "" "するために逆引きを実行します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1041 +#: sssd-ldap.5.xml:1052 msgid "Default: false;" msgstr "初期値: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1047 +#: sssd-ldap.5.xml:1058 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1050 +#: sssd-ldap.5.xml:1061 msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 sssd-krb5.5.xml:247 +#: sssd-ldap.5.xml:1070 sssd-krb5.5.xml:247 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "初期値: システムのキーテーブル、通常 <filename>/etc/krb5.keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 +#: sssd-ldap.5.xml:1076 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 +#: sssd-ldap.5.xml:1079 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -7006,28 +7023,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1080 +#: sssd-ldap.5.xml:1091 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1094 msgid "" "Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1092 sssd-ad.5.xml:1253 +#: sssd-ldap.5.xml:1103 sssd-ad.5.xml:1256 msgid "Default: 86400 (24 hours)" msgstr "初期値: 86400 (24 時間)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1098 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1109 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1101 +#: sssd-ldap.5.xml:1112 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -7039,7 +7056,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1113 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1124 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -7050,7 +7067,7 @@ msgstr "" "ば _tcp にフォールバックします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1118 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1129 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -7061,27 +7078,27 @@ msgstr "" "quote> を使用するよう設定ファイルを移行することが推奨されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1127 sssd-ipa.5.xml:531 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1138 sssd-ipa.5.xml:595 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1130 +#: sssd-ldap.5.xml:1141 msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1134 +#: sssd-ldap.5.xml:1145 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "初期値: システムの初期値、<filename>/etc/krb5.conf</filename> 参照。" #. type: Content of: <variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1140 include/krb5_options.xml:154 +#: sssd-ldap.5.xml:1151 include/krb5_options.xml:154 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1143 +#: sssd-ldap.5.xml:1154 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" @@ -7090,12 +7107,12 @@ msgstr "" "します。この機能は MIT Kerberos >= 1.7 で利用可能です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1155 sssd-krb5.5.xml:336 +#: sssd-ldap.5.xml:1166 sssd-krb5.5.xml:336 msgid "krb5_use_kdcinfo (boolean)" msgstr "krb5_use_kdcinfo (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1158 sssd-krb5.5.xml:339 +#: sssd-ldap.5.xml:1169 sssd-krb5.5.xml:339 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -7105,7 +7122,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 sssd-krb5.5.xml:350 +#: sssd-ldap.5.xml:1180 sssd-krb5.5.xml:350 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -7116,12 +7133,12 @@ msgstr "" "manvolnum> </citerefentry> マニュアルページを参照ください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1183 +#: sssd-ldap.5.xml:1194 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1186 +#: sssd-ldap.5.xml:1197 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -7130,7 +7147,7 @@ msgstr "" "す。以下の値が許容されます:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1202 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -7139,7 +7156,7 @@ msgstr "" "ンはサーバー側のパスワードポリシーを無効にできません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1196 +#: sssd-ldap.5.xml:1207 #, fuzzy #| msgid "" #| "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" @@ -7156,7 +7173,7 @@ msgstr "" "manvolnum></citerefentry> 形式の属性を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1204 +#: sssd-ldap.5.xml:1215 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -7167,24 +7184,24 @@ msgstr "" "とき、これらの属性を更新するために chpass_provider=krb5 を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1213 +#: sssd-ldap.5.xml:1224 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1232 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1235 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "自動参照追跡が有効化されるかを指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 +#: sssd-ldap.5.xml:1239 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -7193,7 +7210,7 @@ msgstr "" "sssd のみが参照追跡をサポートすることに注意してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1233 +#: sssd-ldap.5.xml:1244 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -7206,28 +7223,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1263 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1255 +#: sssd-ldap.5.xml:1266 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "サービス検索が有効にされているときに使用するサービスの名前を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1259 +#: sssd-ldap.5.xml:1270 msgid "Default: ldap" msgstr "初期値: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1265 +#: sssd-ldap.5.xml:1276 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1279 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -7236,24 +7253,24 @@ msgstr "" "を検索するために使用するサービスの名前を指定します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 +#: sssd-ldap.5.xml:1284 msgid "Default: not set, i.e. service discovery is disabled" msgstr "初期値: 設定されていません、つまりサービス検索が無効にされています" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1290 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 +#: sssd-ldap.5.xml:1293 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1288 +#: sssd-ldap.5.xml:1299 msgid "" "It is recommend to set this option explicitly if \"ldap_pwd_policy = " "shadow\" is used to let SSSD know if the LDAP server will update " @@ -7262,12 +7279,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1313 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1305 +#: sssd-ldap.5.xml:1316 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -7283,12 +7300,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1336 msgid "Example:" msgstr "例:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1328 +#: sssd-ldap.5.xml:1339 #, no-wrap msgid "" "access_provider = ldap\n" @@ -7297,14 +7314,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1332 +#: sssd-ldap.5.xml:1343 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 +#: sssd-ldap.5.xml:1348 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -7313,17 +7330,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1345 sssd-ldap.5.xml:1401 +#: sssd-ldap.5.xml:1356 sssd-ldap.5.xml:1412 msgid "Default: Empty" msgstr "初期値: 空白" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1351 +#: sssd-ldap.5.xml:1362 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1354 +#: sssd-ldap.5.xml:1365 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -7332,7 +7349,7 @@ msgstr "" "ます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1358 +#: sssd-ldap.5.xml:1369 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -7343,12 +7360,12 @@ msgstr "" "否します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1365 +#: sssd-ldap.5.xml:1376 msgid "The following values are allowed:" msgstr "以下の値が許可されます:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1368 +#: sssd-ldap.5.xml:1379 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -7357,7 +7374,7 @@ msgstr "" "ldap_user_shadow_expire の値を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1373 +#: sssd-ldap.5.xml:1384 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -7366,7 +7383,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1380 +#: sssd-ldap.5.xml:1391 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -7377,7 +7394,7 @@ msgstr "" "ldap_ns_account_lock の値を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1386 +#: sssd-ldap.5.xml:1397 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -7390,7 +7407,7 @@ msgstr "" "クセスが許可されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1394 +#: sssd-ldap.5.xml:1405 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -7398,23 +7415,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1407 +#: sssd-ldap.5.xml:1418 msgid "ldap_access_order (string)" msgstr "ldap_access_order (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1410 sssd-ipa.5.xml:356 +#: sssd-ldap.5.xml:1421 sssd-ipa.5.xml:420 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "アクセス制御オプションのカンマ区切り一覧です。許可される値は次のとおりです:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 +#: sssd-ldap.5.xml:1425 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis>: ldap_access_filter を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1417 +#: sssd-ldap.5.xml:1428 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -7424,14 +7441,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1427 +#: sssd-ldap.5.xml:1438 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1434 +#: sssd-ldap.5.xml:1445 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -7444,12 +7461,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1451 +#: sssd-ldap.5.xml:1462 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>expire</emphasis>: ldap_account_expire_policy を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 sssd-ipa.5.xml:364 +#: sssd-ldap.5.xml:1466 sssd-ipa.5.xml:428 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -7459,31 +7476,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1465 sssd-ipa.5.xml:374 +#: sssd-ldap.5.xml:1476 sssd-ipa.5.xml:438 msgid "" "The difference between these options is the action taken if user password is " "expired:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1470 sssd-ipa.5.xml:379 +#: sssd-ldap.5.xml:1481 sssd-ipa.5.xml:443 msgid "pwd_expire_policy_reject - user is denied to log in," msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1476 sssd-ipa.5.xml:385 +#: sssd-ldap.5.xml:1487 sssd-ipa.5.xml:449 msgid "pwd_expire_policy_warn - user is still able to log in," msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1482 sssd-ipa.5.xml:391 +#: sssd-ldap.5.xml:1493 sssd-ipa.5.xml:455 msgid "" "pwd_expire_policy_renew - user is prompted to change their password " "immediately." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1490 +#: sssd-ldap.5.xml:1501 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to shadow or mit_kerberos, these " @@ -7491,7 +7508,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1507 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -7500,44 +7517,44 @@ msgstr "" "authorizedService 属性を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1501 +#: sssd-ldap.5.xml:1512 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis>: アクセス権を決めるために host 属性を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1505 +#: sssd-ldap.5.xml:1516 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1520 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1514 +#: sssd-ldap.5.xml:1525 msgid "Default: filter" msgstr "初期値: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1528 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "値が複数使用されていると設定エラーになることに注意してください。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1524 +#: sssd-ldap.5.xml:1535 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 +#: sssd-ldap.5.xml:1538 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -7546,22 +7563,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:1546 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1538 +#: sssd-ldap.5.xml:1549 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1555 msgid "ldap_deref (string)" msgstr "ldap_deref (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1558 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -7570,12 +7587,12 @@ msgstr "" "ションが許容されます:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1563 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "<emphasis>never</emphasis>: エイリアスが参照解決されません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1556 +#: sssd-ldap.5.xml:1567 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -7584,7 +7601,7 @@ msgstr "" "決されますが、検索のベースオブジェクトの位置を探すときはされません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1561 +#: sssd-ldap.5.xml:1572 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -7593,7 +7610,7 @@ msgstr "" "すときのみ参照解決されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1566 +#: sssd-ldap.5.xml:1577 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -7602,7 +7619,7 @@ msgstr "" "きも位置を検索するときも参照解決されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 +#: sssd-ldap.5.xml:1582 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -7611,12 +7628,12 @@ msgstr "" "して取り扱われます)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1579 +#: sssd-ldap.5.xml:1590 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1593 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." @@ -7625,7 +7642,7 @@ msgstr "" "ユーザーを保持することができます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1586 +#: sssd-ldap.5.xml:1597 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -7636,7 +7653,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1597 +#: sssd-ldap.5.xml:1608 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -7644,64 +7661,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1609 sssd-ifp.5.xml:152 +#: sssd-ldap.5.xml:1620 sssd-ifp.5.xml:152 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1612 +#: sssd-ldap.5.xml:1623 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1616 +#: sssd-ldap.5.xml:1627 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1631 msgid "Default: 1000 (often the size of one page)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1626 +#: sssd-ldap.5.xml:1637 #, fuzzy #| msgid "debug_level (integer)" msgid "ldap_library_debug_level (integer)" msgstr "debug_level (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1629 +#: sssd-ldap.5.xml:1640 msgid "" "Switches on libldap debugging with the given level. The libldap debug " "messages will be written independent of the general debug_level." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1634 +#: sssd-ldap.5.xml:1645 msgid "" "OpenLDAP uses a bitmap to enable debugging for specific components, -1 will " "enable full debug output." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1639 +#: sssd-ldap.5.xml:1650 #, fuzzy #| msgid "Default: 0 (disabled)" msgid "Default: 0 (libldap debugging disabled)" msgstr "初期値: 0 (無効)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1645 +#: sssd-ldap.5.xml:1656 #, fuzzy #| msgid "ldap_id_mapping (boolean)" msgid "ldap_use_ppolicy (boolean)" msgstr "ldap_id_mapping (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1659 msgid "" "Turns on requesting and relying on the server-side password policy controls. " "Disabling this allows interacting with services which send back invalid " @@ -7709,14 +7726,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1671 #, fuzzy #| msgid "ldap_deref_threshold (integer)" msgid "ldap_ppolicy_pwd_change_threshold (integer)" msgstr "ldap_deref_threshold (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1663 +#: sssd-ldap.5.xml:1674 msgid "" "Forces a password change when server side password policy controls are " "enabled and remaining grace logins returned by the server after the " @@ -7739,12 +7756,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1683 +#: sssd-ldap.5.xml:1694 msgid "SUDO OPTIONS" msgstr "SUDO オプション" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1685 +#: sssd-ldap.5.xml:1696 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -7752,19 +7769,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 +#: sssd-ldap.5.xml:1707 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 +#: sssd-ldap.5.xml:1710 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1715 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" @@ -7773,24 +7790,24 @@ msgstr "" "ります" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1709 +#: sssd-ldap.5.xml:1720 msgid "" "You can disable full refresh by setting this option to 0. However, either " "smart or full refresh must be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1725 msgid "Default: 21600 (6 hours)" msgstr "初期値: 21600 (6 時間)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1720 +#: sssd-ldap.5.xml:1731 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1734 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest " @@ -7798,14 +7815,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1740 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1733 +#: sssd-ldap.5.xml:1744 msgid "" "<emphasis>Note:</emphasis> the highest USN value can be updated by three " "tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " @@ -7815,21 +7832,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1744 +#: sssd-ldap.5.xml:1755 msgid "" "You can disable smart refresh by setting this option to 0. However, either " "smart or full refresh must be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1755 +#: sssd-ldap.5.xml:1766 #, fuzzy #| msgid "ldap_idmap_range_size (integer)" msgid "ldap_sudo_random_offset (integer)" msgstr "ldap_idmap_range_size (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1758 +#: sssd-ldap.5.xml:1769 msgid "" "Random offset between 0 and configured value is added to smart and full " "refresh periods each time the periodic task is scheduled. The value is in " @@ -7837,7 +7854,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 +#: sssd-ldap.5.xml:1775 msgid "" "Note that this random offset is also applied on the first SSSD start which " "delays the first sudo rules refresh. This prolongs the time when the sudo " @@ -7845,29 +7862,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1770 +#: sssd-ldap.5.xml:1781 msgid "You can disable this offset by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1780 +#: sssd-ldap.5.xml:1791 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1794 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1794 +#: sssd-ldap.5.xml:1805 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1797 +#: sssd-ldap.5.xml:1808 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." @@ -7876,15 +7893,15 @@ msgstr "" "区切り一覧です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1813 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1807 sssd-ldap.5.xml:1830 sssd-ldap.5.xml:1848 -#: sssd-ldap.5.xml:1866 +#: sssd-ldap.5.xml:1818 sssd-ldap.5.xml:1841 sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1877 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." @@ -7893,17 +7910,17 @@ msgstr "" "ならば、このオプションは効果を持ちません。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1812 sssd-ldap.5.xml:1835 +#: sssd-ldap.5.xml:1823 sssd-ldap.5.xml:1846 msgid "Default: not specified" msgstr "初期値: 指定なし" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1818 +#: sssd-ldap.5.xml:1829 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1821 +#: sssd-ldap.5.xml:1832 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." @@ -7912,7 +7929,7 @@ msgstr "" "アドレスの空白区切り一覧です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1826 +#: sssd-ldap.5.xml:1837 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." @@ -7920,38 +7937,38 @@ msgstr "" "このオプションが空白ならば、SSSD は自動的にアドレスを検索しようとします。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1841 +#: sssd-ldap.5.xml:1852 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "ldap_sudo_include_netgroups (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1855 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1870 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1862 +#: sssd-ldap.5.xml:1873 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:1872 +#: sssd-ldap.5.xml:1883 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1884 +#: sssd-ldap.5.xml:1895 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7963,59 +7980,59 @@ msgstr "" "refentrytitle><manvolnum>5</manvolnum> </citerefentry> を参照してください" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1894 +#: sssd-ldap.5.xml:1905 msgid "AUTOFS OPTIONS" msgstr "AUTOFS オプション" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1896 +#: sssd-ldap.5.xml:1907 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1913 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1905 +#: sssd-ldap.5.xml:1916 msgid "The name of the automount master map in LDAP." msgstr "LDAP のオートマウントマスターマップの名前。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1919 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1919 +#: sssd-ldap.5.xml:1930 msgid "ADVANCED OPTIONS" msgstr "高度なオプション" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1926 +#: sssd-ldap.5.xml:1937 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1931 +#: sssd-ldap.5.xml:1942 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1936 +#: sssd-ldap.5.xml:1947 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:1941 +#: sssd-ldap.5.xml:1952 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:1943 +#: sssd-ldap.5.xml:1954 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -8024,22 +8041,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:1950 +#: sssd-ldap.5.xml:1961 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:1963 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1968 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1921 +#: sssd-ldap.5.xml:1932 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -8048,14 +8065,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1972 sssd-simple.5.xml:131 sssd-ipa.5.xml:930 -#: sssd-ad.5.xml:1392 sssd-krb5.5.xml:483 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:1983 sssd-simple.5.xml:131 sssd-ipa.5.xml:994 +#: sssd-ad.5.xml:1459 sssd-krb5.5.xml:483 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:155 sssd-session-recording.5.xml:176 msgid "EXAMPLE" msgstr "例" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1974 +#: sssd-ldap.5.xml:1985 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -8066,7 +8083,7 @@ msgstr "" "す。" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1980 +#: sssd-ldap.5.xml:1991 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -8079,27 +8096,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:1979 sssd-ldap.5.xml:1997 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:938 sssd-ad.5.xml:1400 sssd-sudo.5.xml:56 sssd-krb5.5.xml:492 -#: sssd-files.5.xml:162 sssd-files.5.xml:173 sssd-session-recording.5.xml:182 -#: include/ldap_id_mapping.xml:105 +#: sssd-ldap.5.xml:1990 sssd-ldap.5.xml:2008 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:1002 sssd-ad.5.xml:1467 sssd-sudo.5.xml:56 +#: sssd-krb5.5.xml:492 sssd-files.5.xml:162 sssd-files.5.xml:173 +#: sssd-session-recording.5.xml:182 include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1991 +#: sssd-ldap.5.xml:2002 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1993 +#: sssd-ldap.5.xml:2004 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1998 +#: sssd-ldap.5.xml:2009 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -8115,13 +8132,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2013 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1415 sssd.8.xml:270 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2024 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1482 sssd.8.xml:270 sss_seed.8.xml:163 msgid "NOTES" msgstr "注記" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2015 +#: sssd-ldap.5.xml:2026 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -10452,7 +10469,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 sssd-ad.5.xml:1182 +#: sssd-ipa.5.xml:129 sssd-ad.5.xml:1185 msgid "dyndns_update (boolean)" msgstr "dyndns_update (論理値)" @@ -10467,7 +10484,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:141 sssd-ad.5.xml:1196 +#: sssd-ipa.5.xml:141 sssd-ad.5.xml:1199 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -10485,12 +10502,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:158 sssd-ad.5.xml:1207 +#: sssd-ipa.5.xml:158 sssd-ad.5.xml:1210 msgid "dyndns_ttl (integer)" msgstr "dyndns_ttl (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:161 sssd-ad.5.xml:1210 +#: sssd-ipa.5.xml:161 sssd-ad.5.xml:1213 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -10511,12 +10528,12 @@ msgid "Default: 1200 (seconds)" msgstr "初期値: 1200 (秒)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:178 sssd-ad.5.xml:1221 +#: sssd-ipa.5.xml:178 sssd-ad.5.xml:1224 msgid "dyndns_iface (string)" msgstr "dyndns_iface (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:181 sssd-ad.5.xml:1224 +#: sssd-ipa.5.xml:181 sssd-ad.5.xml:1227 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -10540,17 +10557,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:198 sssd-ad.5.xml:1235 +#: sssd-ipa.5.xml:198 sssd-ad.5.xml:1238 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:204 sssd-ad.5.xml:1291 +#: sssd-ipa.5.xml:204 sssd-ad.5.xml:1294 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:207 sssd-ad.5.xml:1294 +#: sssd-ipa.5.xml:207 sssd-ad.5.xml:1297 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -10558,19 +10575,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:213 sssd-ad.5.xml:1300 +#: sssd-ipa.5.xml:213 sssd-ad.5.xml:1303 msgid "Default: GSS-TSIG" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:219 sssd-ad.5.xml:1306 +#: sssd-ipa.5.xml:219 sssd-ad.5.xml:1309 #, fuzzy #| msgid "dyndns_iface (string)" msgid "dyndns_auth_ptr (string)" msgstr "dyndns_iface (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:222 sssd-ad.5.xml:1309 +#: sssd-ipa.5.xml:222 sssd-ad.5.xml:1312 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "PTR updates with the DNS server, insecure updates can be sent by setting " @@ -10578,7 +10595,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:228 sssd-ad.5.xml:1315 +#: sssd-ipa.5.xml:228 sssd-ad.5.xml:1318 msgid "Default: Same as dyndns_auth" msgstr "" @@ -10605,7 +10622,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1241 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1244 msgid "dyndns_refresh_interval (integer)" msgstr "dyndns_refresh_interval (整数)" @@ -10618,12 +10635,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:276 sssd-ad.5.xml:1259 +#: sssd-ipa.5.xml:276 sssd-ad.5.xml:1262 msgid "dyndns_update_ptr (bool)" msgstr "dyndns_update_ptr (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 sssd-ad.5.xml:1262 +#: sssd-ipa.5.xml:279 sssd-ad.5.xml:1265 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -10637,7 +10654,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:290 sssd-ad.5.xml:1267 +#: sssd-ipa.5.xml:290 sssd-ad.5.xml:1270 msgid "" "Note that <emphasis>dyndns_update_per_family</emphasis> parameter does not " "apply for PTR record updates. Those updates are always sent separately." @@ -10649,12 +10666,12 @@ msgid "Default: False (disabled)" msgstr "初期値: False (無効)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1278 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1281 msgid "dyndns_force_tcp (bool)" msgstr "dyndns_force_tcp (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:304 sssd-ad.5.xml:1281 +#: sssd-ipa.5.xml:304 sssd-ad.5.xml:1284 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." @@ -10663,48 +10680,65 @@ msgstr "" "どうか。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:308 sssd-ad.5.xml:1285 +#: sssd-ipa.5.xml:308 sssd-ad.5.xml:1288 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:314 sssd-ad.5.xml:1321 +#: sssd-ipa.5.xml:314 sssd-ad.5.xml:1324 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1324 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1327 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 sssd-ad.5.xml:1329 +#: sssd-ipa.5.xml:322 sssd-ad.5.xml:1332 msgid "" "Setting this option makes sense for environments where the DNS server is " -"different from the identity server." +"different from the identity server or when we use encrypted DNS." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:327 sssd-ad.5.xml:1337 +msgid "" +"The parameter can be a simple string containing DNS name or IP address. It " +"can also be an URI. The URI can look like <emphasis>dns://servername/</" +"emphasis> or <emphasis>dns+tls://1.2.3.4:853#servername/</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:334 sssd-ad.5.xml:1344 +msgid "" +"The second example enables DNS-over-TLS protocol for DNS updates. The " +"nsupdate utility must support DoT - check the <emphasis>man nsupdate</" +"emphasis> before enabling it in SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:327 sssd-ad.5.xml:1334 +#: sssd-ipa.5.xml:340 sssd-ad.5.xml:1350 msgid "" "Please note that this option will be only used in fallback attempt when " -"previous attempt using autodetected settings failed." +"previous attempt using autodetected settings failed or when DNS-over-TLS is " +"enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:332 sssd-ad.5.xml:1339 +#: sssd-ipa.5.xml:346 sssd-ad.5.xml:1356 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:338 sssd-ad.5.xml:1345 +#: sssd-ipa.5.xml:352 sssd-ad.5.xml:1362 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:341 sssd-ad.5.xml:1348 +#: sssd-ipa.5.xml:355 sssd-ad.5.xml:1365 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -10712,52 +10746,116 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:353 +#: sssd-ipa.5.xml:367 sssd-ad.5.xml:1377 +#, fuzzy +#| msgid "dyndns_iface (string)" +msgid "dyndns_dot_cacert (string)" +msgstr "dyndns_iface (文字列)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:370 sssd-ad.5.xml:1380 +msgid "" +"This option specifies the file of the certificate authorities certificates " +"(in PEM format) in order to verify the remote server TLS certificate when " +"using DoT." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:376 sssd-ad.5.xml:1386 +msgid "Default: None (use global certificate store)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:382 sssd-ad.5.xml:1392 +#, fuzzy +#| msgid "dyndns_iface (string)" +msgid "dyndns_dot_cert (string)" +msgstr "dyndns_iface (文字列)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:385 sssd-ad.5.xml:1395 +msgid "" +"This option sets the certificate(s) file for authentication for the DoT " +"transport to the remote server. The certificate chain file is expected to be " +"in PEM format." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:391 sssd-ad.5.xml:1401 +msgid "" +"The <emphasis>dyndns_dot_cert</emphasis> and <emphasis>dyndns_dot_key</" +"emphasis> options must be both set to achieve mutual TLS authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:396 sssd-ipa.5.xml:411 sssd-ad.5.xml:1406 sssd-ad.5.xml:1421 +#, fuzzy +#| msgid "Default: not set (no substitution for unset home directories)" +msgid "Default: None (Do not use TLS authentication)" +msgstr "初期値: 設定なし (ホームディレクトリーの設定がない場合は代替なし)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:402 sssd-ad.5.xml:1412 +#, fuzzy +#| msgid "dyndns_iface (string)" +msgid "dyndns_dot_key (string)" +msgstr "dyndns_iface (文字列)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:405 sssd-ad.5.xml:1415 +msgid "" +"This option sets the key file for authenticated encryption for the DoT " +"transport to the remote server. The private key file is expected to be in " +"PEM format." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:417 #, fuzzy #| msgid "ldap_access_order (string)" msgid "ipa_access_order (string)" msgstr "ldap_access_order (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:360 +#: sssd-ipa.5.xml:424 #, fuzzy #| msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgid "<emphasis>expire</emphasis>: use IPA's account expiration policy." msgstr "<emphasis>expire</emphasis>: ldap_account_expire_policy を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:399 +#: sssd-ipa.5.xml:463 msgid "" "Please note that 'access_provider = ipa' must be set for this feature to " "work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:406 +#: sssd-ipa.5.xml:470 msgid "ipa_deskprofile_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:409 +#: sssd-ipa.5.xml:473 msgid "" "Optional. Use the given string as search base for Desktop Profile related " "objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:413 sssd-ipa.5.xml:440 +#: sssd-ipa.5.xml:477 sssd-ipa.5.xml:504 msgid "Default: Use base DN" msgstr "初期値: ベース DN を使用します" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:419 +#: sssd-ipa.5.xml:483 #, fuzzy #| msgid "ipa_subdomains_search_base (string)" msgid "ipa_subid_ranges_search_base (string)" msgstr "ipa_subdomains_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:422 +#: sssd-ipa.5.xml:486 #, fuzzy #| msgid "" #| "Optional. Use the given string as search base for HBAC related objects." @@ -10769,95 +10867,95 @@ msgstr "" "して使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:426 +#: sssd-ipa.5.xml:490 #, fuzzy #| msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgid "Default: the value of <emphasis>cn=subids,%basedn</emphasis>" msgstr "初期値: <emphasis>cn=trusts,%basedn</emphasis> の値" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:433 +#: sssd-ipa.5.xml:497 msgid "ipa_hbac_search_base (string)" msgstr "ipa_hbac_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:436 +#: sssd-ipa.5.xml:500 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" "オプションです。与えられた文字列を HBAC 関連オブジェクトに対する検索ベースと" "して使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:446 +#: sssd-ipa.5.xml:510 msgid "ipa_host_search_base (string)" msgstr "ipa_host_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:449 +#: sssd-ipa.5.xml:513 msgid "Deprecated. Use ldap_host_search_base instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:455 +#: sssd-ipa.5.xml:519 msgid "ipa_selinux_search_base (string)" msgstr "ipa_selinux_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:458 +#: sssd-ipa.5.xml:522 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" "オプションです。与えられた文字列を SELinux ユーザーマップに対する検索ベースと" "して使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:474 +#: sssd-ipa.5.xml:538 msgid "ipa_subdomains_search_base (string)" msgstr "ipa_subdomains_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:477 +#: sssd-ipa.5.xml:541 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" "オプションです。信頼されたドメインに対する検索ベースとして、与えられた文字列" "を使用します。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 +#: sssd-ipa.5.xml:550 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "初期値: <emphasis>cn=trusts,%basedn</emphasis> の値" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:493 +#: sssd-ipa.5.xml:557 msgid "ipa_master_domain_search_base (string)" msgstr "ipa_master_domain_search_base (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:496 +#: sssd-ipa.5.xml:560 msgid "Optional. Use the given string as search base for master domain object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:505 +#: sssd-ipa.5.xml:569 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "初期値: <emphasis>cn=ad,cn=etc,%basedn</emphasis> の値" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 +#: sssd-ipa.5.xml:576 msgid "ipa_views_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 +#: sssd-ipa.5.xml:579 msgid "Optional. Use the given string as search base for views containers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:524 +#: sssd-ipa.5.xml:588 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:534 +#: sssd-ipa.5.xml:598 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." @@ -10866,7 +10964,7 @@ msgstr "" "quote> の値です。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:538 +#: sssd-ipa.5.xml:602 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." @@ -10875,37 +10973,37 @@ msgstr "" "めに使用するベース DN に変換されます。" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:546 sssd-ad.5.xml:1363 +#: sssd-ipa.5.xml:610 sssd-ad.5.xml:1430 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:549 sssd-ad.5.xml:1366 +#: sssd-ipa.5.xml:613 sssd-ad.5.xml:1433 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:553 sssd-ad.5.xml:1370 +#: sssd-ipa.5.xml:617 sssd-ad.5.xml:1437 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:557 sssd-ad.5.xml:1374 +#: sssd-ipa.5.xml:621 sssd-ad.5.xml:1441 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:564 +#: sssd-ipa.5.xml:628 msgid "ipa_deskprofile_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:567 +#: sssd-ipa.5.xml:631 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server. This will reduce the latency and load on the IPA server if there " @@ -10913,34 +11011,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:574 sssd-ipa.5.xml:604 sssd-ipa.5.xml:620 sssd-ad.5.xml:600 +#: sssd-ipa.5.xml:638 sssd-ipa.5.xml:668 sssd-ipa.5.xml:684 sssd-ad.5.xml:600 msgid "Default: 5 (seconds)" msgstr "初期値: 5 (秒)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:580 +#: sssd-ipa.5.xml:644 msgid "ipa_deskprofile_request_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:583 +#: sssd-ipa.5.xml:647 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server in case the last request did not return any rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:588 +#: sssd-ipa.5.xml:652 msgid "Default: 60 (minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:594 +#: sssd-ipa.5.xml:658 msgid "ipa_hbac_refresh (integer)" msgstr "ipa_hbac_refresh (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:597 +#: sssd-ipa.5.xml:661 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -10948,12 +11046,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:610 +#: sssd-ipa.5.xml:674 msgid "ipa_hbac_selinux (integer)" msgstr "ipa_hbac_selinux (整数)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:613 +#: sssd-ipa.5.xml:677 msgid "" "The amount of time between lookups of the SELinux maps against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -10961,33 +11059,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:626 +#: sssd-ipa.5.xml:690 msgid "ipa_server_mode (boolean)" msgstr "ipa_server_mode (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:629 +#: sssd-ipa.5.xml:693 msgid "" "This option will be set by the IPA installer (ipa-server-install) " "automatically and denotes if SSSD is running on an IPA server or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:634 +#: sssd-ipa.5.xml:698 msgid "" "On an IPA server SSSD will lookup users and groups from trusted domains " "directly while on a client it will ask an IPA server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:639 +#: sssd-ipa.5.xml:703 msgid "" "NOTE: There are currently some assumptions that must be met when SSSD is " "running on an IPA server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:644 +#: sssd-ipa.5.xml:708 msgid "" "The <quote>ipa_server</quote> option must be configured to point to the IPA " "server itself. This is already the default set by the IPA installer, so no " @@ -10995,59 +11093,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:653 +#: sssd-ipa.5.xml:717 msgid "" "The <quote>full_name_format</quote> option must not be tweaked to only print " "short names for users from trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:668 +#: sssd-ipa.5.xml:732 msgid "ipa_automount_location (string)" msgstr "ipa_automount_location (文字列)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:671 +#: sssd-ipa.5.xml:735 msgid "The automounter location this IPA client will be using" msgstr "この IPA クライアントが使用する automounter の場所です" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:674 +#: sssd-ipa.5.xml:738 msgid "Default: The location named \"default\"" msgstr "初期値: \"default\" という名前の場所" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:682 +#: sssd-ipa.5.xml:746 msgid "VIEWS AND OVERRIDES" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:691 +#: sssd-ipa.5.xml:755 msgid "ipa_view_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:694 +#: sssd-ipa.5.xml:758 msgid "Objectclass of the view container." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:697 +#: sssd-ipa.5.xml:761 msgid "Default: nsContainer" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:703 +#: sssd-ipa.5.xml:767 msgid "ipa_view_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:706 +#: sssd-ipa.5.xml:770 msgid "Name of the attribute holding the name of the view." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:710 sssd-ldap-attributes.5.xml:496 +#: sssd-ipa.5.xml:774 sssd-ldap-attributes.5.xml:496 #: sssd-ldap-attributes.5.xml:832 sssd-ldap-attributes.5.xml:913 #: sssd-ldap-attributes.5.xml:1010 sssd-ldap-attributes.5.xml:1068 #: sssd-ldap-attributes.5.xml:1226 sssd-ldap-attributes.5.xml:1271 @@ -11055,128 +11153,128 @@ msgid "Default: cn" msgstr "初期値: cn" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:716 +#: sssd-ipa.5.xml:780 msgid "ipa_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:719 +#: sssd-ipa.5.xml:783 msgid "Objectclass of the override objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:722 +#: sssd-ipa.5.xml:786 msgid "Default: ipaOverrideAnchor" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:728 +#: sssd-ipa.5.xml:792 msgid "ipa_anchor_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:731 +#: sssd-ipa.5.xml:795 msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:735 +#: sssd-ipa.5.xml:799 msgid "Default: ipaAnchorUUID" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:741 +#: sssd-ipa.5.xml:805 msgid "ipa_user_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:744 +#: sssd-ipa.5.xml:808 msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:749 +#: sssd-ipa.5.xml:813 msgid "User overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:752 +#: sssd-ipa.5.xml:816 msgid "ldap_user_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:755 +#: sssd-ipa.5.xml:819 msgid "ldap_user_uid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:758 +#: sssd-ipa.5.xml:822 msgid "ldap_user_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:761 +#: sssd-ipa.5.xml:825 msgid "ldap_user_gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:764 +#: sssd-ipa.5.xml:828 msgid "ldap_user_home_directory" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:767 +#: sssd-ipa.5.xml:831 msgid "ldap_user_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:770 +#: sssd-ipa.5.xml:834 msgid "ldap_user_ssh_public_key" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:775 +#: sssd-ipa.5.xml:839 msgid "Default: ipaUserOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:781 +#: sssd-ipa.5.xml:845 msgid "ipa_group_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:784 +#: sssd-ipa.5.xml:848 msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:789 +#: sssd-ipa.5.xml:853 msgid "Group overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:792 +#: sssd-ipa.5.xml:856 msgid "ldap_group_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:795 +#: sssd-ipa.5.xml:859 msgid "ldap_group_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:800 +#: sssd-ipa.5.xml:864 msgid "Default: ipaGroupOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:684 +#: sssd-ipa.5.xml:748 msgid "" "SSSD can handle views and overrides which are offered by FreeIPA 4.1 and " "later version. Since all paths and objectclasses are fixed on the server " @@ -11186,19 +11284,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:812 +#: sssd-ipa.5.xml:876 msgid "SUBDOMAINS PROVIDER" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:814 +#: sssd-ipa.5.xml:878 msgid "" "The IPA subdomains provider behaves slightly differently if it is configured " "explicitly or implicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:818 +#: sssd-ipa.5.xml:882 msgid "" "If the option 'subdomains_provider = ipa' is found in the domain section of " "sssd.conf, the IPA subdomains provider is configured explicitly, and all " @@ -11209,7 +11307,7 @@ msgstr "" "メインのリクエストが必要に応じて IPA サーバーに送られます。" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:824 +#: sssd-ipa.5.xml:888 msgid "" "If the option 'subdomains_provider' is not set in the domain section of sssd." "conf but there is the option 'id_provider = ipa', the IPA subdomains " @@ -11221,12 +11319,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:835 +#: sssd-ipa.5.xml:899 msgid "TRUSTED DOMAINS CONFIGURATION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:843 +#: sssd-ipa.5.xml:907 #, no-wrap msgid "" "[domain/ipa.domain.com/ad.domain.com]\n" @@ -11234,7 +11332,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:837 +#: sssd-ipa.5.xml:901 msgid "" "Some configuration options can also be set for a trusted domain. A trusted " "domain configuration can be set using the trusted domain subsection as shown " @@ -11244,80 +11342,80 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:848 +#: sssd-ipa.5.xml:912 msgid "" "For more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:855 +#: sssd-ipa.5.xml:919 msgid "" "Different configuration options are tunable for a trusted domain depending " "on whether you are configuring SSSD on an IPA server or an IPA client." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:860 +#: sssd-ipa.5.xml:924 msgid "OPTIONS TUNABLE ON IPA MASTERS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:862 +#: sssd-ipa.5.xml:926 msgid "" "The following options can be set in a subdomain section on an IPA master:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:866 sssd-ipa.5.xml:896 +#: sssd-ipa.5.xml:930 sssd-ipa.5.xml:960 msgid "ad_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:869 +#: sssd-ipa.5.xml:933 msgid "ad_backup_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:872 sssd-ipa.5.xml:899 +#: sssd-ipa.5.xml:936 sssd-ipa.5.xml:963 msgid "ad_site" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:875 +#: sssd-ipa.5.xml:939 msgid "ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:878 +#: sssd-ipa.5.xml:942 msgid "ldap_user_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:881 +#: sssd-ipa.5.xml:945 msgid "ldap_group_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:890 +#: sssd-ipa.5.xml:954 msgid "OPTIONS TUNABLE ON IPA CLIENTS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:892 +#: sssd-ipa.5.xml:956 msgid "" "The following options can be set in a subdomain section on an IPA client:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:904 +#: sssd-ipa.5.xml:968 msgid "" "Note that if both options are set, only <quote>ad_server</quote> is " "evaluated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:908 +#: sssd-ipa.5.xml:972 msgid "" "Since any request for a user or a group identity from a trusted domain " "triggered from an IPA client is resolved by the IPA server, the " @@ -11331,7 +11429,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:932 +#: sssd-ipa.5.xml:996 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -11342,7 +11440,7 @@ msgstr "" "例は IPA プロバイダー固有のオプションのみを示しています。" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:939 +#: sssd-ipa.5.xml:1003 #, no-wrap msgid "" "[domain/example.com]\n" @@ -12482,6 +12580,13 @@ msgstr "ldap_sudo_include_netgroups (論理値)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:1136 +#, fuzzy +#| msgid "This option can also be set per-domain." +msgid "This option is deprecated." +msgstr "このオプションはドメインごとに設定できます。" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1139 msgid "" "If this option is set to <quote>true</quote> SSSD will not filter out Domain " "Local groups from remote domains in the AD forest. By default they are " @@ -12492,7 +12597,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1146 +#: sssd-ad.5.xml:1149 msgid "" "Please note that setting this option to <quote>true</quote> will be against " "the intention of Domain Local group in Active Directory and <emphasis>SHOULD " @@ -12507,7 +12612,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1162 +#: sssd-ad.5.xml:1165 msgid "" "Given the comments above, if this option is set to <quote>true</quote> the " "tokenGroups request must be disabled by setting <quote>ldap_use_tokengroups</" @@ -12519,7 +12624,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1185 +#: sssd-ad.5.xml:1188 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -12530,19 +12635,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1215 +#: sssd-ad.5.xml:1218 msgid "Default: 3600 (seconds)" msgstr "初期値: 3600 (秒)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1231 +#: sssd-ad.5.xml:1234 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1244 +#: sssd-ad.5.xml:1247 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -12552,7 +12657,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1394 +#: sssd-ad.5.xml:1461 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -12563,7 +12668,7 @@ msgstr "" "AD プロバイダー固有のオプションのみ示してします。" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1401 +#: sssd-ad.5.xml:1468 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -12587,7 +12692,7 @@ msgstr "" "ad_domain = example.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1421 +#: sssd-ad.5.xml:1488 #, no-wrap msgid "" "access_provider = ldap\n" @@ -12599,7 +12704,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1417 +#: sssd-ad.5.xml:1484 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -12607,7 +12712,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1427 +#: sssd-ad.5.xml:1494 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -12617,7 +12722,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1435 +#: sssd-ad.5.xml:1502 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -18532,7 +18637,7 @@ msgstr "" #: include/ldap_id_mapping.xml:67 msgid "" "The SSSD ID-mapping algorithm takes a range of available UIDs and divides it " -"into equally-sized component sections - called \"slices\"-. Each slice " +"into equally-sized component sections - called \"slices\". Each slice " "represents the space available to an Active Directory domain." msgstr "" @@ -18687,7 +18792,7 @@ msgid "" "For example, if your most recently-added Active Directory user has " "objectSid=S-1-5-21-2153326666-2176343378-3404031434-1107, " "<quote>ldap_idmap_range_size</quote> must be at least 1108 as range size is " -"equal to maximal SID minus minimal SID plus one (e.g. 1108 = 1107 - 0 + 1)." +"equal to maximal RID minus minimal RID plus one (e.g. 1108 = 1107 - 0 + 1)." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> diff --git a/src/man/po/lv.po b/src/man/po/lv.po index 9be270a9b7b..0676f2f78ee 100644 --- a/src/man/po/lv.po +++ b/src/man/po/lv.po @@ -9,7 +9,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 2.3.0\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2024-10-15 11:44+0200\n" +"POT-Creation-Date: 2024-12-10 14:33+0100\n" "PO-Revision-Date: 2014-12-15 12:00-0500\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: Latvian (http://www.transifex.com/projects/p/sssd/language/" @@ -119,17 +119,17 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:60 msgid "" -"<filename>sssd.conf</filename> must be a regular file that is owned, " -"readable, and writeable by the same user as configured to run SSSD service." +"<filename>sssd.conf</filename> must be a regular file that is accessible " +"only by the user used to run SSSD service or root." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:67 +#: sssd.conf.5.xml:66 msgid "CONFIGURATION SNIPPETS FROM INCLUDE DIRECTORY" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:70 +#: sssd.conf.5.xml:69 msgid "" "The configuration file <filename>sssd.conf</filename> will include " "configuration snippets using the include directory <filename>conf.d</" @@ -137,7 +137,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:76 +#: sssd.conf.5.xml:75 msgid "" "Any file placed in <filename>conf.d</filename> that ends in " "<quote><filename>.conf</filename></quote> and does not begin with a dot " @@ -146,7 +146,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:84 +#: sssd.conf.5.xml:83 msgid "" "The configuration snippets from <filename>conf.d</filename> have higher " "priority than <filename>sssd.conf</filename> and will override " @@ -159,39 +159,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:98 +#: sssd.conf.5.xml:97 msgid "" "The snippet files require the same owner and permissions as <filename>sssd." "conf</filename>." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:104 +#: sssd.conf.5.xml:103 msgid "GENERAL OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:106 +#: sssd.conf.5.xml:105 msgid "Following options are usable in more than one configuration sections." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:110 +#: sssd.conf.5.xml:109 msgid "Options usable in all sections" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:114 +#: sssd.conf.5.xml:113 msgid "debug_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:118 +#: sssd.conf.5.xml:117 msgid "debug (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:121 +#: sssd.conf.5.xml:120 msgid "" "SSSD 1.14 and later also includes the <replaceable>debug</replaceable> alias " "for <replaceable>debug_level</replaceable> as a convenience feature. If both " @@ -200,62 +200,62 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:131 +#: sssd.conf.5.xml:130 msgid "debug_timestamps (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:134 +#: sssd.conf.5.xml:133 msgid "" "Add a timestamp to the debug messages. If journald is enabled for SSSD " "debug logging this option is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 sssd.conf.5.xml:176 sssd.conf.5.xml:338 -#: sssd.conf.5.xml:698 sssd.conf.5.xml:713 sssd.conf.5.xml:923 -#: sssd.conf.5.xml:1041 sssd.conf.5.xml:2169 sssd-ldap.5.xml:920 -#: sssd-ldap.5.xml:1074 sssd-ldap.5.xml:1177 sssd-ldap.5.xml:1246 -#: sssd-ldap.5.xml:1654 sssd-ldap.5.xml:1788 sssd-ldap.5.xml:1853 -#: sssd-ipa.5.xml:347 sssd-ad.5.xml:252 sssd-ad.5.xml:367 sssd-ad.5.xml:1201 -#: sssd-ad.5.xml:1354 sssd-krb5.5.xml:358 +#: sssd.conf.5.xml:138 sssd.conf.5.xml:175 sssd.conf.5.xml:337 +#: sssd.conf.5.xml:701 sssd.conf.5.xml:716 sssd.conf.5.xml:926 +#: sssd.conf.5.xml:1044 sssd.conf.5.xml:2172 sssd-ldap.5.xml:931 +#: sssd-ldap.5.xml:1085 sssd-ldap.5.xml:1188 sssd-ldap.5.xml:1257 +#: sssd-ldap.5.xml:1665 sssd-ldap.5.xml:1799 sssd-ldap.5.xml:1864 +#: sssd-ipa.5.xml:361 sssd-ad.5.xml:252 sssd-ad.5.xml:367 sssd-ad.5.xml:1204 +#: sssd-ad.5.xml:1371 sssd-krb5.5.xml:358 msgid "Default: true" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:144 +#: sssd.conf.5.xml:143 msgid "debug_microseconds (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:147 +#: sssd.conf.5.xml:146 msgid "" "Add microseconds to the timestamp in debug messages. If journald is enabled " "for SSSD debug logging this option is ignored." msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:152 sssd.conf.5.xml:636 sssd.conf.5.xml:920 -#: sssd.conf.5.xml:2072 sssd.conf.5.xml:2139 sssd.conf.5.xml:4231 -#: sssd-ldap.5.xml:313 sssd-ldap.5.xml:939 sssd-ldap.5.xml:1149 -#: sssd-ldap.5.xml:1603 sssd-ldap.5.xml:1877 sssd-ipa.5.xml:152 -#: sssd-ipa.5.xml:254 sssd-ipa.5.xml:662 sssd-ad.5.xml:1107 sssd-krb5.5.xml:268 +#: sssd.conf.5.xml:151 sssd.conf.5.xml:639 sssd.conf.5.xml:923 +#: sssd.conf.5.xml:2075 sssd.conf.5.xml:2142 sssd.conf.5.xml:4234 +#: sssd-ldap.5.xml:324 sssd-ldap.5.xml:950 sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1888 sssd-ipa.5.xml:152 +#: sssd-ipa.5.xml:254 sssd-ipa.5.xml:726 sssd-ad.5.xml:1107 sssd-krb5.5.xml:268 #: sssd-krb5.5.xml:330 sssd-krb5.5.xml:432 include/krb5_options.xml:163 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:157 +#: sssd.conf.5.xml:156 msgid "debug_backtrace_enabled (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:160 +#: sssd.conf.5.xml:159 msgid "Enable debug backtrace." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:163 +#: sssd.conf.5.xml:162 msgid "" "In case SSSD is run with debug_level less than 9, everything is logged to a " "ring buffer in memory and flushed to a log file on any error up to and " @@ -265,15 +265,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:172 +#: sssd.conf.5.xml:171 msgid "" "Feature is only supported for `logger == files` (i.e. setting doesn't have " "effect for other logger types)." msgstr "" #. type: Content of: outside any tag (error?) -#: sssd.conf.5.xml:112 sssd.conf.5.xml:187 sssd-ldap.5.xml:1694 -#: sssd-ldap.5.xml:1900 sss-certmap.5.xml:645 sssd-systemtap.5.xml:82 +#: sssd.conf.5.xml:111 sssd.conf.5.xml:186 sssd-ldap.5.xml:1705 +#: sssd-ldap.5.xml:1911 sss-certmap.5.xml:645 sssd-systemtap.5.xml:82 #: sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 #: sssd-systemtap.5.xml:330 sssd-ldap-attributes.5.xml:40 #: sssd-ldap-attributes.5.xml:661 sssd-ldap-attributes.5.xml:803 @@ -285,17 +285,17 @@ msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:185 +#: sssd.conf.5.xml:184 msgid "Options usable in SERVICE and DOMAIN sections" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:189 +#: sssd.conf.5.xml:188 msgid "timeout (integer)" msgstr "noildze (vesels skaitlis)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:192 +#: sssd.conf.5.xml:191 msgid "" "Timeout in seconds between heartbeats for this service. This is used to " "ensure that the process is alive and capable of answering requests. Note " @@ -303,33 +303,33 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:199 sssd.conf.5.xml:1261 sssd.conf.5.xml:1738 -#: sssd.conf.5.xml:4247 sssd-ldap.5.xml:766 include/ldap_id_mapping.xml:270 +#: sssd.conf.5.xml:198 sssd.conf.5.xml:1264 sssd.conf.5.xml:1741 +#: sssd.conf.5.xml:4250 sssd-ldap.5.xml:777 include/ldap_id_mapping.xml:270 msgid "Default: 10" msgstr "Noklusējuma: 10" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:209 +#: sssd.conf.5.xml:208 msgid "SPECIAL SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:212 +#: sssd.conf.5.xml:211 msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><title> -#: sssd.conf.5.xml:221 +#: sssd.conf.5.xml:220 msgid "Section parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:223 +#: sssd.conf.5.xml:222 msgid "services" msgstr "pakalpojumi" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:226 +#: sssd.conf.5.xml:225 msgid "" "Comma separated list of services that are started when sssd itself starts. " "<phrase condition=\"have_systemd\"> The services' list is optional on " @@ -338,7 +338,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:235 +#: sssd.conf.5.xml:234 msgid "" "Supported services: nss, pam, ifp <phrase condition=\"with_sudo\">, sudo</" "phrase> <phrase condition=\"with_autofs\">, autofs</phrase> <phrase " @@ -347,7 +347,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:242 +#: sssd.conf.5.xml:241 msgid "" "<phrase condition=\"have_systemd\"> By default, all services are disabled " "and the administrator must enable the ones allowed to be used by executing: " @@ -355,12 +355,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:251 +#: sssd.conf.5.xml:250 msgid "domains" msgstr "domēni" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:254 +#: sssd.conf.5.xml:253 msgid "" "A domain is a database containing user information. SSSD can use more " "domains at the same time, but at least one must be configured or SSSD won't " @@ -371,19 +371,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:267 sssd.conf.5.xml:3535 +#: sssd.conf.5.xml:266 sssd.conf.5.xml:3538 msgid "re_expression (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:270 +#: sssd.conf.5.xml:269 msgid "" "Default regular expression that describes how to parse the string containing " "user name and domain into these components." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:275 +#: sssd.conf.5.xml:274 msgid "" "Each domain can have an individual regular expression configured. For some " "ID providers there are also default regular expressions. See DOMAIN SECTIONS " @@ -391,12 +391,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:284 sssd.conf.5.xml:3592 +#: sssd.conf.5.xml:283 sssd.conf.5.xml:3595 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:3595 +#: sssd.conf.5.xml:286 sssd.conf.5.xml:3598 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -404,70 +404,70 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:298 sssd.conf.5.xml:3606 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:3609 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 sssd.conf.5.xml:3607 +#: sssd.conf.5.xml:298 sssd.conf.5.xml:3610 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:302 sssd.conf.5.xml:3610 +#: sssd.conf.5.xml:301 sssd.conf.5.xml:3613 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:305 sssd.conf.5.xml:3613 +#: sssd.conf.5.xml:304 sssd.conf.5.xml:3616 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:311 sssd.conf.5.xml:3619 +#: sssd.conf.5.xml:310 sssd.conf.5.xml:3622 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:314 sssd.conf.5.xml:3622 +#: sssd.conf.5.xml:313 sssd.conf.5.xml:3625 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:295 sssd.conf.5.xml:3603 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:3606 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:324 +#: sssd.conf.5.xml:323 msgid "" "Each domain can have an individual format string configured. See DOMAIN " "SECTIONS for more info on this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:330 +#: sssd.conf.5.xml:329 msgid "monitor_resolv_conf (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:333 +#: sssd.conf.5.xml:332 msgid "" "Controls if SSSD should monitor the state of resolv.conf to identify when it " "needs to update its internal DNS resolver." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:343 +#: sssd.conf.5.xml:342 msgid "try_inotify (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:346 +#: sssd.conf.5.xml:345 msgid "" "By default, SSSD will attempt to use inotify to monitor configuration files " "changes and will fall back to polling every five seconds if inotify cannot " @@ -475,7 +475,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:352 +#: sssd.conf.5.xml:351 msgid "" "There are some limited situations where it is preferred that we should skip " "even trying to use inotify. In these rare cases, this option should be set " @@ -483,52 +483,52 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:358 +#: sssd.conf.5.xml:357 msgid "" "Default: true on platforms where inotify is supported. False on other " "platforms." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:362 +#: sssd.conf.5.xml:361 msgid "" "Note: this option will have no effect on platforms where inotify is " "unavailable. On these platforms, polling will always be used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 +#: sssd.conf.5.xml:368 msgid "krb5_rcache_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 +#: sssd.conf.5.xml:371 msgid "" "Directory on the filesystem where SSSD should store Kerberos replay cache " "files." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:376 +#: sssd.conf.5.xml:375 msgid "" "This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " "SSSD to let libkrb5 decide the appropriate location for the replay cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:382 +#: sssd.conf.5.xml:381 msgid "" "Default: Distribution-specific and specified at build-time. " "(__LIBKRB5_DEFAULTS__ if not configured)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:389 +#: sssd.conf.5.xml:388 msgid "user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:392 +#: sssd.conf.5.xml:391 msgid "" "A legacy (deprecated) method to configure the user to drop the privileges to " "where appropriate to avoid running as the root user. The only supported " @@ -536,14 +536,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 +#: sssd.conf.5.xml:398 msgid "" "This option is ignored if main SSSD process is started under non-root user " "initially (preferred method)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:404 +#: sssd.conf.5.xml:403 msgid "" "This option doesn't apply to socket activated services, as in this case the " "user to run the processes is configured in systemd service files. Keep in " @@ -553,17 +553,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:415 +#: sssd.conf.5.xml:414 msgid "Default: not set, process will run as root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:420 +#: sssd.conf.5.xml:419 msgid "default_domain_suffix (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:423 +#: sssd.conf.5.xml:422 +msgid "" +"Please note that this option is deprecated and domain_resolution_order " +"should be used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:426 msgid "" "This string will be used as a default domain name for all names without a " "domain name component. The main use case is environments where the primary " @@ -573,7 +580,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 +#: sssd.conf.5.xml:436 msgid "" "Please note that if this option is set all users from the primary domain " "have to use their fully qualified name, e.g. user@domain.name, to log in. " @@ -586,8 +593,8 @@ msgid "" msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:450 sssd-ldap.5.xml:878 sssd-ldap.5.xml:890 -#: sssd-ldap.5.xml:983 sssd-ad.5.xml:921 sssd-ad.5.xml:996 sssd-krb5.5.xml:468 +#: sssd.conf.5.xml:453 sssd-ldap.5.xml:889 sssd-ldap.5.xml:901 +#: sssd-ldap.5.xml:994 sssd-ad.5.xml:921 sssd-ad.5.xml:996 sssd-krb5.5.xml:468 #: sssd-ldap-attributes.5.xml:470 sssd-ldap-attributes.5.xml:978 #: include/ldap_id_mapping.xml:211 include/ldap_id_mapping.xml:222 #: include/krb5_options.xml:148 @@ -595,12 +602,12 @@ msgid "Default: not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:455 +#: sssd.conf.5.xml:458 msgid "override_space (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:458 +#: sssd.conf.5.xml:461 msgid "" "This parameter will replace spaces (space bar) with the given character for " "user and group names. e.g. (_). User name "john doe" will be " @@ -610,7 +617,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:467 +#: sssd.conf.5.xml:470 msgid "" "Please note it is a configuration error to use a replacement character that " "might be used in user or group names. If a name contains the replacement " @@ -619,22 +626,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:475 +#: sssd.conf.5.xml:478 msgid "Default: not set (spaces will not be replaced)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:480 +#: sssd.conf.5.xml:483 msgid "certificate_verification (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:488 +#: sssd.conf.5.xml:491 msgid "no_ocsp" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:490 +#: sssd.conf.5.xml:493 msgid "" "Disables Online Certificate Status Protocol (OCSP) checks. This might be " "needed if the OCSP servers defined in the certificate are not reachable from " @@ -642,12 +649,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:498 +#: sssd.conf.5.xml:501 msgid "soft_ocsp" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:500 +#: sssd.conf.5.xml:503 msgid "" "If a connection cannot be established to an OCSP responder the OCSP check is " "skipped. This option should be used to allow authentication when the system " @@ -655,61 +662,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:510 +#: sssd.conf.5.xml:513 msgid "ocsp_dgst" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:512 +#: sssd.conf.5.xml:515 msgid "" "Digest (hash) function used to create the certificate ID for the OCSP " "request. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:516 +#: sssd.conf.5.xml:519 msgid "sha1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:517 +#: sssd.conf.5.xml:520 msgid "sha256" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:518 +#: sssd.conf.5.xml:521 msgid "sha384" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:519 +#: sssd.conf.5.xml:522 msgid "sha512" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:522 +#: sssd.conf.5.xml:525 msgid "Default: sha1 (to allow compatibility with RFC5019-compliant responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:528 +#: sssd.conf.5.xml:531 msgid "no_verification" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:530 +#: sssd.conf.5.xml:533 msgid "" "Disables verification completely. This option should only be used for " "testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:536 +#: sssd.conf.5.xml:539 msgid "partial_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:538 +#: sssd.conf.5.xml:541 msgid "" "Allow verification to succeed even if a <replaceable>complete</replaceable> " "chain cannot be built to a self-signed trust-anchor, provided it is possible " @@ -717,12 +724,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:547 +#: sssd.conf.5.xml:550 msgid "ocsp_default_responder=URL" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:549 +#: sssd.conf.5.xml:552 msgid "" "Sets the OCSP default responder which should be used instead of the one " "mentioned in the certificate. URL must be replaced with the URL of the OCSP " @@ -730,24 +737,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:559 +#: sssd.conf.5.xml:562 msgid "ocsp_default_responder_signing_cert=NAME" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:561 +#: sssd.conf.5.xml:564 msgid "" "This option is currently ignored. All needed certificates must be available " "in the PEM file given by pam_cert_db_path." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:569 +#: sssd.conf.5.xml:572 msgid "crl_file=/PATH/TO/CRL/FILE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:571 +#: sssd.conf.5.xml:574 msgid "" "Use the Certificate Revocation List (CRL) from the given file during the " "verification of the certificate. The CRL must be given in PEM format, see " @@ -756,12 +763,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:584 +#: sssd.conf.5.xml:587 msgid "soft_crl" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:587 +#: sssd.conf.5.xml:590 msgid "" "If a Certificate Revocation List (CRL) is expired ignore the expiration " "time of the CRL and check the related certificates with the expired CRL. " @@ -770,7 +777,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:483 +#: sssd.conf.5.xml:486 msgid "" "With this parameter the certificate verification can be tuned with a comma " "separated list of options. Supported options are: <placeholder " @@ -778,58 +785,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 +#: sssd.conf.5.xml:603 msgid "Unknown options are reported but ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:603 +#: sssd.conf.5.xml:606 msgid "Default: not set, i.e. do not restrict certificate verification" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:609 +#: sssd.conf.5.xml:612 msgid "disable_netlink (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:612 +#: sssd.conf.5.xml:615 msgid "" "SSSD hooks into the netlink interface to monitor changes to routes, " "addresses, links and trigger certain actions." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 +#: sssd.conf.5.xml:620 msgid "" "The SSSD state changes caused by netlink events may be undesirable and can " "be disabled by setting this option to 'true'" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:622 +#: sssd.conf.5.xml:625 msgid "Default: false (netlink changes are detected)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:627 +#: sssd.conf.5.xml:630 msgid "enable_files_domain (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:630 +#: sssd.conf.5.xml:633 msgid "" "When this option is enabled, SSSD prepends an implicit domain with " "<quote>id_provider=files</quote> before any explicitly configured domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:641 +#: sssd.conf.5.xml:644 msgid "domain_resolution_order" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:644 +#: sssd.conf.5.xml:647 msgid "" "Comma separated list of domains and subdomains representing the lookup order " "that will be followed. The list doesn't have to include all possible " @@ -840,7 +847,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:656 +#: sssd.conf.5.xml:659 msgid "" "Please, note that when this option is set the output format of all commands " "is always fully-qualified even when using short names for input <phrase " @@ -858,18 +865,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:684 sssd.conf.5.xml:1762 sssd.conf.5.xml:4297 +#: sssd.conf.5.xml:687 sssd.conf.5.xml:1765 sssd.conf.5.xml:4300 #: sssd-ad.5.xml:187 sssd-ad.5.xml:328 sssd-ad.5.xml:342 msgid "Default: Not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:692 msgid "implicit_pac_responder (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 +#: sssd.conf.5.xml:695 msgid "" "The PAC responder is enabled automatically for the IPA and AD provider to " "evaluate and check the PAC. If it has to be disabled set this option to " @@ -877,12 +884,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:703 +#: sssd.conf.5.xml:706 msgid "core_dumpable (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:706 +#: sssd.conf.5.xml:709 msgid "" "This option can be used for general system hardening: setting it to 'false' " "forbids core dumps for all SSSD processes to avoid leaking plain text " @@ -890,24 +897,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:718 +#: sssd.conf.5.xml:721 msgid "passkey_verification (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:726 +#: sssd.conf.5.xml:729 msgid "user_verification (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 +#: sssd.conf.5.xml:731 msgid "" "Enable or disable the user verification (i.e. PIN, fingerprint) during " "authentication. If enabled, the PIN will always be requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 +#: sssd.conf.5.xml:737 msgid "" "The default is that the key settings decide what to do. In the IPA or " "kerberos pre-authentication case, this value will be overwritten by the " @@ -915,7 +922,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:721 +#: sssd.conf.5.xml:724 msgid "" "With this parameter the passkey verification can be tuned with a comma " "separated list of options. Supported options are: <placeholder " @@ -923,7 +930,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:214 +#: sssd.conf.5.xml:213 msgid "" "Individual pieces of SSSD functionality are provided by special SSSD " "services that are started and stopped together with SSSD. The services are " @@ -934,12 +941,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:753 +#: sssd.conf.5.xml:756 msgid "SERVICES SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:755 +#: sssd.conf.5.xml:758 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -948,22 +955,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:762 +#: sssd.conf.5.xml:765 msgid "General service configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:764 +#: sssd.conf.5.xml:767 msgid "These options can be used to configure any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:768 +#: sssd.conf.5.xml:771 msgid "fd_limit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:771 +#: sssd.conf.5.xml:774 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -973,17 +980,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:780 +#: sssd.conf.5.xml:783 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:785 +#: sssd.conf.5.xml:788 msgid "client_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:788 +#: sssd.conf.5.xml:791 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " @@ -993,19 +1000,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:797 +#: sssd.conf.5.xml:800 #, fuzzy #| msgid "Default: 300" msgid "Default: 60, KCM: 300" msgstr "Noklusējuma: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 +#: sssd.conf.5.xml:805 msgid "offline_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 +#: sssd.conf.5.xml:808 msgid "" "When SSSD switches to offline mode the amount of time before it tries to go " "back online will increase based upon the time spent disconnected. By " @@ -1016,14 +1023,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:816 sssd.conf.5.xml:872 +#: sssd.conf.5.xml:819 sssd.conf.5.xml:875 msgid "" "new_delay = Minimum(old_delay * 2, offline_timeout_max) + random[0..." "offline_timeout_random_offset]" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:822 msgid "" "The offline_timeout default value is 60. The offline_timeout_max default " "value is 3600. The offline_timeout_random_offset default value is 30. The " @@ -1031,46 +1038,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:825 +#: sssd.conf.5.xml:828 msgid "" "Note that the maximum length of each interval is defined by " "offline_timeout_max (apart of random part)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:829 sssd.conf.5.xml:1172 sssd.conf.5.xml:1555 -#: sssd.conf.5.xml:1851 sssd-ldap.5.xml:495 +#: sssd.conf.5.xml:832 sssd.conf.5.xml:1175 sssd.conf.5.xml:1558 +#: sssd.conf.5.xml:1854 sssd-ldap.5.xml:506 msgid "Default: 60" msgstr "Noklusējuma: 60" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:834 +#: sssd.conf.5.xml:837 #, fuzzy #| msgid "timeout (integer)" msgid "offline_timeout_max (integer)" msgstr "noildze (vesels skaitlis)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:837 +#: sssd.conf.5.xml:840 msgid "" "Controls by how much the time between attempts to go online can be " "incremented following unsuccessful attempts to go online." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:842 +#: sssd.conf.5.xml:845 msgid "A value of 0 disables the incrementing behaviour." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:845 +#: sssd.conf.5.xml:848 msgid "" "The value of this parameter should be set in correlation to offline_timeout " "parameter value." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:849 +#: sssd.conf.5.xml:852 msgid "" "With offline_timeout set to 60 (default value) there is no point in setting " "offlinet_timeout_max to less than 120 as it will saturate instantly. General " @@ -1079,64 +1086,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:858 msgid "" "Although a value between 0 and offline_timeout may be specified, it has the " "effect of overriding the offline_timeout value so is of little use." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:863 #, fuzzy #| msgid "Default: 300" msgid "Default: 3600" msgstr "Noklusējuma: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:865 +#: sssd.conf.5.xml:868 #, fuzzy #| msgid "timeout (integer)" msgid "offline_timeout_random_offset (integer)" msgstr "noildze (vesels skaitlis)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:868 +#: sssd.conf.5.xml:871 msgid "" "When SSSD is in offline mode it keeps probing backend servers in specified " "time intervals:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:875 +#: sssd.conf.5.xml:878 msgid "" "This parameter controls the value of the random offset used for the above " "equation. Final random_offset value will be random number in range:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:880 +#: sssd.conf.5.xml:883 msgid "[0 - offline_timeout_random_offset]" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:883 +#: sssd.conf.5.xml:886 msgid "A value of 0 disables the random offset addition." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:886 +#: sssd.conf.5.xml:889 #, fuzzy #| msgid "Default: 300" msgid "Default: 30" msgstr "Noklusējuma: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:894 msgid "responder_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:894 +#: sssd.conf.5.xml:897 msgid "" "This option specifies the number of seconds that an SSSD responder process " "can be up without being used. This value is limited in order to avoid " @@ -1148,58 +1155,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:908 sssd.conf.5.xml:1185 sssd.conf.5.xml:2304 -#: sssd-ldap.5.xml:332 +#: sssd.conf.5.xml:911 sssd.conf.5.xml:1188 sssd.conf.5.xml:2307 +#: sssd-ldap.5.xml:343 msgid "Default: 300" msgstr "Noklusējuma: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:913 +#: sssd.conf.5.xml:916 msgid "cache_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:916 +#: sssd.conf.5.xml:919 msgid "" "This option specifies whether the responder should query all caches before " "querying the Data Providers." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:934 msgid "NSS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:933 +#: sssd.conf.5.xml:936 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:938 +#: sssd.conf.5.xml:941 msgid "enum_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:941 +#: sssd.conf.5.xml:944 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:945 +#: sssd.conf.5.xml:948 msgid "Default: 120" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:950 +#: sssd.conf.5.xml:953 msgid "entry_cache_nowait_percentage (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:956 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -1207,7 +1214,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:959 +#: sssd.conf.5.xml:962 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -1217,7 +1224,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:969 +#: sssd.conf.5.xml:972 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -1226,17 +1233,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:977 sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:980 sssd.conf.5.xml:2096 msgid "Default: 50" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:985 msgid "entry_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:985 +#: sssd.conf.5.xml:988 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -1244,17 +1251,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:991 sssd.conf.5.xml:1750 sssd.conf.5.xml:2117 +#: sssd.conf.5.xml:994 sssd.conf.5.xml:1753 sssd.conf.5.xml:2120 msgid "Default: 15" msgstr "Noklusējuma: 15" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:996 +#: sssd.conf.5.xml:999 msgid "local_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:999 +#: sssd.conf.5.xml:1002 msgid "" "Specifies for how many seconds nss_sss should keep local users and groups in " "negative cache before trying to look it up in the back end again. Setting " @@ -1262,17 +1269,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1005 +#: sssd.conf.5.xml:1008 msgid "Default: 14400 (4 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1013 msgid "filter_users, filter_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1013 +#: sssd.conf.5.xml:1016 msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " @@ -1281,7 +1288,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1024 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1290,41 +1297,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1029 +#: sssd.conf.5.xml:1032 msgid "Default: root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1037 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1037 +#: sssd.conf.5.xml:1040 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1048 +#: sssd.conf.5.xml:1051 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 +#: sssd.conf.5.xml:1054 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1056 +#: sssd.conf.5.xml:1059 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1062 +#: sssd.conf.5.xml:1065 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1332,23 +1339,23 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 sssd.conf.5.xml:1622 sssd.conf.5.xml:1641 -#: sssd.conf.5.xml:1718 sssd-krb5.5.xml:451 include/override_homedir.xml:66 +#: sssd.conf.5.xml:1063 sssd.conf.5.xml:1625 sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1721 sssd-krb5.5.xml:451 include/override_homedir.xml:66 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1069 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1072 +#: sssd.conf.5.xml:1075 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 +#: sssd.conf.5.xml:1078 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1356,47 +1363,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1084 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1090 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1093 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:1096 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1097 +#: sssd.conf.5.xml:1100 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1105 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 +#: sssd.conf.5.xml:1110 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1110 +#: sssd.conf.5.xml:1113 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1404,115 +1411,115 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1117 +#: sssd.conf.5.xml:1120 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1123 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1127 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1132 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1132 +#: sssd.conf.5.xml:1135 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1140 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1143 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1147 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1152 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1155 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1161 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 sssd.conf.5.xml:1548 +#: sssd.conf.5.xml:1168 sssd.conf.5.xml:1551 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 sssd.conf.5.xml:1551 +#: sssd.conf.5.xml:1171 sssd.conf.5.xml:1554 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1180 #, fuzzy #| msgid "timeout (integer)" msgid "memcache_timeout (integer)" msgstr "noildze (vesels skaitlis)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1180 +#: sssd.conf.5.xml:1183 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1191 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 sssd.conf.5.xml:1219 sssd.conf.5.xml:1244 -#: sssd.conf.5.xml:1269 sssd.conf.5.xml:1296 +#: sssd.conf.5.xml:1197 sssd.conf.5.xml:1222 sssd.conf.5.xml:1247 +#: sssd.conf.5.xml:1272 sssd.conf.5.xml:1299 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1202 +#: sssd.conf.5.xml:1205 msgid "memcache_size_passwd (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1205 +#: sssd.conf.5.xml:1208 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for passwd requests. Setting the size to 0 will disable the passwd in-" @@ -1520,27 +1527,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:2963 sssd-ldap.5.xml:549 +#: sssd.conf.5.xml:1214 sssd.conf.5.xml:2966 sssd-ldap.5.xml:560 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1214 sssd.conf.5.xml:1239 sssd.conf.5.xml:1264 -#: sssd.conf.5.xml:1291 +#: sssd.conf.5.xml:1217 sssd.conf.5.xml:1242 sssd.conf.5.xml:1267 +#: sssd.conf.5.xml:1294 msgid "" "WARNING: Disabled or too small in-memory cache can have significant negative " "impact on SSSD's performance." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1230 #, fuzzy #| msgid "timeout (integer)" msgid "memcache_size_group (integer)" msgstr "noildze (vesels skaitlis)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1233 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for group requests. Setting the size to 0 will disable the group in-memory " @@ -1548,19 +1555,19 @@ msgid "" msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1236 sssd.conf.5.xml:1288 sssd.conf.5.xml:3724 -#: sssd-ldap.5.xml:474 sssd-ldap.5.xml:526 include/failover.xml:116 +#: sssd.conf.5.xml:1239 sssd.conf.5.xml:1291 sssd.conf.5.xml:3727 +#: sssd-ldap.5.xml:485 sssd-ldap.5.xml:537 include/failover.xml:116 #: include/krb5_options.xml:11 msgid "Default: 6" msgstr "Noklusējuma: 6" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1252 +#: sssd.conf.5.xml:1255 msgid "memcache_size_initgroups (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1255 +#: sssd.conf.5.xml:1258 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for initgroups requests. Setting the size to 0 will disable the initgroups " @@ -1568,14 +1575,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 +#: sssd.conf.5.xml:1280 #, fuzzy #| msgid "timeout (integer)" msgid "memcache_size_sid (integer)" msgstr "noildze (vesels skaitlis)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 +#: sssd.conf.5.xml:1283 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for SID related requests. Only SID-by-ID and ID-by-SID requests are " @@ -1584,12 +1591,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1304 sssd-ifp.5.xml:90 +#: sssd.conf.5.xml:1307 sssd-ifp.5.xml:90 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1307 +#: sssd.conf.5.xml:1310 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1600,45 +1607,45 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1320 +#: sssd.conf.5.xml:1323 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1325 +#: sssd.conf.5.xml:1328 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1330 +#: sssd.conf.5.xml:1333 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1336 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1341 #, fuzzy #| msgid "Default: <quote>permit</quote>" msgid "Default: <quote>*</quote>" msgstr "Noklusējuma: <quote>atļaut</quote>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1341 +#: sssd.conf.5.xml:1344 msgid "" "Note: This option can also be set per-domain which overwrites the value in " "[nss] section." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1348 msgid "" "Default: <quote>not set</quote> (remote domains), <phrase " "condition=\"with_files_provider\"> <quote>x</quote> (the files domain), </" @@ -1647,60 +1654,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1360 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1359 +#: sssd.conf.5.xml:1362 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1364 +#: sssd.conf.5.xml:1367 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1367 +#: sssd.conf.5.xml:1370 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1372 sssd.conf.5.xml:1385 +#: sssd.conf.5.xml:1375 sssd.conf.5.xml:1388 msgid "Default: 0 (No limit)" msgstr "Noklusējuma: 0 (bez ierobežojuma)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1381 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1384 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1391 +#: sssd.conf.5.xml:1394 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1394 +#: sssd.conf.5.xml:1397 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1399 +#: sssd.conf.5.xml:1402 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1708,59 +1715,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1405 sssd.conf.5.xml:1515 +#: sssd.conf.5.xml:1408 sssd.conf.5.xml:1518 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1411 +#: sssd.conf.5.xml:1414 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1414 +#: sssd.conf.5.xml:1417 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1422 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1422 +#: sssd.conf.5.xml:1425 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1425 +#: sssd.conf.5.xml:1428 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1432 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1435 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1436 sssd.8.xml:63 +#: sssd.conf.5.xml:1439 sssd.8.xml:63 msgid "Default: 1" msgstr "Noklusējuma: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1442 +#: sssd.conf.5.xml:1445 msgid "pam_response_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:1448 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1769,51 +1776,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1453 +#: sssd.conf.5.xml:1456 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1463 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1461 +#: sssd.conf.5.xml:1464 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1464 +#: sssd.conf.5.xml:1467 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1465 +#: sssd.conf.5.xml:1468 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:1472 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1470 +#: sssd.conf.5.xml:1473 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1458 +#: sssd.conf.5.xml:1461 msgid "" "Currently the following filters are supported: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1477 +#: sssd.conf.5.xml:1480 msgid "" "The list of strings can either be the list of filters which would set this " "list of filters and overwrite the defaults. Or each element of the list can " @@ -1824,23 +1831,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1488 +#: sssd.conf.5.xml:1491 msgid "Default: ENV:KRB5CCNAME:sudo, ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1491 +#: sssd.conf.5.xml:1494 msgid "" "Example: -ENV:KRB5CCNAME:sudo-i will remove the filter from the default list" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1498 +#: sssd.conf.5.xml:1501 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1501 +#: sssd.conf.5.xml:1504 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1848,7 +1855,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1507 +#: sssd.conf.5.xml:1510 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1857,17 +1864,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1521 +#: sssd.conf.5.xml:1524 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1524 sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:1527 sssd.conf.5.xml:2990 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1527 +#: sssd.conf.5.xml:1530 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1875,32 +1882,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1533 sssd.conf.5.xml:2990 +#: sssd.conf.5.xml:1536 sssd.conf.5.xml:2993 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1541 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1543 sssd.conf.5.xml:3990 sssd-ldap.5.xml:607 -#: sssd-ldap.5.xml:1673 sssd.8.xml:79 +#: sssd.conf.5.xml:1546 sssd.conf.5.xml:3993 sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:1684 sssd.8.xml:79 msgid "Default: 0" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1560 +#: sssd.conf.5.xml:1563 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1563 +#: sssd.conf.5.xml:1566 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1910,75 +1917,75 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1573 +#: sssd.conf.5.xml:1576 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1577 +#: sssd.conf.5.xml:1580 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1584 +#: sssd.conf.5.xml:1587 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1587 +#: sssd.conf.5.xml:1590 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1591 +#: sssd.conf.5.xml:1594 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1595 +#: sssd.conf.5.xml:1598 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1602 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1603 sssd.conf.5.xml:1628 sssd.conf.5.xml:1647 -#: sssd.conf.5.xml:1884 sssd.conf.5.xml:2725 sssd.conf.5.xml:3919 -#: sssd-ldap.5.xml:1210 +#: sssd.conf.5.xml:1606 sssd.conf.5.xml:1631 sssd.conf.5.xml:1650 +#: sssd.conf.5.xml:1887 sssd.conf.5.xml:2728 sssd.conf.5.xml:3922 +#: sssd-ldap.5.xml:1221 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1611 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1611 +#: sssd.conf.5.xml:1614 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1616 +#: sssd.conf.5.xml:1619 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1627 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1986,19 +1993,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1633 +#: sssd.conf.5.xml:1636 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1639 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1643 +#: sssd.conf.5.xml:1646 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -2006,46 +2013,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1652 +#: sssd.conf.5.xml:1655 msgid "pam_passkey_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1655 +#: sssd.conf.5.xml:1658 msgid "Enable passkey device based authentication." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1658 sssd.conf.5.xml:1970 sssd-ad.5.xml:1272 +#: sssd.conf.5.xml:1661 sssd.conf.5.xml:1973 sssd-ad.5.xml:1275 #: sss_rpcidmapd.5.xml:76 sssd-files.5.xml:145 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1663 +#: sssd.conf.5.xml:1666 msgid "passkey_debug_libfido2 (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1666 +#: sssd.conf.5.xml:1669 msgid "Enable libfido2 library debug messages." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1669 sssd.conf.5.xml:1683 sssd-ldap.5.xml:672 -#: sssd-ldap.5.xml:693 sssd-ldap.5.xml:789 sssd-ldap.5.xml:1296 -#: sssd-ad.5.xml:506 sssd-ad.5.xml:582 sssd-ad.5.xml:1127 sssd-ad.5.xml:1176 +#: sssd.conf.5.xml:1672 sssd.conf.5.xml:1686 sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:704 sssd-ldap.5.xml:800 sssd-ldap.5.xml:1307 +#: sssd-ad.5.xml:506 sssd-ad.5.xml:582 sssd-ad.5.xml:1127 sssd-ad.5.xml:1179 #: include/ldap_id_mapping.xml:250 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1674 +#: sssd.conf.5.xml:1677 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1677 +#: sssd.conf.5.xml:1680 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -2053,34 +2060,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1688 +#: sssd.conf.5.xml:1691 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1691 +#: sssd.conf.5.xml:1694 msgid "The path to the certificate database." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1694 sssd.conf.5.xml:2219 sssd.conf.5.xml:4411 +#: sssd.conf.5.xml:1697 sssd.conf.5.xml:2222 sssd.conf.5.xml:4414 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1696 sssd.conf.5.xml:2221 +#: sssd.conf.5.xml:1699 sssd.conf.5.xml:2224 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (path to a file with trusted CA " "certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:1709 msgid "pam_cert_verification (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:1712 msgid "" "With this parameter the PAM certificate verification can be tuned with a " "comma separated list of options that override the " @@ -2090,7 +2097,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:1723 #, no-wrap msgid "" "pam_cert_verification = partial_chain\n" @@ -2098,61 +2105,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:1727 msgid "" "Default: not set, i.e. use default <quote>certificate_verification</quote> " "option defined in <quote>[sssd]</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1731 +#: sssd.conf.5.xml:1734 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1734 +#: sssd.conf.5.xml:1737 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1743 +#: sssd.conf.5.xml:1746 #, fuzzy #| msgid "timeout (integer)" msgid "passkey_child_timeout (integer)" msgstr "noildze (vesels skaitlis)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 +#: sssd.conf.5.xml:1749 msgid "" "How many seconds will the PAM responder wait for passkey_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1758 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1761 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1767 +#: sssd.conf.5.xml:1770 msgid "pam_p11_allowed_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1770 +#: sssd.conf.5.xml:1773 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1785 +#: sssd.conf.5.xml:1788 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -2160,7 +2167,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1774 +#: sssd.conf.5.xml:1777 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -2172,63 +2179,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1789 sssd-ad.5.xml:645 sssd-ad.5.xml:754 sssd-ad.5.xml:812 +#: sssd.conf.5.xml:1792 sssd-ad.5.xml:645 sssd-ad.5.xml:754 sssd-ad.5.xml:812 #: sssd-ad.5.xml:870 sssd-ad.5.xml:948 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1794 sssd-ad.5.xml:649 +#: sssd.conf.5.xml:1797 sssd-ad.5.xml:649 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1799 sssd-ad.5.xml:654 +#: sssd.conf.5.xml:1802 sssd-ad.5.xml:654 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1804 sssd-ad.5.xml:659 +#: sssd.conf.5.xml:1807 sssd-ad.5.xml:659 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1809 sssd-ad.5.xml:674 +#: sssd.conf.5.xml:1812 sssd-ad.5.xml:674 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1814 sssd-ad.5.xml:669 +#: sssd.conf.5.xml:1817 sssd-ad.5.xml:669 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1819 sssd-ad.5.xml:679 +#: sssd.conf.5.xml:1822 sssd-ad.5.xml:679 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1824 sssd-ad.5.xml:957 +#: sssd.conf.5.xml:1827 sssd-ad.5.xml:957 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1829 sssd-ad.5.xml:962 +#: sssd.conf.5.xml:1832 sssd-ad.5.xml:962 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1837 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1845 msgid "p11_wait_for_card_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1845 +#: sssd.conf.5.xml:1848 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2236,12 +2243,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1856 +#: sssd.conf.5.xml:1859 msgid "p11_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1859 +#: sssd.conf.5.xml:1862 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " @@ -2252,7 +2259,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1872 +#: sssd.conf.5.xml:1875 #, no-wrap msgid "" "p11_uri = pkcs11:slot-description=My%20Smartcard%20Reader\n" @@ -2260,7 +2267,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1876 +#: sssd.conf.5.xml:1879 #, no-wrap msgid "" "p11_uri = pkcs11:library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2268,7 +2275,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1870 +#: sssd.conf.5.xml:1873 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2277,47 +2284,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1892 msgid "pam_initgroups_scheme" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1897 +#: sssd.conf.5.xml:1900 msgid "always" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1898 +#: sssd.conf.5.xml:1901 msgid "" "Always do an online lookup, please note that pam_id_timeout still applies" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1902 +#: sssd.conf.5.xml:1905 msgid "no_session" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1903 +#: sssd.conf.5.xml:1906 msgid "" "Only do an online lookup if there is no active session of the user, i.e. if " "the user is currently not logged in" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1908 +#: sssd.conf.5.xml:1911 msgid "never" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1909 +#: sssd.conf.5.xml:1912 msgid "" "Never force an online lookup, use the data from the cache as long as they " "are not expired" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1892 +#: sssd.conf.5.xml:1895 msgid "" "The PAM responder can force an online lookup to get the current group " "memberships of the user trying to log in. This option controls when this " @@ -2326,30 +2333,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1916 +#: sssd.conf.5.xml:1919 msgid "Default: no_session" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1921 sssd.conf.5.xml:4350 +#: sssd.conf.5.xml:1924 sssd.conf.5.xml:4353 msgid "pam_gssapi_services" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1924 +#: sssd.conf.5.xml:1927 msgid "" "Comma separated list of PAM services that are allowed to try GSSAPI " "authentication using pam_sss_gss.so module." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:1932 msgid "" "To disable GSSAPI authentication, set this option to <quote>-</quote> (dash)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1933 sssd.conf.5.xml:1964 sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:1936 sssd.conf.5.xml:1967 sssd.conf.5.xml:2005 msgid "" "Note: This option can also be set per-domain which overwrites the value in " "[pam] section. It can also be set for trusted domain which overwrites the " @@ -2357,7 +2364,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1941 +#: sssd.conf.5.xml:1944 #, no-wrap msgid "" "pam_gssapi_services = sudo, sudo-i\n" @@ -2365,22 +2372,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1939 sssd.conf.5.xml:3913 +#: sssd.conf.5.xml:1942 sssd.conf.5.xml:3916 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1945 +#: sssd.conf.5.xml:1948 msgid "Default: - (GSSAPI authentication is disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1950 sssd.conf.5.xml:4351 +#: sssd.conf.5.xml:1953 sssd.conf.5.xml:4354 msgid "pam_gssapi_check_upn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1953 +#: sssd.conf.5.xml:1956 msgid "" "If True, SSSD will require that the Kerberos user principal that " "successfully authenticated through GSSAPI can be associated with the user " @@ -2388,19 +2395,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1960 +#: sssd.conf.5.xml:1963 msgid "" "If False, every user that is able to obtained required service ticket will " "be authenticated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:1978 msgid "pam_gssapi_indicators_map" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1978 +#: sssd.conf.5.xml:1981 msgid "" "Comma separated list of authentication indicators required to be present in " "a Kerberos ticket to access a PAM service that is allowed to try GSSAPI " @@ -2408,7 +2415,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1984 +#: sssd.conf.5.xml:1987 msgid "" "Each element of the list can be either an authentication indicator name or a " "pair <quote>service:indicator</quote>. Indicators not prefixed with the PAM " @@ -2423,7 +2430,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1997 +#: sssd.conf.5.xml:2000 msgid "" "To disable GSSAPI authentication indicator check, set this option to <quote>-" "</quote> (dash). To disable the check for a specific PAM service, add " @@ -2431,45 +2438,45 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2008 +#: sssd.conf.5.xml:2011 msgid "" "Following authentication indicators are supported by IPA Kerberos " "deployments:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2011 +#: sssd.conf.5.xml:2014 msgid "" "pkinit -- pre-authentication using X.509 certificates -- whether stored in " "files or on smart cards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2014 +#: sssd.conf.5.xml:2017 msgid "" "hardened -- SPAKE pre-authentication or any pre-authentication wrapped in a " "FAST channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2017 +#: sssd.conf.5.xml:2020 msgid "radius -- pre-authentication with the help of a RADIUS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2020 +#: sssd.conf.5.xml:2023 msgid "" "otp -- pre-authentication using integrated two-factor authentication (2FA or " "one-time password, OTP) in IPA." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2023 +#: sssd.conf.5.xml:2026 msgid "idp -- pre-authentication using external identity provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2033 +#: sssd.conf.5.xml:2036 #, no-wrap msgid "" "pam_gssapi_indicators_map = sudo:pkinit, sudo-i:pkinit\n" @@ -2477,7 +2484,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2028 +#: sssd.conf.5.xml:2031 msgid "" "Example: to require access to SUDO services only for users which obtained " "their Kerberos tickets with a X.509 certificate pre-authentication (PKINIT), " @@ -2485,17 +2492,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2037 +#: sssd.conf.5.xml:2040 msgid "Default: not set (use of authentication indicators is not required)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2048 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2047 +#: sssd.conf.5.xml:2050 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2506,24 +2513,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2064 +#: sssd.conf.5.xml:2067 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2067 +#: sssd.conf.5.xml:2070 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2079 +#: sssd.conf.5.xml:2082 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2082 +#: sssd.conf.5.xml:2085 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2533,22 +2540,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2101 +#: sssd.conf.5.xml:2104 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2103 +#: sssd.conf.5.xml:2106 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2107 +#: sssd.conf.5.xml:2110 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2110 +#: sssd.conf.5.xml:2113 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2556,51 +2563,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2126 +#: sssd.conf.5.xml:2129 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2128 +#: sssd.conf.5.xml:2131 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:2135 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2135 +#: sssd.conf.5.xml:2138 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2144 +#: sssd.conf.5.xml:2147 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2147 +#: sssd.conf.5.xml:2150 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2154 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2156 +#: sssd.conf.5.xml:2159 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2159 +#: sssd.conf.5.xml:2162 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2609,12 +2616,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2174 +#: sssd.conf.5.xml:2177 msgid "ssh_use_certificate_matching_rules (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2177 +#: sssd.conf.5.xml:2180 msgid "" "By default the ssh responder will use all available certificate matching " "rules to filter the certificates so that ssh keys are only derived from the " @@ -2624,7 +2631,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2186 +#: sssd.conf.5.xml:2189 msgid "" "There are two special key words 'all_rules' and 'no_rules' which will enable " "all or no rules, respectively. The latter means that no certificates will be " @@ -2632,7 +2639,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2193 +#: sssd.conf.5.xml:2196 msgid "" "If no rules are configured using 'all_rules' will enable a default rule " "which enables all certificates suitable for client authentication. This is " @@ -2641,38 +2648,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2200 +#: sssd.conf.5.xml:2203 msgid "" "A non-existing rule name is considered an error. If as a result no rule is " "selected all certificates will be ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2205 +#: sssd.conf.5.xml:2208 msgid "" "Default: not set, equivalent to 'all_rules', all found rules or the default " "rule are used" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2211 +#: sssd.conf.5.xml:2214 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2214 +#: sssd.conf.5.xml:2217 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2234 +#: sssd.conf.5.xml:2237 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2239 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2683,7 +2690,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2245 +#: sssd.conf.5.xml:2248 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2694,24 +2701,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2253 +#: sssd.conf.5.xml:2256 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2259 +#: sssd.conf.5.xml:2262 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2263 sssd-ifp.5.xml:66 +#: sssd.conf.5.xml:2266 sssd-ifp.5.xml:66 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2266 +#: sssd.conf.5.xml:2269 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2719,19 +2726,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2272 +#: sssd.conf.5.xml:2275 msgid "" "Default: 0, &sssd_user_name; (only root and SSSD service users are allowed " "to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2279 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2280 +#: sssd.conf.5.xml:2283 msgid "" "Please note that defaults will be overwritten with this option. If you still " "want to allow the root and/or '&sssd_user_name;' user to access the PAC " @@ -2740,7 +2747,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2287 +#: sssd.conf.5.xml:2290 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2749,24 +2756,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2296 +#: sssd.conf.5.xml:2299 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2299 +#: sssd.conf.5.xml:2302 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2309 +#: sssd.conf.5.xml:2312 msgid "pac_check (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2312 +#: sssd.conf.5.xml:2315 msgid "" "Apply additional checks on the PAC of the Kerberos ticket which is available " "in Active Directory and FreeIPA domains, if configured. Please note that " @@ -2777,24 +2784,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2326 +#: sssd.conf.5.xml:2329 msgid "no_check" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2328 +#: sssd.conf.5.xml:2331 msgid "" "The PAC must not be present and even if it is present no additional checks " "will be done." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2334 +#: sssd.conf.5.xml:2337 msgid "pac_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:2339 msgid "" "The PAC must be present in the service ticket which SSSD will request with " "the help of the user's TGT. If the PAC is not available the authentication " @@ -2802,24 +2809,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2344 +#: sssd.conf.5.xml:2347 msgid "check_upn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2346 +#: sssd.conf.5.xml:2349 msgid "" "If the PAC is present check if the user principal name (UPN) information is " "consistent." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2352 +#: sssd.conf.5.xml:2355 msgid "check_upn_allow_missing" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2357 msgid "" "This option should be used together with 'check_upn' and handles the case " "where a UPN is set on the server-side but is not read by SSSD. The typical " @@ -2831,7 +2838,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2366 +#: sssd.conf.5.xml:2369 msgid "" "Currently this option is set by default to avoid regressions in such " "environments. A log message will be added to the system log and SSSD's debug " @@ -2842,60 +2849,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2380 +#: sssd.conf.5.xml:2383 msgid "upn_dns_info_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2382 +#: sssd.conf.5.xml:2385 msgid "The PAC must contain the UPN-DNS-INFO buffer, implies 'check_upn'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2387 +#: sssd.conf.5.xml:2390 msgid "check_upn_dns_info_ex" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2389 +#: sssd.conf.5.xml:2392 msgid "" "If the PAC is present and the extension to the UPN-DNS-INFO buffer is " "available check if the information in the extension is consistent." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2396 +#: sssd.conf.5.xml:2399 msgid "upn_dns_info_ex_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2401 msgid "" "The PAC must contain the extension of the UPN-DNS-INFO buffer, implies " "'check_upn_dns_info_ex', 'upn_dns_info_present' and 'check_upn'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2325 msgid "" "The following options can be used alone or in a comma-separated list: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2408 +#: sssd.conf.5.xml:2411 msgid "" "Default: no_check (AD and IPA provider 'check_upn, check_upn_allow_missing, " "check_upn_dns_info_ex')" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2417 +#: sssd.conf.5.xml:2420 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2419 +#: sssd.conf.5.xml:2422 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2905,66 +2912,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2432 +#: sssd.conf.5.xml:2435 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2436 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:2439 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2443 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:2446 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2446 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:2449 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2451 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:2454 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2454 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:2457 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2463 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:2466 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2466 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:2469 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2439 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:2442 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:2476 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2478 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:2481 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2481 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:2484 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2972,17 +2979,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2487 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:2490 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2492 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:2495 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2495 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:2498 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2990,7 +2997,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2501 sssd.conf.5.xml:2533 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:2504 sssd.conf.5.xml:2536 sssd-session-recording.5.xml:129 #: sssd-session-recording.5.xml:161 msgid "" "NOTE: using this option (having it set to anything) has a considerable " @@ -2999,57 +3006,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2508 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:2511 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2513 sssd-session-recording.5.xml:141 +#: sssd.conf.5.xml:2516 sssd-session-recording.5.xml:141 msgid "exclude_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2516 sssd-session-recording.5.xml:144 +#: sssd.conf.5.xml:2519 sssd-session-recording.5.xml:144 msgid "" "A comma-separated list of users to be excluded from recording, only " "applicable with 'scope=all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2520 sssd-session-recording.5.xml:148 +#: sssd.conf.5.xml:2523 sssd-session-recording.5.xml:148 msgid "Default: Empty. No users excluded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2525 sssd-session-recording.5.xml:153 +#: sssd.conf.5.xml:2528 sssd-session-recording.5.xml:153 msgid "exclude_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2528 sssd-session-recording.5.xml:156 +#: sssd.conf.5.xml:2531 sssd-session-recording.5.xml:156 msgid "" "A comma-separated list of groups, members of which should be excluded from " "recording. Only applicable with 'scope=all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2540 sssd-session-recording.5.xml:168 +#: sssd.conf.5.xml:2543 sssd-session-recording.5.xml:168 msgid "Default: Empty. No groups excluded." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:2550 +#: sssd.conf.5.xml:2553 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para> -#: sssd.conf.5.xml:2557 sssd.conf.5.xml:4041 sssd.conf.5.xml:4042 -#: sssd.conf.5.xml:4045 +#: sssd.conf.5.xml:2560 sssd.conf.5.xml:4044 sssd.conf.5.xml:4045 +#: sssd.conf.5.xml:4048 msgid "enabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2560 +#: sssd.conf.5.xml:2563 msgid "" "Explicitly enable or disable the domain. If <quote>true</quote>, the domain " "is always <quote>enabled</quote>. If <quote>false</quote>, the domain is " @@ -3059,12 +3066,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2572 +#: sssd.conf.5.xml:2575 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2578 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -3073,14 +3080,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2583 +#: sssd.conf.5.xml:2586 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2587 +#: sssd.conf.5.xml:2590 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -3089,38 +3096,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2595 +#: sssd.conf.5.xml:2598 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2602 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2603 +#: sssd.conf.5.xml:2606 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2609 +#: sssd.conf.5.xml:2612 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2615 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2617 +#: sssd.conf.5.xml:2620 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -3129,24 +3136,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2627 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2631 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2637 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2637 +#: sssd.conf.5.xml:2640 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -3155,36 +3162,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:2648 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:2651 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2651 sssd.conf.5.xml:2942 sssd.conf.5.xml:3119 +#: sssd.conf.5.xml:2654 sssd.conf.5.xml:2945 sssd.conf.5.xml:3122 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2654 +#: sssd.conf.5.xml:2657 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2659 +#: sssd.conf.5.xml:2662 msgid "" "Feature is only supported for domains with id_provider = ldap or id_provider " "= proxy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2663 +#: sssd.conf.5.xml:2666 msgid "" "Note: Enabling enumeration has a severe performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -3198,14 +3205,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2678 +#: sssd.conf.5.xml:2681 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2683 +#: sssd.conf.5.xml:2686 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -3214,14 +3221,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2694 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2696 +#: sssd.conf.5.xml:2699 msgid "" "Note: the proxy provider is tested with open source modules like " "'libnss_files' and 'libnss_ldap'. 3rd party modules must follow the " @@ -3229,32 +3236,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2705 +#: sssd.conf.5.xml:2708 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2712 +#: sssd.conf.5.xml:2715 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2716 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2716 +#: sssd.conf.5.xml:2719 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2717 +#: sssd.conf.5.xml:2720 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2708 +#: sssd.conf.5.xml:2711 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -3263,19 +3270,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2731 +#: sssd.conf.5.xml:2734 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2734 +#: sssd.conf.5.xml:2737 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2738 +#: sssd.conf.5.xml:2741 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -3286,139 +3293,139 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2751 +#: sssd.conf.5.xml:2754 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2757 +#: sssd.conf.5.xml:2760 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2760 +#: sssd.conf.5.xml:2763 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2764 sssd.conf.5.xml:2777 sssd.conf.5.xml:2790 -#: sssd.conf.5.xml:2803 sssd.conf.5.xml:2817 sssd.conf.5.xml:2830 -#: sssd.conf.5.xml:2844 sssd.conf.5.xml:2858 sssd.conf.5.xml:2871 +#: sssd.conf.5.xml:2767 sssd.conf.5.xml:2780 sssd.conf.5.xml:2793 +#: sssd.conf.5.xml:2806 sssd.conf.5.xml:2820 sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2847 sssd.conf.5.xml:2861 sssd.conf.5.xml:2874 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2773 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2776 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2783 +#: sssd.conf.5.xml:2786 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2786 +#: sssd.conf.5.xml:2789 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2796 +#: sssd.conf.5.xml:2799 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2799 +#: sssd.conf.5.xml:2802 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2812 msgid "entry_cache_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2812 +#: sssd.conf.5.xml:2815 msgid "" "How many seconds should nss_sss consider hosts and networks entries valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:2826 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2826 +#: sssd.conf.5.xml:2829 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2836 +#: sssd.conf.5.xml:2839 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2839 +#: sssd.conf.5.xml:2842 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2850 +#: sssd.conf.5.xml:2853 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2853 +#: sssd.conf.5.xml:2856 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2867 msgid "entry_cache_computer_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2867 +#: sssd.conf.5.xml:2870 msgid "" "How many seconds to keep the local computer entry before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2877 +#: sssd.conf.5.xml:2880 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2880 +#: sssd.conf.5.xml:2883 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2885 +#: sssd.conf.5.xml:2888 msgid "" "The background refresh will process users, groups and netgroups in the " "cache. For users who have performed the initgroups (get group membership for " @@ -3427,17 +3434,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2893 +#: sssd.conf.5.xml:2896 msgid "This option is automatically inherited for all trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2897 +#: sssd.conf.5.xml:2900 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2901 +#: sssd.conf.5.xml:2904 msgid "" "Cache entry will be refreshed by background task when 2/3 of cache timeout " "has already passed. If there are existing cached entries, the background " @@ -3449,18 +3456,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2914 sssd-ldap.5.xml:361 sssd-ldap.5.xml:1774 +#: sssd.conf.5.xml:2917 sssd-ldap.5.xml:372 sssd-ldap.5.xml:1785 #: sssd-ipa.5.xml:270 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2920 +#: sssd.conf.5.xml:2923 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:2926 msgid "" "Determines if user credentials are also cached in the local LDB cache. The " "cached credentials refer to passwords, which includes the first (long term) " @@ -3471,7 +3478,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2934 +#: sssd.conf.5.xml:2937 msgid "" "Take a note that while credentials are stored as a salted SHA512 hash, this " "still potentially poses some security risk in case an attacker manages to " @@ -3480,12 +3487,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:2951 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2951 +#: sssd.conf.5.xml:2954 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -3493,19 +3500,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2958 +#: sssd.conf.5.xml:2961 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:2972 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:2975 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -3514,17 +3521,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2979 +#: sssd.conf.5.xml:2982 msgid "Default: 0 (unlimited)" msgstr "Noklusējuma: 0 (neierobežots)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:2987 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2995 +#: sssd.conf.5.xml:2998 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -3533,28 +3540,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3002 +#: sssd.conf.5.xml:3005 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3008 +#: sssd.conf.5.xml:3011 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3011 +#: sssd.conf.5.xml:3014 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3015 +#: sssd.conf.5.xml:3018 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3018 +#: sssd.conf.5.xml:3021 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3562,7 +3569,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3026 +#: sssd.conf.5.xml:3029 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3570,8 +3577,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3034 sssd.conf.5.xml:3145 sssd.conf.5.xml:3196 -#: sssd.conf.5.xml:3259 +#: sssd.conf.5.xml:3037 sssd.conf.5.xml:3148 sssd.conf.5.xml:3199 +#: sssd.conf.5.xml:3262 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Identity Management provider. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3579,8 +3586,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3043 sssd.conf.5.xml:3154 sssd.conf.5.xml:3205 -#: sssd.conf.5.xml:3268 +#: sssd.conf.5.xml:3046 sssd.conf.5.xml:3157 sssd.conf.5.xml:3208 +#: sssd.conf.5.xml:3271 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3588,19 +3595,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3054 +#: sssd.conf.5.xml:3057 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3057 +#: sssd.conf.5.xml:3060 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3062 +#: sssd.conf.5.xml:3065 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -3609,7 +3616,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3070 +#: sssd.conf.5.xml:3073 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -3617,24 +3624,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3077 +#: sssd.conf.5.xml:3080 msgid "" "Default: FALSE (TRUE for trusted domain/sub-domains or if " "default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3084 +#: sssd.conf.5.xml:3087 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3087 +#: sssd.conf.5.xml:3090 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3090 +#: sssd.conf.5.xml:3093 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -3646,7 +3653,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3111 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -3654,30 +3661,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3114 sssd.conf.5.xml:3835 sssd-ldap.5.xml:327 -#: sssd-ldap.5.xml:356 sssd-ldap.5.xml:409 sssd-ldap.5.xml:469 -#: sssd-ldap.5.xml:490 sssd-ldap.5.xml:521 sssd-ldap.5.xml:544 -#: sssd-ldap.5.xml:583 sssd-ldap.5.xml:602 sssd-ldap.5.xml:626 -#: sssd-ldap.5.xml:1054 sssd-ldap.5.xml:1087 +#: sssd.conf.5.xml:3117 sssd.conf.5.xml:3838 sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:367 sssd-ldap.5.xml:420 sssd-ldap.5.xml:480 +#: sssd-ldap.5.xml:501 sssd-ldap.5.xml:532 sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:594 sssd-ldap.5.xml:613 sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:1065 sssd-ldap.5.xml:1098 msgid "" "This option can be also set per subdomain or inherited via " "<emphasis>subdomain_inherit</emphasis>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3124 +#: sssd.conf.5.xml:3127 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3127 +#: sssd.conf.5.xml:3130 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3131 sssd.conf.5.xml:3189 +#: sssd.conf.5.xml:3134 sssd.conf.5.xml:3192 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3685,7 +3692,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3138 +#: sssd.conf.5.xml:3141 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3693,30 +3700,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3162 +#: sssd.conf.5.xml:3165 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3168 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3168 +#: sssd.conf.5.xml:3171 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3174 +#: sssd.conf.5.xml:3177 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3177 +#: sssd.conf.5.xml:3180 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3724,19 +3731,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3183 +#: sssd.conf.5.xml:3186 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3186 +#: sssd.conf.5.xml:3189 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3213 +#: sssd.conf.5.xml:3216 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3745,7 +3752,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3223 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3753,29 +3760,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3227 +#: sssd.conf.5.xml:3230 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3230 +#: sssd.conf.5.xml:3233 msgid "Default: <quote>permit</quote>" msgstr "Noklusējuma: <quote>atļaut</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3235 +#: sssd.conf.5.xml:3238 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3238 +#: sssd.conf.5.xml:3241 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3243 +#: sssd.conf.5.xml:3246 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3783,7 +3790,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3251 +#: sssd.conf.5.xml:3254 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3791,35 +3798,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3276 +#: sssd.conf.5.xml:3279 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3280 +#: sssd.conf.5.xml:3283 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3283 +#: sssd.conf.5.xml:3286 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3290 +#: sssd.conf.5.xml:3293 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3293 +#: sssd.conf.5.xml:3296 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3297 +#: sssd.conf.5.xml:3300 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3827,32 +3834,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3305 +#: sssd.conf.5.xml:3308 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3309 +#: sssd.conf.5.xml:3312 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3313 +#: sssd.conf.5.xml:3316 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3316 sssd.conf.5.xml:3402 sssd.conf.5.xml:3467 -#: sssd.conf.5.xml:3492 sssd.conf.5.xml:3528 +#: sssd.conf.5.xml:3319 sssd.conf.5.xml:3405 sssd.conf.5.xml:3470 +#: sssd.conf.5.xml:3495 sssd.conf.5.xml:3531 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3320 +#: sssd.conf.5.xml:3323 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3863,7 +3870,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3335 +#: sssd.conf.5.xml:3338 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3872,12 +3879,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3345 +#: sssd.conf.5.xml:3348 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3348 +#: sssd.conf.5.xml:3351 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3885,7 +3892,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3354 +#: sssd.conf.5.xml:3357 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3893,31 +3900,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3362 +#: sssd.conf.5.xml:3365 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3365 +#: sssd.conf.5.xml:3368 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3371 +#: sssd.conf.5.xml:3374 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3374 +#: sssd.conf.5.xml:3377 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3380 +#: sssd.conf.5.xml:3383 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3925,7 +3932,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3389 +#: sssd.conf.5.xml:3392 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3934,17 +3941,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3398 +#: sssd.conf.5.xml:3401 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3408 +#: sssd.conf.5.xml:3411 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3411 +#: sssd.conf.5.xml:3414 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3952,36 +3959,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3418 +#: sssd.conf.5.xml:3421 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3422 +#: sssd.conf.5.xml:3425 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3426 +#: sssd.conf.5.xml:3429 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3433 +#: sssd.conf.5.xml:3436 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3436 +#: sssd.conf.5.xml:3439 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3440 +#: sssd.conf.5.xml:3443 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3989,7 +3996,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3447 +#: sssd.conf.5.xml:3450 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3997,7 +4004,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3455 +#: sssd.conf.5.xml:3458 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4005,24 +4012,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3464 +#: sssd.conf.5.xml:3467 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3474 +#: sssd.conf.5.xml:3477 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3477 +#: sssd.conf.5.xml:3480 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3481 +#: sssd.conf.5.xml:3484 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -4030,31 +4037,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3492 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3499 +#: sssd.conf.5.xml:3502 msgid "resolver_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3502 +#: sssd.conf.5.xml:3505 msgid "" "The provider which should handle hosts and networks lookups. Supported " "resolver providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3506 +#: sssd.conf.5.xml:3509 msgid "" "<quote>proxy</quote> to forward lookups to another NSS library. See " "<quote>proxy_resolver_lib_name</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3510 +#: sssd.conf.5.xml:3513 msgid "" "<quote>ldap</quote> to fetch hosts and networks stored in LDAP. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -4062,7 +4069,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3517 +#: sssd.conf.5.xml:3520 msgid "" "<quote>ad</quote> to fetch hosts and networks stored in AD. See " "<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" @@ -4071,12 +4078,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3525 +#: sssd.conf.5.xml:3528 msgid "<quote>none</quote> disallows fetching hosts and networks explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3538 +#: sssd.conf.5.xml:3541 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -4086,24 +4093,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3547 +#: sssd.conf.5.xml:3550 msgid "" "Default: <quote>^((?P<name>.+)@(?P<domain>[^@]*)|(?P<name>" "[^@]+))$</quote> which allows two different styles for user names:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3552 sssd.conf.5.xml:3566 +#: sssd.conf.5.xml:3555 sssd.conf.5.xml:3569 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3555 sssd.conf.5.xml:3569 +#: sssd.conf.5.xml:3558 sssd.conf.5.xml:3572 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3560 +#: sssd.conf.5.xml:3563 msgid "" "Default for the AD and IPA provider: <quote>^(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+))|((?P<name>.+)@(?P<domain>[^@]+))|((?P<" @@ -4112,19 +4119,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3572 +#: sssd.conf.5.xml:3575 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3575 +#: sssd.conf.5.xml:3578 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3580 +#: sssd.conf.5.xml:3583 msgid "" "The default re_expression uses the <quote>@</quote> character as a separator " "between the name and the domain. As a result of this setting the default " @@ -4134,93 +4141,93 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3632 +#: sssd.conf.5.xml:3635 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Noklusējuma: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3638 +#: sssd.conf.5.xml:3641 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3641 +#: sssd.conf.5.xml:3644 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3645 +#: sssd.conf.5.xml:3648 msgid "Supported values:" msgstr "Atbalstītās vērtības:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3648 +#: sssd.conf.5.xml:3651 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3651 +#: sssd.conf.5.xml:3654 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3654 +#: sssd.conf.5.xml:3657 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3657 +#: sssd.conf.5.xml:3660 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3660 +#: sssd.conf.5.xml:3663 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3666 +#: sssd.conf.5.xml:3669 #, fuzzy #| msgid "timeout (integer)" msgid "dns_resolver_server_timeout (integer)" msgstr "noildze (vesels skaitlis)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3669 +#: sssd.conf.5.xml:3672 msgid "" "Defines the amount of time (in milliseconds) SSSD would try to talk to DNS " "server before trying next DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3674 +#: sssd.conf.5.xml:3677 msgid "" "The AD provider will use this option for the CLDAP ping timeouts as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3678 sssd.conf.5.xml:3698 sssd.conf.5.xml:3719 +#: sssd.conf.5.xml:3681 sssd.conf.5.xml:3701 sssd.conf.5.xml:3722 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3683 sssd-ldap.5.xml:645 include/failover.xml:84 +#: sssd.conf.5.xml:3686 sssd-ldap.5.xml:656 include/failover.xml:84 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3689 +#: sssd.conf.5.xml:3692 #, fuzzy #| msgid "timeout (integer)" msgid "dns_resolver_op_timeout (integer)" msgstr "noildze (vesels skaitlis)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3692 +#: sssd.conf.5.xml:3695 msgid "" "Defines the amount of time (in seconds) to wait to resolve single DNS query " "(e.g. resolution of a hostname or an SRV record) before trying the next " @@ -4228,17 +4235,17 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3703 include/failover.xml:100 +#: sssd.conf.5.xml:3706 include/failover.xml:100 msgid "Default: 3" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3709 +#: sssd.conf.5.xml:3712 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3712 +#: sssd.conf.5.xml:3715 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -4247,14 +4254,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3730 +#: sssd.conf.5.xml:3733 #, fuzzy #| msgid "timeout (integer)" msgid "dns_resolver_use_search_list (bool)" msgstr "noildze (vesels skaitlis)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3733 +#: sssd.conf.5.xml:3736 msgid "" "Normally, the DNS resolver searches the domain list defined in the " "\"search\" directive from the resolv.conf file. This can lead to delays in " @@ -4262,7 +4269,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3739 +#: sssd.conf.5.xml:3742 msgid "" "If fully qualified domain names (or _srv_) are used in the SSSD " "configuration, setting this option to FALSE can prevent unnecessary DNS " @@ -4270,38 +4277,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3745 +#: sssd.conf.5.xml:3748 #, fuzzy #| msgid "Default: 6" msgid "Default: TRUE" msgstr "Noklusējuma: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3751 +#: sssd.conf.5.xml:3754 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3754 +#: sssd.conf.5.xml:3757 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3758 +#: sssd.conf.5.xml:3761 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3764 +#: sssd.conf.5.xml:3767 #, fuzzy #| msgid "timeout (integer)" msgid "failover_primary_timeout (integer)" msgstr "noildze (vesels skaitlis)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3767 +#: sssd.conf.5.xml:3770 msgid "" "When no primary server is available, SSSD fails over to a backup server. " "This option defines the number of seconds SSSD waits before attempting to " @@ -4309,59 +4316,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3774 +#: sssd.conf.5.xml:3777 msgid "Note: The minimum value is 31." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3777 +#: sssd.conf.5.xml:3780 #, fuzzy #| msgid "Default: 1" msgid "Default: 31" msgstr "Noklusējuma: 1" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3783 +#: sssd.conf.5.xml:3786 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3786 +#: sssd.conf.5.xml:3789 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3792 +#: sssd.conf.5.xml:3795 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3799 +#: sssd.conf.5.xml:3802 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3802 +#: sssd.conf.5.xml:3805 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3808 +#: sssd.conf.5.xml:3811 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3810 +#: sssd.conf.5.xml:3813 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3814 +#: sssd.conf.5.xml:3817 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3817 +#: sssd.conf.5.xml:3820 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -4369,31 +4376,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3825 +#: sssd.conf.5.xml:3828 msgid "" "If you want to set this value for trusted domain with IPA provider, you need " "to set it on both the client and SSSD on the server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3795 +#: sssd.conf.5.xml:3798 msgid "" "Treat user and group names as case sensitive. Possible option values are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3840 +#: sssd.conf.5.xml:3843 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3846 +#: sssd.conf.5.xml:3849 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3849 +#: sssd.conf.5.xml:3852 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -4401,114 +4408,114 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3855 +#: sssd.conf.5.xml:3858 msgid "ldap_search_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3858 +#: sssd.conf.5.xml:3861 msgid "ldap_network_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3861 +#: sssd.conf.5.xml:3864 msgid "ldap_opt_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3864 +#: sssd.conf.5.xml:3867 #, fuzzy #| msgid "timeout (integer)" msgid "ldap_offline_timeout" msgstr "noildze (vesels skaitlis)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3867 +#: sssd.conf.5.xml:3870 #, fuzzy #| msgid "timeout (integer)" msgid "ldap_enumeration_refresh_timeout" msgstr "noildze (vesels skaitlis)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3870 +#: sssd.conf.5.xml:3873 msgid "ldap_enumeration_refresh_offset" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3873 +#: sssd.conf.5.xml:3876 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3876 +#: sssd.conf.5.xml:3879 msgid "ldap_purge_cache_offset" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3879 +#: sssd.conf.5.xml:3882 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3883 +#: sssd.conf.5.xml:3886 msgid "ldap_krb5_ticket_lifetime" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3886 +#: sssd.conf.5.xml:3889 #, fuzzy #| msgid "timeout (integer)" msgid "ldap_enumeration_search_timeout" msgstr "noildze (vesels skaitlis)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3889 +#: sssd.conf.5.xml:3892 #, fuzzy #| msgid "timeout (integer)" msgid "ldap_connection_expire_timeout" msgstr "noildze (vesels skaitlis)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3892 +#: sssd.conf.5.xml:3895 #, fuzzy #| msgid "timeout (integer)" msgid "ldap_connection_expire_offset" msgstr "noildze (vesels skaitlis)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3895 +#: sssd.conf.5.xml:3898 msgid "ldap_connection_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3898 sssd-ldap.5.xml:401 +#: sssd.conf.5.xml:3901 sssd-ldap.5.xml:412 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3901 +#: sssd.conf.5.xml:3904 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3904 +#: sssd.conf.5.xml:3907 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3907 +#: sssd.conf.5.xml:3910 msgid "auto_private_groups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3910 +#: sssd.conf.5.xml:3913 msgid "case_sensitive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3915 +#: sssd.conf.5.xml:3918 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -4516,27 +4523,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3922 +#: sssd.conf.5.xml:3925 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3929 +#: sssd.conf.5.xml:3932 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3940 +#: sssd.conf.5.xml:3943 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3941 +#: sssd.conf.5.xml:3944 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3932 +#: sssd.conf.5.xml:3935 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -4546,34 +4553,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3946 +#: sssd.conf.5.xml:3949 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3950 +#: sssd.conf.5.xml:3953 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3955 +#: sssd.conf.5.xml:3958 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3958 +#: sssd.conf.5.xml:3961 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3964 +#: sssd.conf.5.xml:3967 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3967 +#: sssd.conf.5.xml:3970 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -4582,19 +4589,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3975 +#: sssd.conf.5.xml:3978 msgid "" "This option's value is inherited by all trusted domains. At the moment it is " "not possible to set a different value per trusted domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3980 +#: sssd.conf.5.xml:3983 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3984 +#: sssd.conf.5.xml:3987 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -4602,12 +4609,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3995 +#: sssd.conf.5.xml:3998 msgid "local_auth_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3998 +#: sssd.conf.5.xml:4001 msgid "" "Local authentication methods policy. Some backends (i.e. LDAP, proxy " "provider) only support a password based authentication, while others can " @@ -4619,7 +4626,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4010 +#: sssd.conf.5.xml:4013 msgid "" "There are three possible values for this option: match, only, enable. " "<quote>match</quote> is used to match offline and online states for Kerberos " @@ -4631,7 +4638,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4023 +#: sssd.conf.5.xml:4026 msgid "" "The following table shows which authentication methods, if configured " "properly, are currently enabled or disabled for each backend, with the " @@ -4639,42 +4646,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4036 +#: sssd.conf.5.xml:4039 msgid "local_auth_policy = match (default)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4037 +#: sssd.conf.5.xml:4040 msgid "Passkey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4038 +#: sssd.conf.5.xml:4041 msgid "Smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4041 sssd-ldap.5.xml:189 +#: sssd.conf.5.xml:4044 sssd-ldap.5.xml:189 msgid "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4044 sssd-ldap.5.xml:194 +#: sssd.conf.5.xml:4047 sssd-ldap.5.xml:194 msgid "AD" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para> -#: sssd.conf.5.xml:4044 sssd.conf.5.xml:4047 sssd.conf.5.xml:4048 +#: sssd.conf.5.xml:4047 sssd.conf.5.xml:4050 sssd.conf.5.xml:4051 msgid "disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry> -#: sssd.conf.5.xml:4047 +#: sssd.conf.5.xml:4050 msgid "LDAP" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4052 +#: sssd.conf.5.xml:4055 msgid "" "Please note that if local Smartcard authentication is enabled and a " "Smartcard is present, Smartcard authentication will be preferred over the " @@ -4683,7 +4690,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4064 +#: sssd.conf.5.xml:4067 #, no-wrap msgid "" "[domain/shadowutils]\n" @@ -4694,7 +4701,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4060 +#: sssd.conf.5.xml:4063 msgid "" "The following configuration example allows local users to authenticate " "locally using any enabled method (i.e. smartcard, passkey). <placeholder " @@ -4702,38 +4709,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4072 +#: sssd.conf.5.xml:4075 msgid "" "It is expected that the <quote>files</quote> provider ignores the " "local_auth_policy option and supports Smartcard authentication by default." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4077 +#: sssd.conf.5.xml:4080 #, fuzzy #| msgid "Default: 6" msgid "Default: match" msgstr "Noklusējuma: 6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4082 +#: sssd.conf.5.xml:4085 msgid "auto_private_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4088 +#: sssd.conf.5.xml:4091 msgid "true" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4091 +#: sssd.conf.5.xml:4094 msgid "" "Create user's private group unconditionally from user's UID number. The GID " "number is ignored in this case." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4095 +#: sssd.conf.5.xml:4098 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -4742,24 +4749,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4104 +#: sssd.conf.5.xml:4107 msgid "false" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4107 +#: sssd.conf.5.xml:4110 msgid "" "Always use the user's primary GID number. The GID number must refer to a " "group object in the LDAP database." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4113 +#: sssd.conf.5.xml:4116 msgid "hybrid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4116 +#: sssd.conf.5.xml:4119 msgid "" "A primary group is autogenerated for user entries whose UID and GID numbers " "have the same value and at the same time the GID number does not correspond " @@ -4769,14 +4776,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4129 +#: sssd.conf.5.xml:4132 msgid "" "If the UID and GID of a user are different, then the GID must correspond to " "a group entry, otherwise the GID is simply not resolvable." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4136 +#: sssd.conf.5.xml:4139 msgid "" "This feature is useful for environments that wish to stop maintaining a " "separate group objects for the user private groups, but also wish to retain " @@ -4784,21 +4791,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4085 +#: sssd.conf.5.xml:4088 msgid "" "This option takes any of three available values: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4148 +#: sssd.conf.5.xml:4151 msgid "" "For subdomains, the default value is False for subdomains that use assigned " "POSIX IDs and True for subdomains that use automatic ID-mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4156 +#: sssd.conf.5.xml:4159 #, no-wrap msgid "" "[domain/forest.domain/sub.domain]\n" @@ -4806,7 +4813,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4162 +#: sssd.conf.5.xml:4165 #, no-wrap msgid "" "[domain/forest.domain]\n" @@ -4815,7 +4822,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4153 +#: sssd.conf.5.xml:4156 msgid "" "The value of auto_private_groups can either be set per subdomains in a " "subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " @@ -4824,7 +4831,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2552 +#: sssd.conf.5.xml:2555 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -4832,17 +4839,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4177 +#: sssd.conf.5.xml:4180 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4180 +#: sssd.conf.5.xml:4183 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4183 +#: sssd.conf.5.xml:4186 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here. As an alternative you can " @@ -4850,12 +4857,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4193 +#: sssd.conf.5.xml:4196 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4196 +#: sssd.conf.5.xml:4199 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -4863,12 +4870,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4206 +#: sssd.conf.5.xml:4209 msgid "proxy_resolver_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4209 +#: sssd.conf.5.xml:4212 msgid "" "The name of the NSS library to use for hosts and networks lookups in proxy " "domains. The NSS functions searched for in the library are in the form of " @@ -4876,12 +4883,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4220 +#: sssd.conf.5.xml:4223 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4223 +#: sssd.conf.5.xml:4226 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -4890,12 +4897,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4237 +#: sssd.conf.5.xml:4240 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4240 +#: sssd.conf.5.xml:4243 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -4903,19 +4910,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4173 +#: sssd.conf.5.xml:4176 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" " "id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:4256 +#: sssd.conf.5.xml:4259 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4258 +#: sssd.conf.5.xml:4261 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -4932,7 +4939,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4278 +#: sssd.conf.5.xml:4281 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -4940,17 +4947,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:4284 +#: sssd.conf.5.xml:4287 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4286 +#: sssd.conf.5.xml:4289 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4289 +#: sssd.conf.5.xml:4292 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -4959,7 +4966,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4303 +#: sssd.conf.5.xml:4306 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -4969,7 +4976,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:4311 +#: sssd.conf.5.xml:4314 #, no-wrap msgid "" "[sssd]\n" @@ -4989,12 +4996,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4331 +#: sssd.conf.5.xml:4334 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4333 +#: sssd.conf.5.xml:4336 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -5005,69 +5012,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4340 +#: sssd.conf.5.xml:4343 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4341 +#: sssd.conf.5.xml:4344 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4342 +#: sssd.conf.5.xml:4345 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4343 +#: sssd.conf.5.xml:4346 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4344 +#: sssd.conf.5.xml:4347 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4345 +#: sssd.conf.5.xml:4348 msgid "ldap_sasl_mech," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4346 +#: sssd.conf.5.xml:4349 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4347 +#: sssd.conf.5.xml:4350 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4348 +#: sssd.conf.5.xml:4351 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4349 sssd-ipa.5.xml:884 +#: sssd.conf.5.xml:4352 sssd-ipa.5.xml:948 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4353 +#: sssd.conf.5.xml:4356 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4359 +#: sssd.conf.5.xml:4362 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4361 +#: sssd.conf.5.xml:4364 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -5080,7 +5087,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4375 +#: sssd.conf.5.xml:4378 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -5088,7 +5095,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4384 +#: sssd.conf.5.xml:4387 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -5097,55 +5104,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4391 +#: sssd.conf.5.xml:4394 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4394 +#: sssd.conf.5.xml:4397 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4398 +#: sssd.conf.5.xml:4401 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4405 +#: sssd.conf.5.xml:4408 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4408 +#: sssd.conf.5.xml:4411 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4414 +#: sssd.conf.5.xml:4417 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4420 +#: sssd.conf.5.xml:4423 msgid "" -"The RULE_NAME for the <quote>files</quote> provider which tries to find a " -"user with the same name." +"If maprule is not set and provider is <quote>proxy</quote><phrase " +"condition=\"with_files_provider\">  or <quote>files</quote></phrase>, " +"the RULE_NAME name is assumed to be the name of the matching user." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4429 +#: sssd.conf.5.xml:4434 msgid "domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4432 +#: sssd.conf.5.xml:4437 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -5154,17 +5162,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4439 +#: sssd.conf.5.xml:4444 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4444 +#: sssd.conf.5.xml:4449 msgid "priority (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4447 +#: sssd.conf.5.xml:4452 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -5172,26 +5180,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4453 +#: sssd.conf.5.xml:4458 msgid "Default: the lowest priority" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4459 +#: sssd.conf.5.xml:4464 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4465 +#: sssd.conf.5.xml:4470 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4471 +#: sssd.conf.5.xml:4476 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -5200,17 +5208,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4480 +#: sssd.conf.5.xml:4485 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4488 +#: sssd.conf.5.xml:4493 msgid "PROMPTING CONFIGURATION SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4490 +#: sssd.conf.5.xml:4495 msgid "" "If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" "filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " @@ -5220,7 +5228,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4498 +#: sssd.conf.5.xml:4503 msgid "" "With the growing number of authentication methods and the possibility that " "there are multiple ones for a single user the heuristic used by pam_sss to " @@ -5229,59 +5237,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4510 +#: sssd.conf.5.xml:4515 msgid "[prompting/password]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4513 +#: sssd.conf.5.xml:4518 msgid "password_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4514 +#: sssd.conf.5.xml:4519 msgid "to change the string of the password prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4512 +#: sssd.conf.5.xml:4517 msgid "" "to configure password prompting, allowed options are: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4522 +#: sssd.conf.5.xml:4527 msgid "[prompting/2fa]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4526 +#: sssd.conf.5.xml:4531 msgid "first_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4527 +#: sssd.conf.5.xml:4532 msgid "to change the string of the prompt for the first factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4530 +#: sssd.conf.5.xml:4535 msgid "second_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4531 +#: sssd.conf.5.xml:4536 msgid "to change the string of the prompt for the second factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4534 +#: sssd.conf.5.xml:4539 msgid "single_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4535 +#: sssd.conf.5.xml:4540 msgid "" "boolean value, if True there will be only a single prompt using the value of " "first_prompt where it is expected that both factors are entered as a single " @@ -5290,7 +5298,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4524 +#: sssd.conf.5.xml:4529 msgid "" "to configure two-factor authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/> If the second factor is " @@ -5299,7 +5307,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4548 +#: sssd.conf.5.xml:4553 msgid "" "Some clients, such as SSH with 'PasswordAuthentication yes', generate their " "own prompts and do not use prompts provided by SSSD or other PAM modules. " @@ -5310,17 +5318,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4563 +#: sssd.conf.5.xml:4568 msgid "[prompting/passkey]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4569 sssd-ad.5.xml:1022 +#: sssd.conf.5.xml:4574 sssd-ad.5.xml:1022 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4571 +#: sssd.conf.5.xml:4576 msgid "" "boolean value, if True prompt a message and wait before testing the presence " "of a passkey device. Recommended if your device doesn’t have a tactile " @@ -5328,46 +5336,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4579 +#: sssd.conf.5.xml:4584 msgid "interactive_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4581 +#: sssd.conf.5.xml:4586 msgid "to change the message of the interactive prompt." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4586 +#: sssd.conf.5.xml:4591 msgid "touch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4588 +#: sssd.conf.5.xml:4593 msgid "" "boolean value, if True prompt a message to remind the user to touch the " "device." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4594 +#: sssd.conf.5.xml:4599 msgid "touch_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4596 +#: sssd.conf.5.xml:4601 msgid "to change the message of the touch prompt." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4565 +#: sssd.conf.5.xml:4570 msgid "" "to configure passkey authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4505 +#: sssd.conf.5.xml:4510 msgid "" "Each supported authentication method has its own configuration subsection " "under <quote>[prompting/...]</quote>. Currently there are: <placeholder " @@ -5376,7 +5384,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4607 +#: sssd.conf.5.xml:4612 msgid "" "It is possible to add a subsection for specific PAM services, e.g. " "<quote>[prompting/password/sshd]</quote> to individual change the prompting " @@ -5384,12 +5392,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4614 pam_sss_gss.8.xml:157 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:4619 pam_sss_gss.8.xml:157 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4620 +#: sssd.conf.5.xml:4625 #, no-wrap msgid "" "[sssd]\n" @@ -5418,7 +5426,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4616 +#: sssd.conf.5.xml:4621 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -5427,7 +5435,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4652 +#: sssd.conf.5.xml:4657 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -5435,7 +5443,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4646 +#: sssd.conf.5.xml:4651 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -5446,7 +5454,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4663 +#: sssd.conf.5.xml:4668 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -5457,7 +5465,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4657 +#: sssd.conf.5.xml:4662 msgid "" "3. The following example shows the configuration of a certificate mapping " "rule. It is valid for the configured domain <quote>my.domain</quote> and " @@ -5727,8 +5735,17 @@ msgstr "" msgid "ldap_modify - Direct modification of userPassword (not recommended)." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:239 +msgid "" +"exop_force - Try Password Modify Extended Operation (RFC 3062) even if there " +"are no grace logins left. Depending on the type and configuration of the " +"LDAP server the password change might fail because an authenticated bind is " +"not possible." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:240 +#: sssd-ldap.5.xml:251 msgid "" "Note: First, a new connection is established to verify current password by " "binding as the user that requested password change. If successful, this " @@ -5737,74 +5754,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:248 +#: sssd-ldap.5.xml:259 msgid "Default: exop" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:265 msgid "ldap_default_bind_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:268 msgid "The default bind DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:264 +#: sssd-ldap.5.xml:275 msgid "ldap_default_authtok_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:267 +#: sssd-ldap.5.xml:278 msgid "The type of the authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:271 +#: sssd-ldap.5.xml:282 msgid "The two mechanisms currently supported are:" msgstr "Divi pašlaik atbalstītie mehānismi ir:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:274 +#: sssd-ldap.5.xml:285 msgid "password" msgstr "parole" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:288 msgid "obfuscated_password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:291 msgid "Default: password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:283 +#: sssd-ldap.5.xml:294 msgid "" "See the <citerefentry> <refentrytitle>sss_obfuscate</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> manual page for more information." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:294 +#: sssd-ldap.5.xml:305 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 +#: sssd-ldap.5.xml:308 msgid "The authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:314 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:317 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -5813,24 +5830,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:319 +#: sssd-ldap.5.xml:330 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:322 +#: sssd-ldap.5.xml:333 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:349 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:341 +#: sssd-ldap.5.xml:352 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -5838,7 +5855,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:358 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -5847,12 +5864,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:367 +#: sssd-ldap.5.xml:378 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:370 +#: sssd-ldap.5.xml:381 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5860,7 +5877,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:377 +#: sssd-ldap.5.xml:388 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5870,7 +5887,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:397 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5880,67 +5897,67 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:395 +#: sssd-ldap.5.xml:406 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 +#: sssd-ldap.5.xml:415 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:414 +#: sssd-ldap.5.xml:425 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:420 +#: sssd-ldap.5.xml:431 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:423 +#: sssd-ldap.5.xml:434 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:427 sssd-ipa.5.xml:462 sssd-ipa.5.xml:481 sssd-ipa.5.xml:500 -#: sssd-ipa.5.xml:519 +#: sssd-ldap.5.xml:438 sssd-ipa.5.xml:526 sssd-ipa.5.xml:545 sssd-ipa.5.xml:564 +#: sssd-ipa.5.xml:583 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " "multiple search bases." msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:432 sssd-ipa.5.xml:467 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:443 sssd-ipa.5.xml:531 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:450 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:444 +#: sssd-ldap.5.xml:455 msgid "ldap_iphost_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:449 +#: sssd-ldap.5.xml:460 msgid "ldap_ipnetwork_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:465 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:468 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5948,7 +5965,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:463 +#: sssd-ldap.5.xml:474 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5956,12 +5973,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:480 +#: sssd-ldap.5.xml:491 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:483 +#: sssd-ldap.5.xml:494 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5969,12 +5986,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:501 +#: sssd-ldap.5.xml:512 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:504 +#: sssd-ldap.5.xml:515 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5985,12 +6002,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:532 +#: sssd-ldap.5.xml:543 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:546 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5999,12 +6016,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:566 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:569 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -6013,7 +6030,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:577 msgid "" "If the connection is idle (not actively running an operation) within " "<emphasis>ldap_opt_timeout</emphasis> seconds of expiration, then it will be " @@ -6024,38 +6041,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:578 +#: sssd-ldap.5.xml:589 msgid "" "This timeout can be extended of a random value specified by " "<emphasis>ldap_connection_expire_offset</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:588 sssd-ldap.5.xml:631 sssd-ldap.5.xml:1749 +#: sssd-ldap.5.xml:599 sssd-ldap.5.xml:642 sssd-ldap.5.xml:1760 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:594 +#: sssd-ldap.5.xml:605 msgid "ldap_connection_expire_offset (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:597 +#: sssd-ldap.5.xml:608 msgid "" "Random offset between 0 and configured value is added to " "<emphasis>ldap_connection_expire_timeout</emphasis>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:624 #, fuzzy #| msgid "timeout (integer)" msgid "ldap_connection_idle_timeout (integer)" msgstr "noildze (vesels skaitlis)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 +#: sssd-ldap.5.xml:627 msgid "" "Specifies a timeout (in seconds) that an idle connection to an LDAP server " "will be maintained. If the connection is idle for more than this time then " @@ -6063,29 +6080,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:622 +#: sssd-ldap.5.xml:633 msgid "You can disable this timeout by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:648 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:651 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:662 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:654 +#: sssd-ldap.5.xml:665 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -6093,14 +6110,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:660 +#: sssd-ldap.5.xml:671 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:666 +#: sssd-ldap.5.xml:677 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -6108,17 +6125,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:678 +#: sssd-ldap.5.xml:689 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:681 +#: sssd-ldap.5.xml:692 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:684 +#: sssd-ldap.5.xml:695 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -6128,12 +6145,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:699 +#: sssd-ldap.5.xml:710 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 +#: sssd-ldap.5.xml:713 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -6141,17 +6158,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:708 sssd-ldap.5.xml:724 +#: sssd-ldap.5.xml:719 sssd-ldap.5.xml:735 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:715 +#: sssd-ldap.5.xml:726 msgid "ldap_sasl_maxssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:718 +#: sssd-ldap.5.xml:729 msgid "" "When communicating with an LDAP server using SASL, specify the maximal " "security level necessary to establish the connection. The values of this " @@ -6159,12 +6176,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:742 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:734 +#: sssd-ldap.5.xml:745 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -6172,7 +6189,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:740 +#: sssd-ldap.5.xml:751 msgid "" "You can turn off dereference lookups completely by setting the value to 0. " "Please note that there are some codepaths in SSSD, like the IPA HBAC " @@ -6183,7 +6200,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:751 +#: sssd-ldap.5.xml:762 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -6192,7 +6209,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 +#: sssd-ldap.5.xml:770 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -6200,12 +6217,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:783 msgid "ldap_ignore_unreadable_references (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 +#: sssd-ldap.5.xml:786 msgid "" "Ignore unreadable LDAP entries referenced in group's member attribute. If " "this parameter is set to false an error will be returned and the operation " @@ -6213,7 +6230,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:782 +#: sssd-ldap.5.xml:793 msgid "" "This parameter may be useful when using the AD provider and the computer " "account that sssd uses to connect to AD does not have access to a particular " @@ -6221,26 +6238,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:795 +#: sssd-ldap.5.xml:806 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:798 +#: sssd-ldap.5.xml:809 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 +#: sssd-ldap.5.xml:815 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:808 +#: sssd-ldap.5.xml:819 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6248,7 +6265,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:826 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6256,7 +6273,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:821 +#: sssd-ldap.5.xml:832 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -6264,41 +6281,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:838 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:831 +#: sssd-ldap.5.xml:842 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:837 +#: sssd-ldap.5.xml:848 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:840 +#: sssd-ldap.5.xml:851 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 sssd-ldap.5.xml:864 sssd-ldap.5.xml:905 +#: sssd-ldap.5.xml:856 sssd-ldap.5.xml:875 sssd-ldap.5.xml:916 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:852 +#: sssd-ldap.5.xml:863 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:866 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -6308,32 +6325,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:871 +#: sssd-ldap.5.xml:882 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:885 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 +#: sssd-ldap.5.xml:895 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:898 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:907 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:910 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -6341,12 +6358,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 +#: sssd-ldap.5.xml:923 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:926 msgid "" "Specifies that the id_provider connection must also use <systemitem " "class=\"protocol\">tls</systemitem> to protect the channel. <emphasis>true</" @@ -6354,12 +6371,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:937 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:940 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -6367,17 +6384,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:946 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:945 +#: sssd-ldap.5.xml:956 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:959 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -6388,24 +6405,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:960 +#: sssd-ldap.5.xml:971 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:966 +#: sssd-ldap.5.xml:977 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:969 +#: sssd-ldap.5.xml:980 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " "tested and supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 +#: sssd-ldap.5.xml:984 msgid "" "If the backend supports sub-domains the value of ldap_sasl_mech is " "automatically inherited to the sub-domains. If a different value is needed " @@ -6416,12 +6433,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:989 +#: sssd-ldap.5.xml:1000 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1001 +#: sssd-ldap.5.xml:1012 #, no-wrap msgid "" "hostname@REALM\n" @@ -6434,7 +6451,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:992 +#: sssd-ldap.5.xml:1003 msgid "" "Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " "this represents the Kerberos principal used for authentication to the " @@ -6446,17 +6463,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1012 +#: sssd-ldap.5.xml:1023 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1018 +#: sssd-ldap.5.xml:1029 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1032 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6464,49 +6481,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1038 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 +#: sssd-ldap.5.xml:1044 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 +#: sssd-ldap.5.xml:1047 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1041 +#: sssd-ldap.5.xml:1052 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1047 +#: sssd-ldap.5.xml:1058 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1050 +#: sssd-ldap.5.xml:1061 msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 sssd-krb5.5.xml:247 +#: sssd-ldap.5.xml:1070 sssd-krb5.5.xml:247 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 +#: sssd-ldap.5.xml:1076 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 +#: sssd-ldap.5.xml:1079 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -6514,28 +6531,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1080 +#: sssd-ldap.5.xml:1091 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1094 msgid "" "Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1092 sssd-ad.5.xml:1253 +#: sssd-ldap.5.xml:1103 sssd-ad.5.xml:1256 msgid "Default: 86400 (24 hours)" msgstr "Noklusējuma: 86400 (24 stundas)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1098 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1109 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1101 +#: sssd-ldap.5.xml:1112 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6547,7 +6564,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1113 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1124 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6555,7 +6572,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1118 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1129 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -6563,39 +6580,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1127 sssd-ipa.5.xml:531 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1138 sssd-ipa.5.xml:595 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1130 +#: sssd-ldap.5.xml:1141 msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1134 +#: sssd-ldap.5.xml:1145 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1140 include/krb5_options.xml:154 +#: sssd-ldap.5.xml:1151 include/krb5_options.xml:154 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1143 +#: sssd-ldap.5.xml:1154 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1155 sssd-krb5.5.xml:336 +#: sssd-ldap.5.xml:1166 sssd-krb5.5.xml:336 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1158 sssd-krb5.5.xml:339 +#: sssd-ldap.5.xml:1169 sssd-krb5.5.xml:339 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -6605,7 +6622,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 sssd-krb5.5.xml:350 +#: sssd-ldap.5.xml:1180 sssd-krb5.5.xml:350 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -6613,26 +6630,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1183 +#: sssd-ldap.5.xml:1194 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1186 +#: sssd-ldap.5.xml:1197 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1202 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1196 +#: sssd-ldap.5.xml:1207 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -6641,7 +6658,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1204 +#: sssd-ldap.5.xml:1215 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -6649,31 +6666,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1213 +#: sssd-ldap.5.xml:1224 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1232 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1235 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 +#: sssd-ldap.5.xml:1239 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1233 +#: sssd-ldap.5.xml:1244 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6686,51 +6703,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1263 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1255 +#: sssd-ldap.5.xml:1266 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1259 +#: sssd-ldap.5.xml:1270 msgid "Default: ldap" msgstr "Noklusējuma: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1265 +#: sssd-ldap.5.xml:1276 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1279 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 +#: sssd-ldap.5.xml:1284 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1290 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 +#: sssd-ldap.5.xml:1293 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1288 +#: sssd-ldap.5.xml:1299 msgid "" "It is recommend to set this option explicitly if \"ldap_pwd_policy = " "shadow\" is used to let SSSD know if the LDAP server will update " @@ -6739,12 +6756,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1313 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1305 +#: sssd-ldap.5.xml:1316 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6760,12 +6777,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1336 msgid "Example:" msgstr "Piemērs:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1328 +#: sssd-ldap.5.xml:1339 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6774,14 +6791,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1332 +#: sssd-ldap.5.xml:1343 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 +#: sssd-ldap.5.xml:1348 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6790,24 +6807,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1345 sssd-ldap.5.xml:1401 +#: sssd-ldap.5.xml:1356 sssd-ldap.5.xml:1412 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1351 +#: sssd-ldap.5.xml:1362 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1354 +#: sssd-ldap.5.xml:1365 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1358 +#: sssd-ldap.5.xml:1369 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6815,19 +6832,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1365 +#: sssd-ldap.5.xml:1376 msgid "The following values are allowed:" msgstr "Atļautas šādas vērtības:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1368 +#: sssd-ldap.5.xml:1379 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1373 +#: sssd-ldap.5.xml:1384 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6836,7 +6853,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1380 +#: sssd-ldap.5.xml:1391 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6844,7 +6861,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1386 +#: sssd-ldap.5.xml:1397 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6853,7 +6870,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1394 +#: sssd-ldap.5.xml:1405 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6861,22 +6878,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1407 +#: sssd-ldap.5.xml:1418 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1410 sssd-ipa.5.xml:356 +#: sssd-ldap.5.xml:1421 sssd-ipa.5.xml:420 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 +#: sssd-ldap.5.xml:1425 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1417 +#: sssd-ldap.5.xml:1428 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6886,14 +6903,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1427 +#: sssd-ldap.5.xml:1438 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1434 +#: sssd-ldap.5.xml:1445 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6906,12 +6923,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1451 +#: sssd-ldap.5.xml:1462 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 sssd-ipa.5.xml:364 +#: sssd-ldap.5.xml:1466 sssd-ipa.5.xml:428 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6921,31 +6938,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1465 sssd-ipa.5.xml:374 +#: sssd-ldap.5.xml:1476 sssd-ipa.5.xml:438 msgid "" "The difference between these options is the action taken if user password is " "expired:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1470 sssd-ipa.5.xml:379 +#: sssd-ldap.5.xml:1481 sssd-ipa.5.xml:443 msgid "pwd_expire_policy_reject - user is denied to log in," msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1476 sssd-ipa.5.xml:385 +#: sssd-ldap.5.xml:1487 sssd-ipa.5.xml:449 msgid "pwd_expire_policy_warn - user is still able to log in," msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1482 sssd-ipa.5.xml:391 +#: sssd-ldap.5.xml:1493 sssd-ipa.5.xml:455 msgid "" "pwd_expire_policy_renew - user is prompted to change their password " "immediately." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1490 +#: sssd-ldap.5.xml:1501 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to shadow or mit_kerberos, these " @@ -6953,50 +6970,50 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1507 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1501 +#: sssd-ldap.5.xml:1512 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1505 +#: sssd-ldap.5.xml:1516 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1520 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1514 +#: sssd-ldap.5.xml:1525 msgid "Default: filter" msgstr "Noklusējuma: filtrēt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1528 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1524 +#: sssd-ldap.5.xml:1535 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 +#: sssd-ldap.5.xml:1538 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -7005,74 +7022,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:1546 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1538 +#: sssd-ldap.5.xml:1549 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1555 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1558 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1563 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1556 +#: sssd-ldap.5.xml:1567 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1561 +#: sssd-ldap.5.xml:1572 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1566 +#: sssd-ldap.5.xml:1577 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 +#: sssd-ldap.5.xml:1582 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1579 +#: sssd-ldap.5.xml:1590 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1593 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1586 +#: sssd-ldap.5.xml:1597 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -7083,7 +7100,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1597 +#: sssd-ldap.5.xml:1608 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -7091,58 +7108,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1609 sssd-ifp.5.xml:152 +#: sssd-ldap.5.xml:1620 sssd-ifp.5.xml:152 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1612 +#: sssd-ldap.5.xml:1623 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1616 +#: sssd-ldap.5.xml:1627 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1631 msgid "Default: 1000 (often the size of one page)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1626 +#: sssd-ldap.5.xml:1637 msgid "ldap_library_debug_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1629 +#: sssd-ldap.5.xml:1640 msgid "" "Switches on libldap debugging with the given level. The libldap debug " "messages will be written independent of the general debug_level." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1634 +#: sssd-ldap.5.xml:1645 msgid "" "OpenLDAP uses a bitmap to enable debugging for specific components, -1 will " "enable full debug output." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1639 +#: sssd-ldap.5.xml:1650 msgid "Default: 0 (libldap debugging disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1645 +#: sssd-ldap.5.xml:1656 msgid "ldap_use_ppolicy (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1659 msgid "" "Turns on requesting and relying on the server-side password policy controls. " "Disabling this allows interacting with services which send back invalid " @@ -7150,12 +7167,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1671 msgid "ldap_ppolicy_pwd_change_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1663 +#: sssd-ldap.5.xml:1674 msgid "" "Forces a password change when server side password policy controls are " "enabled and remaining grace logins returned by the server after the " @@ -7178,12 +7195,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1683 +#: sssd-ldap.5.xml:1694 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1685 +#: sssd-ldap.5.xml:1696 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -7191,43 +7208,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 +#: sssd-ldap.5.xml:1707 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 +#: sssd-ldap.5.xml:1710 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1715 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1709 +#: sssd-ldap.5.xml:1720 msgid "" "You can disable full refresh by setting this option to 0. However, either " "smart or full refresh must be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1725 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1720 +#: sssd-ldap.5.xml:1731 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1734 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest " @@ -7235,14 +7252,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1740 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1733 +#: sssd-ldap.5.xml:1744 msgid "" "<emphasis>Note:</emphasis> the highest USN value can be updated by three " "tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " @@ -7252,19 +7269,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1744 +#: sssd-ldap.5.xml:1755 msgid "" "You can disable smart refresh by setting this option to 0. However, either " "smart or full refresh must be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1755 +#: sssd-ldap.5.xml:1766 msgid "ldap_sudo_random_offset (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1758 +#: sssd-ldap.5.xml:1769 msgid "" "Random offset between 0 and configured value is added to smart and full " "refresh periods each time the periodic task is scheduled. The value is in " @@ -7272,7 +7289,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 +#: sssd-ldap.5.xml:1775 msgid "" "Note that this random offset is also applied on the first SSSD start which " "delays the first sudo rules refresh. This prolongs the time when the sudo " @@ -7280,106 +7297,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1770 +#: sssd-ldap.5.xml:1781 msgid "You can disable this offset by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1780 +#: sssd-ldap.5.xml:1791 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1794 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1794 +#: sssd-ldap.5.xml:1805 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1797 +#: sssd-ldap.5.xml:1808 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1813 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1807 sssd-ldap.5.xml:1830 sssd-ldap.5.xml:1848 -#: sssd-ldap.5.xml:1866 +#: sssd-ldap.5.xml:1818 sssd-ldap.5.xml:1841 sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1877 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1812 sssd-ldap.5.xml:1835 +#: sssd-ldap.5.xml:1823 sssd-ldap.5.xml:1846 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1818 +#: sssd-ldap.5.xml:1829 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1821 +#: sssd-ldap.5.xml:1832 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1826 +#: sssd-ldap.5.xml:1837 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1841 +#: sssd-ldap.5.xml:1852 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1855 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1870 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1862 +#: sssd-ldap.5.xml:1873 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:1872 +#: sssd-ldap.5.xml:1883 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1884 +#: sssd-ldap.5.xml:1895 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7388,59 +7405,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1894 +#: sssd-ldap.5.xml:1905 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1896 +#: sssd-ldap.5.xml:1907 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1913 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1905 +#: sssd-ldap.5.xml:1916 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1919 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1919 +#: sssd-ldap.5.xml:1930 msgid "ADVANCED OPTIONS" msgstr "PAPLAŠINĀTĀS IESPĒJAS" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1926 +#: sssd-ldap.5.xml:1937 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1931 +#: sssd-ldap.5.xml:1942 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1936 +#: sssd-ldap.5.xml:1947 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:1941 +#: sssd-ldap.5.xml:1952 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:1943 +#: sssd-ldap.5.xml:1954 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -7449,22 +7466,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:1950 +#: sssd-ldap.5.xml:1961 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:1963 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1968 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1921 +#: sssd-ldap.5.xml:1932 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -7473,14 +7490,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1972 sssd-simple.5.xml:131 sssd-ipa.5.xml:930 -#: sssd-ad.5.xml:1392 sssd-krb5.5.xml:483 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:1983 sssd-simple.5.xml:131 sssd-ipa.5.xml:994 +#: sssd-ad.5.xml:1459 sssd-krb5.5.xml:483 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:155 sssd-session-recording.5.xml:176 msgid "EXAMPLE" msgstr "PIEMĒRS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1974 +#: sssd-ldap.5.xml:1985 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -7488,7 +7505,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1980 +#: sssd-ldap.5.xml:1991 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7501,27 +7518,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:1979 sssd-ldap.5.xml:1997 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:938 sssd-ad.5.xml:1400 sssd-sudo.5.xml:56 sssd-krb5.5.xml:492 -#: sssd-files.5.xml:162 sssd-files.5.xml:173 sssd-session-recording.5.xml:182 -#: include/ldap_id_mapping.xml:105 +#: sssd-ldap.5.xml:1990 sssd-ldap.5.xml:2008 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:1002 sssd-ad.5.xml:1467 sssd-sudo.5.xml:56 +#: sssd-krb5.5.xml:492 sssd-files.5.xml:162 sssd-files.5.xml:173 +#: sssd-session-recording.5.xml:182 include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1991 +#: sssd-ldap.5.xml:2002 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1993 +#: sssd-ldap.5.xml:2004 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1998 +#: sssd-ldap.5.xml:2009 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7537,13 +7554,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2013 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1415 sssd.8.xml:270 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2024 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1482 sssd.8.xml:270 sss_seed.8.xml:163 msgid "NOTES" msgstr "PIEZĪMES" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2015 +#: sssd-ldap.5.xml:2026 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -9784,7 +9801,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 sssd-ad.5.xml:1182 +#: sssd-ipa.5.xml:129 sssd-ad.5.xml:1185 msgid "dyndns_update (boolean)" msgstr "" @@ -9799,7 +9816,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:141 sssd-ad.5.xml:1196 +#: sssd-ipa.5.xml:141 sssd-ad.5.xml:1199 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -9814,12 +9831,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:158 sssd-ad.5.xml:1207 +#: sssd-ipa.5.xml:158 sssd-ad.5.xml:1210 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:161 sssd-ad.5.xml:1210 +#: sssd-ipa.5.xml:161 sssd-ad.5.xml:1213 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -9840,12 +9857,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:178 sssd-ad.5.xml:1221 +#: sssd-ipa.5.xml:178 sssd-ad.5.xml:1224 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:181 sssd-ad.5.xml:1224 +#: sssd-ipa.5.xml:181 sssd-ad.5.xml:1227 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -9869,17 +9886,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:198 sssd-ad.5.xml:1235 +#: sssd-ipa.5.xml:198 sssd-ad.5.xml:1238 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:204 sssd-ad.5.xml:1291 +#: sssd-ipa.5.xml:204 sssd-ad.5.xml:1294 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:207 sssd-ad.5.xml:1294 +#: sssd-ipa.5.xml:207 sssd-ad.5.xml:1297 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -9887,17 +9904,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:213 sssd-ad.5.xml:1300 +#: sssd-ipa.5.xml:213 sssd-ad.5.xml:1303 msgid "Default: GSS-TSIG" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:219 sssd-ad.5.xml:1306 +#: sssd-ipa.5.xml:219 sssd-ad.5.xml:1309 msgid "dyndns_auth_ptr (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:222 sssd-ad.5.xml:1309 +#: sssd-ipa.5.xml:222 sssd-ad.5.xml:1312 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "PTR updates with the DNS server, insecure updates can be sent by setting " @@ -9905,7 +9922,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:228 sssd-ad.5.xml:1315 +#: sssd-ipa.5.xml:228 sssd-ad.5.xml:1318 msgid "Default: Same as dyndns_auth" msgstr "" @@ -9932,7 +9949,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1241 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1244 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -9945,12 +9962,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:276 sssd-ad.5.xml:1259 +#: sssd-ipa.5.xml:276 sssd-ad.5.xml:1262 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 sssd-ad.5.xml:1262 +#: sssd-ipa.5.xml:279 sssd-ad.5.xml:1265 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -9964,7 +9981,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:290 sssd-ad.5.xml:1267 +#: sssd-ipa.5.xml:290 sssd-ad.5.xml:1270 msgid "" "Note that <emphasis>dyndns_update_per_family</emphasis> parameter does not " "apply for PTR record updates. Those updates are always sent separately." @@ -9976,60 +9993,77 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1278 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1281 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:304 sssd-ad.5.xml:1281 +#: sssd-ipa.5.xml:304 sssd-ad.5.xml:1284 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:308 sssd-ad.5.xml:1285 +#: sssd-ipa.5.xml:308 sssd-ad.5.xml:1288 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:314 sssd-ad.5.xml:1321 +#: sssd-ipa.5.xml:314 sssd-ad.5.xml:1324 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1324 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1327 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 sssd-ad.5.xml:1329 +#: sssd-ipa.5.xml:322 sssd-ad.5.xml:1332 msgid "" "Setting this option makes sense for environments where the DNS server is " -"different from the identity server." +"different from the identity server or when we use encrypted DNS." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:327 sssd-ad.5.xml:1337 +msgid "" +"The parameter can be a simple string containing DNS name or IP address. It " +"can also be an URI. The URI can look like <emphasis>dns://servername/</" +"emphasis> or <emphasis>dns+tls://1.2.3.4:853#servername/</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:334 sssd-ad.5.xml:1344 +msgid "" +"The second example enables DNS-over-TLS protocol for DNS updates. The " +"nsupdate utility must support DoT - check the <emphasis>man nsupdate</" +"emphasis> before enabling it in SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:327 sssd-ad.5.xml:1334 +#: sssd-ipa.5.xml:340 sssd-ad.5.xml:1350 msgid "" "Please note that this option will be only used in fallback attempt when " -"previous attempt using autodetected settings failed." +"previous attempt using autodetected settings failed or when DNS-over-TLS is " +"enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:332 sssd-ad.5.xml:1339 +#: sssd-ipa.5.xml:346 sssd-ad.5.xml:1356 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:338 sssd-ad.5.xml:1345 +#: sssd-ipa.5.xml:352 sssd-ad.5.xml:1362 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:341 sssd-ad.5.xml:1348 +#: sssd-ipa.5.xml:355 sssd-ad.5.xml:1365 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -10037,177 +10071,233 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:353 +#: sssd-ipa.5.xml:367 sssd-ad.5.xml:1377 +msgid "dyndns_dot_cacert (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:370 sssd-ad.5.xml:1380 +msgid "" +"This option specifies the file of the certificate authorities certificates " +"(in PEM format) in order to verify the remote server TLS certificate when " +"using DoT." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:376 sssd-ad.5.xml:1386 +msgid "Default: None (use global certificate store)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:382 sssd-ad.5.xml:1392 +msgid "dyndns_dot_cert (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:385 sssd-ad.5.xml:1395 +msgid "" +"This option sets the certificate(s) file for authentication for the DoT " +"transport to the remote server. The certificate chain file is expected to be " +"in PEM format." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:391 sssd-ad.5.xml:1401 +msgid "" +"The <emphasis>dyndns_dot_cert</emphasis> and <emphasis>dyndns_dot_key</" +"emphasis> options must be both set to achieve mutual TLS authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:396 sssd-ipa.5.xml:411 sssd-ad.5.xml:1406 sssd-ad.5.xml:1421 +msgid "Default: None (Do not use TLS authentication)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:402 sssd-ad.5.xml:1412 +msgid "dyndns_dot_key (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:405 sssd-ad.5.xml:1415 +msgid "" +"This option sets the key file for authenticated encryption for the DoT " +"transport to the remote server. The private key file is expected to be in " +"PEM format." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:417 msgid "ipa_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:360 +#: sssd-ipa.5.xml:424 msgid "<emphasis>expire</emphasis>: use IPA's account expiration policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:399 +#: sssd-ipa.5.xml:463 msgid "" "Please note that 'access_provider = ipa' must be set for this feature to " "work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:406 +#: sssd-ipa.5.xml:470 msgid "ipa_deskprofile_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:409 +#: sssd-ipa.5.xml:473 msgid "" "Optional. Use the given string as search base for Desktop Profile related " "objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:413 sssd-ipa.5.xml:440 +#: sssd-ipa.5.xml:477 sssd-ipa.5.xml:504 msgid "Default: Use base DN" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:419 +#: sssd-ipa.5.xml:483 msgid "ipa_subid_ranges_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:422 +#: sssd-ipa.5.xml:486 msgid "" "Optional. Use the given string as search base for subordinate ranges related " "objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:426 +#: sssd-ipa.5.xml:490 msgid "Default: the value of <emphasis>cn=subids,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:433 +#: sssd-ipa.5.xml:497 msgid "ipa_hbac_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:436 +#: sssd-ipa.5.xml:500 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:446 +#: sssd-ipa.5.xml:510 msgid "ipa_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:449 +#: sssd-ipa.5.xml:513 msgid "Deprecated. Use ldap_host_search_base instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:455 +#: sssd-ipa.5.xml:519 msgid "ipa_selinux_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:458 +#: sssd-ipa.5.xml:522 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:474 +#: sssd-ipa.5.xml:538 msgid "ipa_subdomains_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:477 +#: sssd-ipa.5.xml:541 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 +#: sssd-ipa.5.xml:550 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:493 +#: sssd-ipa.5.xml:557 msgid "ipa_master_domain_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:496 +#: sssd-ipa.5.xml:560 msgid "Optional. Use the given string as search base for master domain object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:505 +#: sssd-ipa.5.xml:569 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 +#: sssd-ipa.5.xml:576 msgid "ipa_views_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 +#: sssd-ipa.5.xml:579 msgid "Optional. Use the given string as search base for views containers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:524 +#: sssd-ipa.5.xml:588 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:534 +#: sssd-ipa.5.xml:598 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:538 +#: sssd-ipa.5.xml:602 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:546 sssd-ad.5.xml:1363 +#: sssd-ipa.5.xml:610 sssd-ad.5.xml:1430 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:549 sssd-ad.5.xml:1366 +#: sssd-ipa.5.xml:613 sssd-ad.5.xml:1433 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:553 sssd-ad.5.xml:1370 +#: sssd-ipa.5.xml:617 sssd-ad.5.xml:1437 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:557 sssd-ad.5.xml:1374 +#: sssd-ipa.5.xml:621 sssd-ad.5.xml:1441 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:564 +#: sssd-ipa.5.xml:628 msgid "ipa_deskprofile_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:567 +#: sssd-ipa.5.xml:631 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server. This will reduce the latency and load on the IPA server if there " @@ -10215,34 +10305,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:574 sssd-ipa.5.xml:604 sssd-ipa.5.xml:620 sssd-ad.5.xml:600 +#: sssd-ipa.5.xml:638 sssd-ipa.5.xml:668 sssd-ipa.5.xml:684 sssd-ad.5.xml:600 msgid "Default: 5 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:580 +#: sssd-ipa.5.xml:644 msgid "ipa_deskprofile_request_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:583 +#: sssd-ipa.5.xml:647 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server in case the last request did not return any rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:588 +#: sssd-ipa.5.xml:652 msgid "Default: 60 (minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:594 +#: sssd-ipa.5.xml:658 msgid "ipa_hbac_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:597 +#: sssd-ipa.5.xml:661 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -10250,12 +10340,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:610 +#: sssd-ipa.5.xml:674 msgid "ipa_hbac_selinux (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:613 +#: sssd-ipa.5.xml:677 msgid "" "The amount of time between lookups of the SELinux maps against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -10263,33 +10353,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:626 +#: sssd-ipa.5.xml:690 msgid "ipa_server_mode (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:629 +#: sssd-ipa.5.xml:693 msgid "" "This option will be set by the IPA installer (ipa-server-install) " "automatically and denotes if SSSD is running on an IPA server or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:634 +#: sssd-ipa.5.xml:698 msgid "" "On an IPA server SSSD will lookup users and groups from trusted domains " "directly while on a client it will ask an IPA server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:639 +#: sssd-ipa.5.xml:703 msgid "" "NOTE: There are currently some assumptions that must be met when SSSD is " "running on an IPA server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:644 +#: sssd-ipa.5.xml:708 msgid "" "The <quote>ipa_server</quote> option must be configured to point to the IPA " "server itself. This is already the default set by the IPA installer, so no " @@ -10297,59 +10387,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:653 +#: sssd-ipa.5.xml:717 msgid "" "The <quote>full_name_format</quote> option must not be tweaked to only print " "short names for users from trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:668 +#: sssd-ipa.5.xml:732 msgid "ipa_automount_location (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:671 +#: sssd-ipa.5.xml:735 msgid "The automounter location this IPA client will be using" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:674 +#: sssd-ipa.5.xml:738 msgid "Default: The location named \"default\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:682 +#: sssd-ipa.5.xml:746 msgid "VIEWS AND OVERRIDES" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:691 +#: sssd-ipa.5.xml:755 msgid "ipa_view_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:694 +#: sssd-ipa.5.xml:758 msgid "Objectclass of the view container." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:697 +#: sssd-ipa.5.xml:761 msgid "Default: nsContainer" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:703 +#: sssd-ipa.5.xml:767 msgid "ipa_view_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:706 +#: sssd-ipa.5.xml:770 msgid "Name of the attribute holding the name of the view." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:710 sssd-ldap-attributes.5.xml:496 +#: sssd-ipa.5.xml:774 sssd-ldap-attributes.5.xml:496 #: sssd-ldap-attributes.5.xml:832 sssd-ldap-attributes.5.xml:913 #: sssd-ldap-attributes.5.xml:1010 sssd-ldap-attributes.5.xml:1068 #: sssd-ldap-attributes.5.xml:1226 sssd-ldap-attributes.5.xml:1271 @@ -10357,128 +10447,128 @@ msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:716 +#: sssd-ipa.5.xml:780 msgid "ipa_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:719 +#: sssd-ipa.5.xml:783 msgid "Objectclass of the override objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:722 +#: sssd-ipa.5.xml:786 msgid "Default: ipaOverrideAnchor" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:728 +#: sssd-ipa.5.xml:792 msgid "ipa_anchor_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:731 +#: sssd-ipa.5.xml:795 msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:735 +#: sssd-ipa.5.xml:799 msgid "Default: ipaAnchorUUID" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:741 +#: sssd-ipa.5.xml:805 msgid "ipa_user_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:744 +#: sssd-ipa.5.xml:808 msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:749 +#: sssd-ipa.5.xml:813 msgid "User overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:752 +#: sssd-ipa.5.xml:816 msgid "ldap_user_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:755 +#: sssd-ipa.5.xml:819 msgid "ldap_user_uid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:758 +#: sssd-ipa.5.xml:822 msgid "ldap_user_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:761 +#: sssd-ipa.5.xml:825 msgid "ldap_user_gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:764 +#: sssd-ipa.5.xml:828 msgid "ldap_user_home_directory" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:767 +#: sssd-ipa.5.xml:831 msgid "ldap_user_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:770 +#: sssd-ipa.5.xml:834 msgid "ldap_user_ssh_public_key" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:775 +#: sssd-ipa.5.xml:839 msgid "Default: ipaUserOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:781 +#: sssd-ipa.5.xml:845 msgid "ipa_group_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:784 +#: sssd-ipa.5.xml:848 msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:789 +#: sssd-ipa.5.xml:853 msgid "Group overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:792 +#: sssd-ipa.5.xml:856 msgid "ldap_group_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:795 +#: sssd-ipa.5.xml:859 msgid "ldap_group_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:800 +#: sssd-ipa.5.xml:864 msgid "Default: ipaGroupOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:684 +#: sssd-ipa.5.xml:748 msgid "" "SSSD can handle views and overrides which are offered by FreeIPA 4.1 and " "later version. Since all paths and objectclasses are fixed on the server " @@ -10488,19 +10578,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:812 +#: sssd-ipa.5.xml:876 msgid "SUBDOMAINS PROVIDER" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:814 +#: sssd-ipa.5.xml:878 msgid "" "The IPA subdomains provider behaves slightly differently if it is configured " "explicitly or implicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:818 +#: sssd-ipa.5.xml:882 msgid "" "If the option 'subdomains_provider = ipa' is found in the domain section of " "sssd.conf, the IPA subdomains provider is configured explicitly, and all " @@ -10508,7 +10598,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:824 +#: sssd-ipa.5.xml:888 msgid "" "If the option 'subdomains_provider' is not set in the domain section of sssd." "conf but there is the option 'id_provider = ipa', the IPA subdomains " @@ -10520,12 +10610,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:835 +#: sssd-ipa.5.xml:899 msgid "TRUSTED DOMAINS CONFIGURATION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:843 +#: sssd-ipa.5.xml:907 #, no-wrap msgid "" "[domain/ipa.domain.com/ad.domain.com]\n" @@ -10533,7 +10623,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:837 +#: sssd-ipa.5.xml:901 msgid "" "Some configuration options can also be set for a trusted domain. A trusted " "domain configuration can be set using the trusted domain subsection as shown " @@ -10543,80 +10633,80 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:848 +#: sssd-ipa.5.xml:912 msgid "" "For more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:855 +#: sssd-ipa.5.xml:919 msgid "" "Different configuration options are tunable for a trusted domain depending " "on whether you are configuring SSSD on an IPA server or an IPA client." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:860 +#: sssd-ipa.5.xml:924 msgid "OPTIONS TUNABLE ON IPA MASTERS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:862 +#: sssd-ipa.5.xml:926 msgid "" "The following options can be set in a subdomain section on an IPA master:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:866 sssd-ipa.5.xml:896 +#: sssd-ipa.5.xml:930 sssd-ipa.5.xml:960 msgid "ad_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:869 +#: sssd-ipa.5.xml:933 msgid "ad_backup_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:872 sssd-ipa.5.xml:899 +#: sssd-ipa.5.xml:936 sssd-ipa.5.xml:963 msgid "ad_site" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:875 +#: sssd-ipa.5.xml:939 msgid "ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:878 +#: sssd-ipa.5.xml:942 msgid "ldap_user_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:881 +#: sssd-ipa.5.xml:945 msgid "ldap_group_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:890 +#: sssd-ipa.5.xml:954 msgid "OPTIONS TUNABLE ON IPA CLIENTS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:892 +#: sssd-ipa.5.xml:956 msgid "" "The following options can be set in a subdomain section on an IPA client:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:904 +#: sssd-ipa.5.xml:968 msgid "" "Note that if both options are set, only <quote>ad_server</quote> is " "evaluated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:908 +#: sssd-ipa.5.xml:972 msgid "" "Since any request for a user or a group identity from a trusted domain " "triggered from an IPA client is resolved by the IPA server, the " @@ -10630,7 +10720,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:932 +#: sssd-ipa.5.xml:996 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10638,7 +10728,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:939 +#: sssd-ipa.5.xml:1003 #, no-wrap msgid "" "[domain/example.com]\n" @@ -11770,6 +11860,11 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:1136 +msgid "This option is deprecated." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1139 msgid "" "If this option is set to <quote>true</quote> SSSD will not filter out Domain " "Local groups from remote domains in the AD forest. By default they are " @@ -11780,7 +11875,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1146 +#: sssd-ad.5.xml:1149 msgid "" "Please note that setting this option to <quote>true</quote> will be against " "the intention of Domain Local group in Active Directory and <emphasis>SHOULD " @@ -11795,7 +11890,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1162 +#: sssd-ad.5.xml:1165 msgid "" "Given the comments above, if this option is set to <quote>true</quote> the " "tokenGroups request must be disabled by setting <quote>ldap_use_tokengroups</" @@ -11807,7 +11902,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1185 +#: sssd-ad.5.xml:1188 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -11818,19 +11913,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1215 +#: sssd-ad.5.xml:1218 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1231 +#: sssd-ad.5.xml:1234 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1244 +#: sssd-ad.5.xml:1247 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -11840,7 +11935,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1394 +#: sssd-ad.5.xml:1461 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -11848,7 +11943,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1401 +#: sssd-ad.5.xml:1468 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -11863,7 +11958,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1421 +#: sssd-ad.5.xml:1488 #, no-wrap msgid "" "access_provider = ldap\n" @@ -11872,7 +11967,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1417 +#: sssd-ad.5.xml:1484 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -11880,7 +11975,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1427 +#: sssd-ad.5.xml:1494 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -11890,7 +11985,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1435 +#: sssd-ad.5.xml:1502 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -17453,7 +17548,7 @@ msgstr "" #: include/ldap_id_mapping.xml:67 msgid "" "The SSSD ID-mapping algorithm takes a range of available UIDs and divides it " -"into equally-sized component sections - called \"slices\"-. Each slice " +"into equally-sized component sections - called \"slices\". Each slice " "represents the space available to an Active Directory domain." msgstr "" @@ -17598,7 +17693,7 @@ msgid "" "For example, if your most recently-added Active Directory user has " "objectSid=S-1-5-21-2153326666-2176343378-3404031434-1107, " "<quote>ldap_idmap_range_size</quote> must be at least 1108 as range size is " -"equal to maximal SID minus minimal SID plus one (e.g. 1108 = 1107 - 0 + 1)." +"equal to maximal RID minus minimal RID plus one (e.g. 1108 = 1107 - 0 + 1)." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> diff --git a/src/man/po/nl.po b/src/man/po/nl.po index 9f888ecb79f..f3c94e44b26 100644 --- a/src/man/po/nl.po +++ b/src/man/po/nl.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 2.3.0\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2024-10-15 11:44+0200\n" +"POT-Creation-Date: 2024-12-10 14:33+0100\n" "PO-Revision-Date: 2014-12-15 12:02-0500\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: Dutch (http://www.transifex.com/projects/p/sssd/language/" @@ -136,19 +136,19 @@ msgstr "" #| "<filename>sssd.conf</filename> must be a regular file, owned by root and " #| "only root may read from or write to the file." msgid "" -"<filename>sssd.conf</filename> must be a regular file that is owned, " -"readable, and writeable by the same user as configured to run SSSD service." +"<filename>sssd.conf</filename> must be a regular file that is accessible " +"only by the user used to run SSSD service or root." msgstr "" "<filename>sssd.conf</filename> moet een standaardbestand zijn, de eigenaar " "moet root zijn en alleen root mag hem lezen en schrijven." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:67 +#: sssd.conf.5.xml:66 msgid "CONFIGURATION SNIPPETS FROM INCLUDE DIRECTORY" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:70 +#: sssd.conf.5.xml:69 msgid "" "The configuration file <filename>sssd.conf</filename> will include " "configuration snippets using the include directory <filename>conf.d</" @@ -156,7 +156,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:76 +#: sssd.conf.5.xml:75 msgid "" "Any file placed in <filename>conf.d</filename> that ends in " "<quote><filename>.conf</filename></quote> and does not begin with a dot " @@ -165,7 +165,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:84 +#: sssd.conf.5.xml:83 msgid "" "The configuration snippets from <filename>conf.d</filename> have higher " "priority than <filename>sssd.conf</filename> and will override " @@ -178,39 +178,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:98 +#: sssd.conf.5.xml:97 msgid "" "The snippet files require the same owner and permissions as <filename>sssd." "conf</filename>." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:104 +#: sssd.conf.5.xml:103 msgid "GENERAL OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:106 +#: sssd.conf.5.xml:105 msgid "Following options are usable in more than one configuration sections." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:110 +#: sssd.conf.5.xml:109 msgid "Options usable in all sections" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:114 +#: sssd.conf.5.xml:113 msgid "debug_level (integer)" msgstr "debug_level (numeriek)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:118 +#: sssd.conf.5.xml:117 msgid "debug (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:121 +#: sssd.conf.5.xml:120 msgid "" "SSSD 1.14 and later also includes the <replaceable>debug</replaceable> alias " "for <replaceable>debug_level</replaceable> as a convenience feature. If both " @@ -219,64 +219,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:131 +#: sssd.conf.5.xml:130 msgid "debug_timestamps (bool)" msgstr "debug_timestamps (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:134 +#: sssd.conf.5.xml:133 msgid "" "Add a timestamp to the debug messages. If journald is enabled for SSSD " "debug logging this option is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 sssd.conf.5.xml:176 sssd.conf.5.xml:338 -#: sssd.conf.5.xml:698 sssd.conf.5.xml:713 sssd.conf.5.xml:923 -#: sssd.conf.5.xml:1041 sssd.conf.5.xml:2169 sssd-ldap.5.xml:920 -#: sssd-ldap.5.xml:1074 sssd-ldap.5.xml:1177 sssd-ldap.5.xml:1246 -#: sssd-ldap.5.xml:1654 sssd-ldap.5.xml:1788 sssd-ldap.5.xml:1853 -#: sssd-ipa.5.xml:347 sssd-ad.5.xml:252 sssd-ad.5.xml:367 sssd-ad.5.xml:1201 -#: sssd-ad.5.xml:1354 sssd-krb5.5.xml:358 +#: sssd.conf.5.xml:138 sssd.conf.5.xml:175 sssd.conf.5.xml:337 +#: sssd.conf.5.xml:701 sssd.conf.5.xml:716 sssd.conf.5.xml:926 +#: sssd.conf.5.xml:1044 sssd.conf.5.xml:2172 sssd-ldap.5.xml:931 +#: sssd-ldap.5.xml:1085 sssd-ldap.5.xml:1188 sssd-ldap.5.xml:1257 +#: sssd-ldap.5.xml:1665 sssd-ldap.5.xml:1799 sssd-ldap.5.xml:1864 +#: sssd-ipa.5.xml:361 sssd-ad.5.xml:252 sssd-ad.5.xml:367 sssd-ad.5.xml:1204 +#: sssd-ad.5.xml:1371 sssd-krb5.5.xml:358 msgid "Default: true" msgstr "Standaard: true" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:144 +#: sssd.conf.5.xml:143 msgid "debug_microseconds (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:147 +#: sssd.conf.5.xml:146 msgid "" "Add microseconds to the timestamp in debug messages. If journald is enabled " "for SSSD debug logging this option is ignored." msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:152 sssd.conf.5.xml:636 sssd.conf.5.xml:920 -#: sssd.conf.5.xml:2072 sssd.conf.5.xml:2139 sssd.conf.5.xml:4231 -#: sssd-ldap.5.xml:313 sssd-ldap.5.xml:939 sssd-ldap.5.xml:1149 -#: sssd-ldap.5.xml:1603 sssd-ldap.5.xml:1877 sssd-ipa.5.xml:152 -#: sssd-ipa.5.xml:254 sssd-ipa.5.xml:662 sssd-ad.5.xml:1107 sssd-krb5.5.xml:268 +#: sssd.conf.5.xml:151 sssd.conf.5.xml:639 sssd.conf.5.xml:923 +#: sssd.conf.5.xml:2075 sssd.conf.5.xml:2142 sssd.conf.5.xml:4234 +#: sssd-ldap.5.xml:324 sssd-ldap.5.xml:950 sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1888 sssd-ipa.5.xml:152 +#: sssd-ipa.5.xml:254 sssd-ipa.5.xml:726 sssd-ad.5.xml:1107 sssd-krb5.5.xml:268 #: sssd-krb5.5.xml:330 sssd-krb5.5.xml:432 include/krb5_options.xml:163 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:157 +#: sssd.conf.5.xml:156 #, fuzzy #| msgid "debug_timestamps (bool)" msgid "debug_backtrace_enabled (bool)" msgstr "debug_timestamps (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:160 +#: sssd.conf.5.xml:159 msgid "Enable debug backtrace." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:163 +#: sssd.conf.5.xml:162 msgid "" "In case SSSD is run with debug_level less than 9, everything is logged to a " "ring buffer in memory and flushed to a log file on any error up to and " @@ -286,15 +286,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:172 +#: sssd.conf.5.xml:171 msgid "" "Feature is only supported for `logger == files` (i.e. setting doesn't have " "effect for other logger types)." msgstr "" #. type: Content of: outside any tag (error?) -#: sssd.conf.5.xml:112 sssd.conf.5.xml:187 sssd-ldap.5.xml:1694 -#: sssd-ldap.5.xml:1900 sss-certmap.5.xml:645 sssd-systemtap.5.xml:82 +#: sssd.conf.5.xml:111 sssd.conf.5.xml:186 sssd-ldap.5.xml:1705 +#: sssd-ldap.5.xml:1911 sss-certmap.5.xml:645 sssd-systemtap.5.xml:82 #: sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 #: sssd-systemtap.5.xml:330 sssd-ldap-attributes.5.xml:40 #: sssd-ldap-attributes.5.xml:661 sssd-ldap-attributes.5.xml:803 @@ -306,17 +306,17 @@ msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:185 +#: sssd.conf.5.xml:184 msgid "Options usable in SERVICE and DOMAIN sections" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:189 +#: sssd.conf.5.xml:188 msgid "timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:192 +#: sssd.conf.5.xml:191 msgid "" "Timeout in seconds between heartbeats for this service. This is used to " "ensure that the process is alive and capable of answering requests. Note " @@ -324,33 +324,33 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:199 sssd.conf.5.xml:1261 sssd.conf.5.xml:1738 -#: sssd.conf.5.xml:4247 sssd-ldap.5.xml:766 include/ldap_id_mapping.xml:270 +#: sssd.conf.5.xml:198 sssd.conf.5.xml:1264 sssd.conf.5.xml:1741 +#: sssd.conf.5.xml:4250 sssd-ldap.5.xml:777 include/ldap_id_mapping.xml:270 msgid "Default: 10" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:209 +#: sssd.conf.5.xml:208 msgid "SPECIAL SECTIONS" msgstr "SPECIALE SECTIES" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:212 +#: sssd.conf.5.xml:211 msgid "The [sssd] section" msgstr "De [sssd] sectie" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><title> -#: sssd.conf.5.xml:221 +#: sssd.conf.5.xml:220 msgid "Section parameters" msgstr "Sectie parameters" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:223 +#: sssd.conf.5.xml:222 msgid "services" msgstr "diensten" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:226 +#: sssd.conf.5.xml:225 msgid "" "Comma separated list of services that are started when sssd itself starts. " "<phrase condition=\"have_systemd\"> The services' list is optional on " @@ -359,7 +359,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:235 +#: sssd.conf.5.xml:234 msgid "" "Supported services: nss, pam, ifp <phrase condition=\"with_sudo\">, sudo</" "phrase> <phrase condition=\"with_autofs\">, autofs</phrase> <phrase " @@ -368,7 +368,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:242 +#: sssd.conf.5.xml:241 msgid "" "<phrase condition=\"have_systemd\"> By default, all services are disabled " "and the administrator must enable the ones allowed to be used by executing: " @@ -376,12 +376,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:251 +#: sssd.conf.5.xml:250 msgid "domains" msgstr "domeinen" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:254 +#: sssd.conf.5.xml:253 msgid "" "A domain is a database containing user information. SSSD can use more " "domains at the same time, but at least one must be configured or SSSD won't " @@ -392,19 +392,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:267 sssd.conf.5.xml:3535 +#: sssd.conf.5.xml:266 sssd.conf.5.xml:3538 msgid "re_expression (string)" msgstr "re_expression (tekst)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:270 +#: sssd.conf.5.xml:269 msgid "" "Default regular expression that describes how to parse the string containing " "user name and domain into these components." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:275 +#: sssd.conf.5.xml:274 msgid "" "Each domain can have an individual regular expression configured. For some " "ID providers there are also default regular expressions. See DOMAIN SECTIONS " @@ -412,12 +412,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:284 sssd.conf.5.xml:3592 +#: sssd.conf.5.xml:283 sssd.conf.5.xml:3595 msgid "full_name_format (string)" msgstr "full_name_format (tekst)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:3595 +#: sssd.conf.5.xml:286 sssd.conf.5.xml:3598 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -425,70 +425,70 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:298 sssd.conf.5.xml:3606 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:3609 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 sssd.conf.5.xml:3607 +#: sssd.conf.5.xml:298 sssd.conf.5.xml:3610 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:302 sssd.conf.5.xml:3610 +#: sssd.conf.5.xml:301 sssd.conf.5.xml:3613 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:305 sssd.conf.5.xml:3613 +#: sssd.conf.5.xml:304 sssd.conf.5.xml:3616 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:311 sssd.conf.5.xml:3619 +#: sssd.conf.5.xml:310 sssd.conf.5.xml:3622 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:314 sssd.conf.5.xml:3622 +#: sssd.conf.5.xml:313 sssd.conf.5.xml:3625 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:295 sssd.conf.5.xml:3603 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:3606 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:324 +#: sssd.conf.5.xml:323 msgid "" "Each domain can have an individual format string configured. See DOMAIN " "SECTIONS for more info on this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:330 +#: sssd.conf.5.xml:329 msgid "monitor_resolv_conf (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:333 +#: sssd.conf.5.xml:332 msgid "" "Controls if SSSD should monitor the state of resolv.conf to identify when it " "needs to update its internal DNS resolver." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:343 +#: sssd.conf.5.xml:342 msgid "try_inotify (boolean)" msgstr "try_inotify (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:346 +#: sssd.conf.5.xml:345 msgid "" "By default, SSSD will attempt to use inotify to monitor configuration files " "changes and will fall back to polling every five seconds if inotify cannot " @@ -496,7 +496,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:352 +#: sssd.conf.5.xml:351 msgid "" "There are some limited situations where it is preferred that we should skip " "even trying to use inotify. In these rare cases, this option should be set " @@ -507,7 +507,7 @@ msgstr "" "gezet worden" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:358 +#: sssd.conf.5.xml:357 msgid "" "Default: true on platforms where inotify is supported. False on other " "platforms." @@ -516,7 +516,7 @@ msgstr "" "systemen." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:362 +#: sssd.conf.5.xml:361 msgid "" "Note: this option will have no effect on platforms where inotify is " "unavailable. On these platforms, polling will always be used." @@ -526,12 +526,12 @@ msgstr "" "conf." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 +#: sssd.conf.5.xml:368 msgid "krb5_rcache_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 +#: sssd.conf.5.xml:371 msgid "" "Directory on the filesystem where SSSD should store Kerberos replay cache " "files." @@ -540,26 +540,26 @@ msgstr "" "opslaan." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:376 +#: sssd.conf.5.xml:375 msgid "" "This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " "SSSD to let libkrb5 decide the appropriate location for the replay cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:382 +#: sssd.conf.5.xml:381 msgid "" "Default: Distribution-specific and specified at build-time. " "(__LIBKRB5_DEFAULTS__ if not configured)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:389 +#: sssd.conf.5.xml:388 msgid "user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:392 +#: sssd.conf.5.xml:391 msgid "" "A legacy (deprecated) method to configure the user to drop the privileges to " "where appropriate to avoid running as the root user. The only supported " @@ -567,14 +567,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 +#: sssd.conf.5.xml:398 msgid "" "This option is ignored if main SSSD process is started under non-root user " "initially (preferred method)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:404 +#: sssd.conf.5.xml:403 msgid "" "This option doesn't apply to socket activated services, as in this case the " "user to run the processes is configured in systemd service files. Keep in " @@ -584,17 +584,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:415 +#: sssd.conf.5.xml:414 msgid "Default: not set, process will run as root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:420 +#: sssd.conf.5.xml:419 msgid "default_domain_suffix (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:423 +#: sssd.conf.5.xml:422 +msgid "" +"Please note that this option is deprecated and domain_resolution_order " +"should be used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:426 msgid "" "This string will be used as a default domain name for all names without a " "domain name component. The main use case is environments where the primary " @@ -604,7 +611,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 +#: sssd.conf.5.xml:436 msgid "" "Please note that if this option is set all users from the primary domain " "have to use their fully qualified name, e.g. user@domain.name, to log in. " @@ -617,8 +624,8 @@ msgid "" msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:450 sssd-ldap.5.xml:878 sssd-ldap.5.xml:890 -#: sssd-ldap.5.xml:983 sssd-ad.5.xml:921 sssd-ad.5.xml:996 sssd-krb5.5.xml:468 +#: sssd.conf.5.xml:453 sssd-ldap.5.xml:889 sssd-ldap.5.xml:901 +#: sssd-ldap.5.xml:994 sssd-ad.5.xml:921 sssd-ad.5.xml:996 sssd-krb5.5.xml:468 #: sssd-ldap-attributes.5.xml:470 sssd-ldap-attributes.5.xml:978 #: include/ldap_id_mapping.xml:211 include/ldap_id_mapping.xml:222 #: include/krb5_options.xml:148 @@ -626,12 +633,12 @@ msgid "Default: not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:455 +#: sssd.conf.5.xml:458 msgid "override_space (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:458 +#: sssd.conf.5.xml:461 msgid "" "This parameter will replace spaces (space bar) with the given character for " "user and group names. e.g. (_). User name "john doe" will be " @@ -641,7 +648,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:467 +#: sssd.conf.5.xml:470 msgid "" "Please note it is a configuration error to use a replacement character that " "might be used in user or group names. If a name contains the replacement " @@ -650,22 +657,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:475 +#: sssd.conf.5.xml:478 msgid "Default: not set (spaces will not be replaced)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:480 +#: sssd.conf.5.xml:483 msgid "certificate_verification (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:488 +#: sssd.conf.5.xml:491 msgid "no_ocsp" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:490 +#: sssd.conf.5.xml:493 msgid "" "Disables Online Certificate Status Protocol (OCSP) checks. This might be " "needed if the OCSP servers defined in the certificate are not reachable from " @@ -673,12 +680,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:498 +#: sssd.conf.5.xml:501 msgid "soft_ocsp" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:500 +#: sssd.conf.5.xml:503 msgid "" "If a connection cannot be established to an OCSP responder the OCSP check is " "skipped. This option should be used to allow authentication when the system " @@ -686,61 +693,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:510 +#: sssd.conf.5.xml:513 msgid "ocsp_dgst" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:512 +#: sssd.conf.5.xml:515 msgid "" "Digest (hash) function used to create the certificate ID for the OCSP " "request. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:516 +#: sssd.conf.5.xml:519 msgid "sha1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:517 +#: sssd.conf.5.xml:520 msgid "sha256" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:518 +#: sssd.conf.5.xml:521 msgid "sha384" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:519 +#: sssd.conf.5.xml:522 msgid "sha512" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:522 +#: sssd.conf.5.xml:525 msgid "Default: sha1 (to allow compatibility with RFC5019-compliant responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:528 +#: sssd.conf.5.xml:531 msgid "no_verification" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:530 +#: sssd.conf.5.xml:533 msgid "" "Disables verification completely. This option should only be used for " "testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:536 +#: sssd.conf.5.xml:539 msgid "partial_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:538 +#: sssd.conf.5.xml:541 msgid "" "Allow verification to succeed even if a <replaceable>complete</replaceable> " "chain cannot be built to a self-signed trust-anchor, provided it is possible " @@ -748,12 +755,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:547 +#: sssd.conf.5.xml:550 msgid "ocsp_default_responder=URL" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:549 +#: sssd.conf.5.xml:552 msgid "" "Sets the OCSP default responder which should be used instead of the one " "mentioned in the certificate. URL must be replaced with the URL of the OCSP " @@ -761,24 +768,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:559 +#: sssd.conf.5.xml:562 msgid "ocsp_default_responder_signing_cert=NAME" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:561 +#: sssd.conf.5.xml:564 msgid "" "This option is currently ignored. All needed certificates must be available " "in the PEM file given by pam_cert_db_path." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:569 +#: sssd.conf.5.xml:572 msgid "crl_file=/PATH/TO/CRL/FILE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:571 +#: sssd.conf.5.xml:574 msgid "" "Use the Certificate Revocation List (CRL) from the given file during the " "verification of the certificate. The CRL must be given in PEM format, see " @@ -787,12 +794,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:584 +#: sssd.conf.5.xml:587 msgid "soft_crl" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:587 +#: sssd.conf.5.xml:590 msgid "" "If a Certificate Revocation List (CRL) is expired ignore the expiration " "time of the CRL and check the related certificates with the expired CRL. " @@ -801,7 +808,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:483 +#: sssd.conf.5.xml:486 msgid "" "With this parameter the certificate verification can be tuned with a comma " "separated list of options. Supported options are: <placeholder " @@ -809,58 +816,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 +#: sssd.conf.5.xml:603 msgid "Unknown options are reported but ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:603 +#: sssd.conf.5.xml:606 msgid "Default: not set, i.e. do not restrict certificate verification" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:609 +#: sssd.conf.5.xml:612 msgid "disable_netlink (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:612 +#: sssd.conf.5.xml:615 msgid "" "SSSD hooks into the netlink interface to monitor changes to routes, " "addresses, links and trigger certain actions." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 +#: sssd.conf.5.xml:620 msgid "" "The SSSD state changes caused by netlink events may be undesirable and can " "be disabled by setting this option to 'true'" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:622 +#: sssd.conf.5.xml:625 msgid "Default: false (netlink changes are detected)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:627 +#: sssd.conf.5.xml:630 msgid "enable_files_domain (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:630 +#: sssd.conf.5.xml:633 msgid "" "When this option is enabled, SSSD prepends an implicit domain with " "<quote>id_provider=files</quote> before any explicitly configured domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:641 +#: sssd.conf.5.xml:644 msgid "domain_resolution_order" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:644 +#: sssd.conf.5.xml:647 msgid "" "Comma separated list of domains and subdomains representing the lookup order " "that will be followed. The list doesn't have to include all possible " @@ -871,7 +878,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:656 +#: sssd.conf.5.xml:659 msgid "" "Please, note that when this option is set the output format of all commands " "is always fully-qualified even when using short names for input <phrase " @@ -889,18 +896,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:684 sssd.conf.5.xml:1762 sssd.conf.5.xml:4297 +#: sssd.conf.5.xml:687 sssd.conf.5.xml:1765 sssd.conf.5.xml:4300 #: sssd-ad.5.xml:187 sssd-ad.5.xml:328 sssd-ad.5.xml:342 msgid "Default: Not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:692 msgid "implicit_pac_responder (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 +#: sssd.conf.5.xml:695 msgid "" "The PAC responder is enabled automatically for the IPA and AD provider to " "evaluate and check the PAC. If it has to be disabled set this option to " @@ -908,12 +915,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:703 +#: sssd.conf.5.xml:706 msgid "core_dumpable (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:706 +#: sssd.conf.5.xml:709 msgid "" "This option can be used for general system hardening: setting it to 'false' " "forbids core dumps for all SSSD processes to avoid leaking plain text " @@ -921,28 +928,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:718 +#: sssd.conf.5.xml:721 #, fuzzy #| msgid "re_expression (string)" msgid "passkey_verification (string)" msgstr "re_expression (tekst)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:726 +#: sssd.conf.5.xml:729 #, fuzzy #| msgid "re_expression (string)" msgid "user_verification (boolean)" msgstr "re_expression (tekst)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 +#: sssd.conf.5.xml:731 msgid "" "Enable or disable the user verification (i.e. PIN, fingerprint) during " "authentication. If enabled, the PIN will always be requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 +#: sssd.conf.5.xml:737 msgid "" "The default is that the key settings decide what to do. In the IPA or " "kerberos pre-authentication case, this value will be overwritten by the " @@ -950,7 +957,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:721 +#: sssd.conf.5.xml:724 msgid "" "With this parameter the passkey verification can be tuned with a comma " "separated list of options. Supported options are: <placeholder " @@ -958,7 +965,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:214 +#: sssd.conf.5.xml:213 msgid "" "Individual pieces of SSSD functionality are provided by special SSSD " "services that are started and stopped together with SSSD. The services are " @@ -969,12 +976,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:753 +#: sssd.conf.5.xml:756 msgid "SERVICES SECTIONS" msgstr "SERVICES SECTIE" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:755 +#: sssd.conf.5.xml:758 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -983,22 +990,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:762 +#: sssd.conf.5.xml:765 msgid "General service configuration options" msgstr "Algemene service configuratie-opties" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:764 +#: sssd.conf.5.xml:767 msgid "These options can be used to configure any service." msgstr "Deze opties kunnen gebruikt worden om services te configureren." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:768 +#: sssd.conf.5.xml:771 msgid "fd_limit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:771 +#: sssd.conf.5.xml:774 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -1008,17 +1015,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:780 +#: sssd.conf.5.xml:783 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:785 +#: sssd.conf.5.xml:788 msgid "client_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:788 +#: sssd.conf.5.xml:791 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " @@ -1028,19 +1035,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:797 +#: sssd.conf.5.xml:800 #, fuzzy #| msgid "Default: 3" msgid "Default: 60, KCM: 300" msgstr "Standaard: 3" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 +#: sssd.conf.5.xml:805 msgid "offline_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 +#: sssd.conf.5.xml:808 msgid "" "When SSSD switches to offline mode the amount of time before it tries to go " "back online will increase based upon the time spent disconnected. By " @@ -1051,14 +1058,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:816 sssd.conf.5.xml:872 +#: sssd.conf.5.xml:819 sssd.conf.5.xml:875 msgid "" "new_delay = Minimum(old_delay * 2, offline_timeout_max) + random[0..." "offline_timeout_random_offset]" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:822 msgid "" "The offline_timeout default value is 60. The offline_timeout_max default " "value is 3600. The offline_timeout_random_offset default value is 30. The " @@ -1066,46 +1073,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:825 +#: sssd.conf.5.xml:828 msgid "" "Note that the maximum length of each interval is defined by " "offline_timeout_max (apart of random part)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:829 sssd.conf.5.xml:1172 sssd.conf.5.xml:1555 -#: sssd.conf.5.xml:1851 sssd-ldap.5.xml:495 +#: sssd.conf.5.xml:832 sssd.conf.5.xml:1175 sssd.conf.5.xml:1558 +#: sssd.conf.5.xml:1854 sssd-ldap.5.xml:506 msgid "Default: 60" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:834 +#: sssd.conf.5.xml:837 #, fuzzy #| msgid "enum_cache_timeout (integer)" msgid "offline_timeout_max (integer)" msgstr "enum_cache_timeout (numeriek)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:837 +#: sssd.conf.5.xml:840 msgid "" "Controls by how much the time between attempts to go online can be " "incremented following unsuccessful attempts to go online." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:842 +#: sssd.conf.5.xml:845 msgid "A value of 0 disables the incrementing behaviour." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:845 +#: sssd.conf.5.xml:848 msgid "" "The value of this parameter should be set in correlation to offline_timeout " "parameter value." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:849 +#: sssd.conf.5.xml:852 msgid "" "With offline_timeout set to 60 (default value) there is no point in setting " "offlinet_timeout_max to less than 120 as it will saturate instantly. General " @@ -1114,62 +1121,62 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:858 msgid "" "Although a value between 0 and offline_timeout may be specified, it has the " "effect of overriding the offline_timeout value so is of little use." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:863 #, fuzzy #| msgid "Default: 3" msgid "Default: 3600" msgstr "Standaard: 3" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:865 +#: sssd.conf.5.xml:868 msgid "offline_timeout_random_offset (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:868 +#: sssd.conf.5.xml:871 msgid "" "When SSSD is in offline mode it keeps probing backend servers in specified " "time intervals:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:875 +#: sssd.conf.5.xml:878 msgid "" "This parameter controls the value of the random offset used for the above " "equation. Final random_offset value will be random number in range:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:880 +#: sssd.conf.5.xml:883 msgid "[0 - offline_timeout_random_offset]" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:883 +#: sssd.conf.5.xml:886 msgid "A value of 0 disables the random offset addition." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:886 +#: sssd.conf.5.xml:889 #, fuzzy #| msgid "Default: 3" msgid "Default: 30" msgstr "Standaard: 3" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:894 msgid "responder_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:894 +#: sssd.conf.5.xml:897 msgid "" "This option specifies the number of seconds that an SSSD responder process " "can be up without being used. This value is limited in order to avoid " @@ -1181,30 +1188,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:908 sssd.conf.5.xml:1185 sssd.conf.5.xml:2304 -#: sssd-ldap.5.xml:332 +#: sssd.conf.5.xml:911 sssd.conf.5.xml:1188 sssd.conf.5.xml:2307 +#: sssd-ldap.5.xml:343 msgid "Default: 300" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:913 +#: sssd.conf.5.xml:916 msgid "cache_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:916 +#: sssd.conf.5.xml:919 msgid "" "This option specifies whether the responder should query all caches before " "querying the Data Providers." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:934 msgid "NSS configuration options" msgstr "NSS configuratie-opties" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:933 +#: sssd.conf.5.xml:936 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" @@ -1212,12 +1219,12 @@ msgstr "" "configurere." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:938 +#: sssd.conf.5.xml:941 msgid "enum_cache_timeout (integer)" msgstr "enum_cache_timeout (numeriek)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:941 +#: sssd.conf.5.xml:944 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" @@ -1226,17 +1233,17 @@ msgstr "" "over alle gebruikers)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:945 +#: sssd.conf.5.xml:948 msgid "Default: 120" msgstr "Standaard: 120" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:950 +#: sssd.conf.5.xml:953 msgid "entry_cache_nowait_percentage (integer)" msgstr "entry_cache_nowait_percentage (numeriek)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:956 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -1244,7 +1251,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:959 +#: sssd.conf.5.xml:962 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -1254,7 +1261,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:969 +#: sssd.conf.5.xml:972 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -1263,17 +1270,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:977 sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:980 sssd.conf.5.xml:2096 msgid "Default: 50" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:985 msgid "entry_negative_timeout (integer)" msgstr "entry_negative_timeout (numeriek)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:985 +#: sssd.conf.5.xml:988 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -1281,17 +1288,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:991 sssd.conf.5.xml:1750 sssd.conf.5.xml:2117 +#: sssd.conf.5.xml:994 sssd.conf.5.xml:1753 sssd.conf.5.xml:2120 msgid "Default: 15" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:996 +#: sssd.conf.5.xml:999 msgid "local_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:999 +#: sssd.conf.5.xml:1002 msgid "" "Specifies for how many seconds nss_sss should keep local users and groups in " "negative cache before trying to look it up in the back end again. Setting " @@ -1299,17 +1306,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1005 +#: sssd.conf.5.xml:1008 msgid "Default: 14400 (4 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1013 msgid "filter_users, filter_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1013 +#: sssd.conf.5.xml:1016 msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " @@ -1318,7 +1325,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1024 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1327,41 +1334,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1029 +#: sssd.conf.5.xml:1032 msgid "Default: root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1037 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1037 +#: sssd.conf.5.xml:1040 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1048 +#: sssd.conf.5.xml:1051 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 +#: sssd.conf.5.xml:1054 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1056 +#: sssd.conf.5.xml:1059 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1062 +#: sssd.conf.5.xml:1065 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1369,23 +1376,23 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 sssd.conf.5.xml:1622 sssd.conf.5.xml:1641 -#: sssd.conf.5.xml:1718 sssd-krb5.5.xml:451 include/override_homedir.xml:66 +#: sssd.conf.5.xml:1063 sssd.conf.5.xml:1625 sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1721 sssd-krb5.5.xml:451 include/override_homedir.xml:66 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1069 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1072 +#: sssd.conf.5.xml:1075 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 +#: sssd.conf.5.xml:1078 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1393,47 +1400,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1084 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1090 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1093 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:1096 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1097 +#: sssd.conf.5.xml:1100 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1105 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 +#: sssd.conf.5.xml:1110 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1110 +#: sssd.conf.5.xml:1113 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1441,117 +1448,117 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1117 +#: sssd.conf.5.xml:1120 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1123 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1127 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1132 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1132 +#: sssd.conf.5.xml:1135 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1140 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1143 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1147 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1152 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1155 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1161 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 sssd.conf.5.xml:1548 +#: sssd.conf.5.xml:1168 sssd.conf.5.xml:1551 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 sssd.conf.5.xml:1551 +#: sssd.conf.5.xml:1171 sssd.conf.5.xml:1554 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1180 #, fuzzy #| msgid "enum_cache_timeout (integer)" msgid "memcache_timeout (integer)" msgstr "enum_cache_timeout (numeriek)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1180 +#: sssd.conf.5.xml:1183 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1191 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 sssd.conf.5.xml:1219 sssd.conf.5.xml:1244 -#: sssd.conf.5.xml:1269 sssd.conf.5.xml:1296 +#: sssd.conf.5.xml:1197 sssd.conf.5.xml:1222 sssd.conf.5.xml:1247 +#: sssd.conf.5.xml:1272 sssd.conf.5.xml:1299 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1202 +#: sssd.conf.5.xml:1205 #, fuzzy #| msgid "enum_cache_timeout (integer)" msgid "memcache_size_passwd (integer)" msgstr "enum_cache_timeout (numeriek)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1205 +#: sssd.conf.5.xml:1208 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for passwd requests. Setting the size to 0 will disable the passwd in-" @@ -1559,27 +1566,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:2963 sssd-ldap.5.xml:549 +#: sssd.conf.5.xml:1214 sssd.conf.5.xml:2966 sssd-ldap.5.xml:560 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1214 sssd.conf.5.xml:1239 sssd.conf.5.xml:1264 -#: sssd.conf.5.xml:1291 +#: sssd.conf.5.xml:1217 sssd.conf.5.xml:1242 sssd.conf.5.xml:1267 +#: sssd.conf.5.xml:1294 msgid "" "WARNING: Disabled or too small in-memory cache can have significant negative " "impact on SSSD's performance." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1230 #, fuzzy #| msgid "enum_cache_timeout (integer)" msgid "memcache_size_group (integer)" msgstr "enum_cache_timeout (numeriek)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1233 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for group requests. Setting the size to 0 will disable the group in-memory " @@ -1587,21 +1594,21 @@ msgid "" msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1236 sssd.conf.5.xml:1288 sssd.conf.5.xml:3724 -#: sssd-ldap.5.xml:474 sssd-ldap.5.xml:526 include/failover.xml:116 +#: sssd.conf.5.xml:1239 sssd.conf.5.xml:1291 sssd.conf.5.xml:3727 +#: sssd-ldap.5.xml:485 sssd-ldap.5.xml:537 include/failover.xml:116 #: include/krb5_options.xml:11 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1252 +#: sssd.conf.5.xml:1255 #, fuzzy #| msgid "enum_cache_timeout (integer)" msgid "memcache_size_initgroups (integer)" msgstr "enum_cache_timeout (numeriek)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1255 +#: sssd.conf.5.xml:1258 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for initgroups requests. Setting the size to 0 will disable the initgroups " @@ -1609,14 +1616,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 +#: sssd.conf.5.xml:1280 #, fuzzy #| msgid "enum_cache_timeout (integer)" msgid "memcache_size_sid (integer)" msgstr "enum_cache_timeout (numeriek)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 +#: sssd.conf.5.xml:1283 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for SID related requests. Only SID-by-ID and ID-by-SID requests are " @@ -1625,12 +1632,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1304 sssd-ifp.5.xml:90 +#: sssd.conf.5.xml:1307 sssd-ifp.5.xml:90 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1307 +#: sssd.conf.5.xml:1310 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1641,45 +1648,45 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1320 +#: sssd.conf.5.xml:1323 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1325 +#: sssd.conf.5.xml:1328 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1330 +#: sssd.conf.5.xml:1333 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1336 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1341 #, fuzzy #| msgid "Default: <quote>%1$s@%2$s</quote>." msgid "Default: <quote>*</quote>" msgstr "Standaard: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1341 +#: sssd.conf.5.xml:1344 msgid "" "Note: This option can also be set per-domain which overwrites the value in " "[nss] section." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1348 msgid "" "Default: <quote>not set</quote> (remote domains), <phrase " "condition=\"with_files_provider\"> <quote>x</quote> (the files domain), </" @@ -1688,60 +1695,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1360 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1359 +#: sssd.conf.5.xml:1362 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1364 +#: sssd.conf.5.xml:1367 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1367 +#: sssd.conf.5.xml:1370 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1372 sssd.conf.5.xml:1385 +#: sssd.conf.5.xml:1375 sssd.conf.5.xml:1388 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1381 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1384 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1391 +#: sssd.conf.5.xml:1394 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1394 +#: sssd.conf.5.xml:1397 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1399 +#: sssd.conf.5.xml:1402 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1749,61 +1756,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1405 sssd.conf.5.xml:1515 +#: sssd.conf.5.xml:1408 sssd.conf.5.xml:1518 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1411 +#: sssd.conf.5.xml:1414 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1414 +#: sssd.conf.5.xml:1417 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1422 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1422 +#: sssd.conf.5.xml:1425 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1425 +#: sssd.conf.5.xml:1428 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1432 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1435 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1436 sssd.8.xml:63 +#: sssd.conf.5.xml:1439 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1442 +#: sssd.conf.5.xml:1445 #, fuzzy #| msgid "re_expression (string)" msgid "pam_response_filter (string)" msgstr "re_expression (tekst)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:1448 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1812,51 +1819,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1453 +#: sssd.conf.5.xml:1456 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1463 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1461 +#: sssd.conf.5.xml:1464 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1464 +#: sssd.conf.5.xml:1467 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1465 +#: sssd.conf.5.xml:1468 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:1472 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1470 +#: sssd.conf.5.xml:1473 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1458 +#: sssd.conf.5.xml:1461 msgid "" "Currently the following filters are supported: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1477 +#: sssd.conf.5.xml:1480 msgid "" "The list of strings can either be the list of filters which would set this " "list of filters and overwrite the defaults. Or each element of the list can " @@ -1867,23 +1874,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1488 +#: sssd.conf.5.xml:1491 msgid "Default: ENV:KRB5CCNAME:sudo, ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1491 +#: sssd.conf.5.xml:1494 msgid "" "Example: -ENV:KRB5CCNAME:sudo-i will remove the filter from the default list" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1498 +#: sssd.conf.5.xml:1501 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1501 +#: sssd.conf.5.xml:1504 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1891,7 +1898,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1507 +#: sssd.conf.5.xml:1510 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1900,17 +1907,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1521 +#: sssd.conf.5.xml:1524 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1524 sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:1527 sssd.conf.5.xml:2990 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1527 +#: sssd.conf.5.xml:1530 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1918,32 +1925,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1533 sssd.conf.5.xml:2990 +#: sssd.conf.5.xml:1536 sssd.conf.5.xml:2993 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1541 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1543 sssd.conf.5.xml:3990 sssd-ldap.5.xml:607 -#: sssd-ldap.5.xml:1673 sssd.8.xml:79 +#: sssd.conf.5.xml:1546 sssd.conf.5.xml:3993 sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:1684 sssd.8.xml:79 msgid "Default: 0" msgstr "Standaard: 0" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1560 +#: sssd.conf.5.xml:1563 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1563 +#: sssd.conf.5.xml:1566 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1953,75 +1960,75 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1573 +#: sssd.conf.5.xml:1576 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1577 +#: sssd.conf.5.xml:1580 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1584 +#: sssd.conf.5.xml:1587 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1587 +#: sssd.conf.5.xml:1590 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1591 +#: sssd.conf.5.xml:1594 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1595 +#: sssd.conf.5.xml:1598 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1602 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1603 sssd.conf.5.xml:1628 sssd.conf.5.xml:1647 -#: sssd.conf.5.xml:1884 sssd.conf.5.xml:2725 sssd.conf.5.xml:3919 -#: sssd-ldap.5.xml:1210 +#: sssd.conf.5.xml:1606 sssd.conf.5.xml:1631 sssd.conf.5.xml:1650 +#: sssd.conf.5.xml:1887 sssd.conf.5.xml:2728 sssd.conf.5.xml:3922 +#: sssd-ldap.5.xml:1221 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1611 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1611 +#: sssd.conf.5.xml:1614 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1616 +#: sssd.conf.5.xml:1619 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1627 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -2029,19 +2036,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1633 +#: sssd.conf.5.xml:1636 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1639 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1643 +#: sssd.conf.5.xml:1646 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -2049,46 +2056,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1652 +#: sssd.conf.5.xml:1655 msgid "pam_passkey_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1655 +#: sssd.conf.5.xml:1658 msgid "Enable passkey device based authentication." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1658 sssd.conf.5.xml:1970 sssd-ad.5.xml:1272 +#: sssd.conf.5.xml:1661 sssd.conf.5.xml:1973 sssd-ad.5.xml:1275 #: sss_rpcidmapd.5.xml:76 sssd-files.5.xml:145 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1663 +#: sssd.conf.5.xml:1666 msgid "passkey_debug_libfido2 (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1666 +#: sssd.conf.5.xml:1669 msgid "Enable libfido2 library debug messages." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1669 sssd.conf.5.xml:1683 sssd-ldap.5.xml:672 -#: sssd-ldap.5.xml:693 sssd-ldap.5.xml:789 sssd-ldap.5.xml:1296 -#: sssd-ad.5.xml:506 sssd-ad.5.xml:582 sssd-ad.5.xml:1127 sssd-ad.5.xml:1176 +#: sssd.conf.5.xml:1672 sssd.conf.5.xml:1686 sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:704 sssd-ldap.5.xml:800 sssd-ldap.5.xml:1307 +#: sssd-ad.5.xml:506 sssd-ad.5.xml:582 sssd-ad.5.xml:1127 sssd-ad.5.xml:1179 #: include/ldap_id_mapping.xml:250 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1674 +#: sssd.conf.5.xml:1677 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1677 +#: sssd.conf.5.xml:1680 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -2096,36 +2103,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1688 +#: sssd.conf.5.xml:1691 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1691 +#: sssd.conf.5.xml:1694 msgid "The path to the certificate database." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1694 sssd.conf.5.xml:2219 sssd.conf.5.xml:4411 +#: sssd.conf.5.xml:1697 sssd.conf.5.xml:2222 sssd.conf.5.xml:4414 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1696 sssd.conf.5.xml:2221 +#: sssd.conf.5.xml:1699 sssd.conf.5.xml:2224 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (path to a file with trusted CA " "certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:1709 #, fuzzy #| msgid "re_expression (string)" msgid "pam_cert_verification (string)" msgstr "re_expression (tekst)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:1712 msgid "" "With this parameter the PAM certificate verification can be tuned with a " "comma separated list of options that override the " @@ -2135,7 +2142,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:1723 #, no-wrap msgid "" "pam_cert_verification = partial_chain\n" @@ -2143,63 +2150,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:1727 msgid "" "Default: not set, i.e. use default <quote>certificate_verification</quote> " "option defined in <quote>[sssd]</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1731 +#: sssd.conf.5.xml:1734 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1734 +#: sssd.conf.5.xml:1737 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1743 +#: sssd.conf.5.xml:1746 #, fuzzy #| msgid "enum_cache_timeout (integer)" msgid "passkey_child_timeout (integer)" msgstr "enum_cache_timeout (numeriek)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 +#: sssd.conf.5.xml:1749 msgid "" "How many seconds will the PAM responder wait for passkey_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1758 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1761 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1767 +#: sssd.conf.5.xml:1770 #, fuzzy #| msgid "re_expression (string)" msgid "pam_p11_allowed_services (string)" msgstr "re_expression (tekst)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1770 +#: sssd.conf.5.xml:1773 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1785 +#: sssd.conf.5.xml:1788 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -2207,7 +2214,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1774 +#: sssd.conf.5.xml:1777 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -2219,63 +2226,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1789 sssd-ad.5.xml:645 sssd-ad.5.xml:754 sssd-ad.5.xml:812 +#: sssd.conf.5.xml:1792 sssd-ad.5.xml:645 sssd-ad.5.xml:754 sssd-ad.5.xml:812 #: sssd-ad.5.xml:870 sssd-ad.5.xml:948 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1794 sssd-ad.5.xml:649 +#: sssd.conf.5.xml:1797 sssd-ad.5.xml:649 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1799 sssd-ad.5.xml:654 +#: sssd.conf.5.xml:1802 sssd-ad.5.xml:654 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1804 sssd-ad.5.xml:659 +#: sssd.conf.5.xml:1807 sssd-ad.5.xml:659 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1809 sssd-ad.5.xml:674 +#: sssd.conf.5.xml:1812 sssd-ad.5.xml:674 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1814 sssd-ad.5.xml:669 +#: sssd.conf.5.xml:1817 sssd-ad.5.xml:669 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1819 sssd-ad.5.xml:679 +#: sssd.conf.5.xml:1822 sssd-ad.5.xml:679 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1824 sssd-ad.5.xml:957 +#: sssd.conf.5.xml:1827 sssd-ad.5.xml:957 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1829 sssd-ad.5.xml:962 +#: sssd.conf.5.xml:1832 sssd-ad.5.xml:962 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1837 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1845 msgid "p11_wait_for_card_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1845 +#: sssd.conf.5.xml:1848 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2283,12 +2290,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1856 +#: sssd.conf.5.xml:1859 msgid "p11_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1859 +#: sssd.conf.5.xml:1862 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " @@ -2299,7 +2306,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1872 +#: sssd.conf.5.xml:1875 #, no-wrap msgid "" "p11_uri = pkcs11:slot-description=My%20Smartcard%20Reader\n" @@ -2307,7 +2314,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1876 +#: sssd.conf.5.xml:1879 #, no-wrap msgid "" "p11_uri = pkcs11:library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2315,7 +2322,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1870 +#: sssd.conf.5.xml:1873 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2324,47 +2331,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1892 msgid "pam_initgroups_scheme" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1897 +#: sssd.conf.5.xml:1900 msgid "always" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1898 +#: sssd.conf.5.xml:1901 msgid "" "Always do an online lookup, please note that pam_id_timeout still applies" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1902 +#: sssd.conf.5.xml:1905 msgid "no_session" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1903 +#: sssd.conf.5.xml:1906 msgid "" "Only do an online lookup if there is no active session of the user, i.e. if " "the user is currently not logged in" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1908 +#: sssd.conf.5.xml:1911 msgid "never" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1909 +#: sssd.conf.5.xml:1912 msgid "" "Never force an online lookup, use the data from the cache as long as they " "are not expired" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1892 +#: sssd.conf.5.xml:1895 msgid "" "The PAM responder can force an online lookup to get the current group " "memberships of the user trying to log in. This option controls when this " @@ -2373,30 +2380,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1916 +#: sssd.conf.5.xml:1919 msgid "Default: no_session" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1921 sssd.conf.5.xml:4350 +#: sssd.conf.5.xml:1924 sssd.conf.5.xml:4353 msgid "pam_gssapi_services" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1924 +#: sssd.conf.5.xml:1927 msgid "" "Comma separated list of PAM services that are allowed to try GSSAPI " "authentication using pam_sss_gss.so module." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:1932 msgid "" "To disable GSSAPI authentication, set this option to <quote>-</quote> (dash)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1933 sssd.conf.5.xml:1964 sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:1936 sssd.conf.5.xml:1967 sssd.conf.5.xml:2005 msgid "" "Note: This option can also be set per-domain which overwrites the value in " "[pam] section. It can also be set for trusted domain which overwrites the " @@ -2404,7 +2411,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1941 +#: sssd.conf.5.xml:1944 #, no-wrap msgid "" "pam_gssapi_services = sudo, sudo-i\n" @@ -2412,22 +2419,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1939 sssd.conf.5.xml:3913 +#: sssd.conf.5.xml:1942 sssd.conf.5.xml:3916 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1945 +#: sssd.conf.5.xml:1948 msgid "Default: - (GSSAPI authentication is disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1950 sssd.conf.5.xml:4351 +#: sssd.conf.5.xml:1953 sssd.conf.5.xml:4354 msgid "pam_gssapi_check_upn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1953 +#: sssd.conf.5.xml:1956 msgid "" "If True, SSSD will require that the Kerberos user principal that " "successfully authenticated through GSSAPI can be associated with the user " @@ -2435,19 +2442,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1960 +#: sssd.conf.5.xml:1963 msgid "" "If False, every user that is able to obtained required service ticket will " "be authenticated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:1978 msgid "pam_gssapi_indicators_map" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1978 +#: sssd.conf.5.xml:1981 msgid "" "Comma separated list of authentication indicators required to be present in " "a Kerberos ticket to access a PAM service that is allowed to try GSSAPI " @@ -2455,7 +2462,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1984 +#: sssd.conf.5.xml:1987 msgid "" "Each element of the list can be either an authentication indicator name or a " "pair <quote>service:indicator</quote>. Indicators not prefixed with the PAM " @@ -2470,7 +2477,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1997 +#: sssd.conf.5.xml:2000 msgid "" "To disable GSSAPI authentication indicator check, set this option to <quote>-" "</quote> (dash). To disable the check for a specific PAM service, add " @@ -2478,45 +2485,45 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2008 +#: sssd.conf.5.xml:2011 msgid "" "Following authentication indicators are supported by IPA Kerberos " "deployments:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2011 +#: sssd.conf.5.xml:2014 msgid "" "pkinit -- pre-authentication using X.509 certificates -- whether stored in " "files or on smart cards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2014 +#: sssd.conf.5.xml:2017 msgid "" "hardened -- SPAKE pre-authentication or any pre-authentication wrapped in a " "FAST channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2017 +#: sssd.conf.5.xml:2020 msgid "radius -- pre-authentication with the help of a RADIUS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2020 +#: sssd.conf.5.xml:2023 msgid "" "otp -- pre-authentication using integrated two-factor authentication (2FA or " "one-time password, OTP) in IPA." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2023 +#: sssd.conf.5.xml:2026 msgid "idp -- pre-authentication using external identity provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2033 +#: sssd.conf.5.xml:2036 #, no-wrap msgid "" "pam_gssapi_indicators_map = sudo:pkinit, sudo-i:pkinit\n" @@ -2524,7 +2531,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2028 +#: sssd.conf.5.xml:2031 msgid "" "Example: to require access to SUDO services only for users which obtained " "their Kerberos tickets with a X.509 certificate pre-authentication (PKINIT), " @@ -2532,17 +2539,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2037 +#: sssd.conf.5.xml:2040 msgid "Default: not set (use of authentication indicators is not required)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2048 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2047 +#: sssd.conf.5.xml:2050 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2553,24 +2560,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2064 +#: sssd.conf.5.xml:2067 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2067 +#: sssd.conf.5.xml:2070 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2079 +#: sssd.conf.5.xml:2082 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2082 +#: sssd.conf.5.xml:2085 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2580,22 +2587,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2101 +#: sssd.conf.5.xml:2104 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2103 +#: sssd.conf.5.xml:2106 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2107 +#: sssd.conf.5.xml:2110 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2110 +#: sssd.conf.5.xml:2113 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2603,51 +2610,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2126 +#: sssd.conf.5.xml:2129 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2128 +#: sssd.conf.5.xml:2131 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:2135 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2135 +#: sssd.conf.5.xml:2138 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2144 +#: sssd.conf.5.xml:2147 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2147 +#: sssd.conf.5.xml:2150 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2154 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2156 +#: sssd.conf.5.xml:2159 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2159 +#: sssd.conf.5.xml:2162 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2656,12 +2663,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2174 +#: sssd.conf.5.xml:2177 msgid "ssh_use_certificate_matching_rules (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2177 +#: sssd.conf.5.xml:2180 msgid "" "By default the ssh responder will use all available certificate matching " "rules to filter the certificates so that ssh keys are only derived from the " @@ -2671,7 +2678,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2186 +#: sssd.conf.5.xml:2189 msgid "" "There are two special key words 'all_rules' and 'no_rules' which will enable " "all or no rules, respectively. The latter means that no certificates will be " @@ -2679,7 +2686,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2193 +#: sssd.conf.5.xml:2196 msgid "" "If no rules are configured using 'all_rules' will enable a default rule " "which enables all certificates suitable for client authentication. This is " @@ -2688,38 +2695,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2200 +#: sssd.conf.5.xml:2203 msgid "" "A non-existing rule name is considered an error. If as a result no rule is " "selected all certificates will be ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2205 +#: sssd.conf.5.xml:2208 msgid "" "Default: not set, equivalent to 'all_rules', all found rules or the default " "rule are used" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2211 +#: sssd.conf.5.xml:2214 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2214 +#: sssd.conf.5.xml:2217 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2234 +#: sssd.conf.5.xml:2237 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2239 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2730,7 +2737,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2245 +#: sssd.conf.5.xml:2248 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2741,24 +2748,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2253 +#: sssd.conf.5.xml:2256 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2259 +#: sssd.conf.5.xml:2262 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2263 sssd-ifp.5.xml:66 +#: sssd.conf.5.xml:2266 sssd-ifp.5.xml:66 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2266 +#: sssd.conf.5.xml:2269 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2766,19 +2773,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2272 +#: sssd.conf.5.xml:2275 msgid "" "Default: 0, &sssd_user_name; (only root and SSSD service users are allowed " "to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2279 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2280 +#: sssd.conf.5.xml:2283 msgid "" "Please note that defaults will be overwritten with this option. If you still " "want to allow the root and/or '&sssd_user_name;' user to access the PAC " @@ -2787,7 +2794,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2287 +#: sssd.conf.5.xml:2290 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2796,26 +2803,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2296 +#: sssd.conf.5.xml:2299 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2299 +#: sssd.conf.5.xml:2302 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2309 +#: sssd.conf.5.xml:2312 #, fuzzy #| msgid "re_expression (string)" msgid "pac_check (string)" msgstr "re_expression (tekst)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2312 +#: sssd.conf.5.xml:2315 msgid "" "Apply additional checks on the PAC of the Kerberos ticket which is available " "in Active Directory and FreeIPA domains, if configured. Please note that " @@ -2826,24 +2833,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2326 +#: sssd.conf.5.xml:2329 msgid "no_check" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2328 +#: sssd.conf.5.xml:2331 msgid "" "The PAC must not be present and even if it is present no additional checks " "will be done." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2334 +#: sssd.conf.5.xml:2337 msgid "pac_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:2339 msgid "" "The PAC must be present in the service ticket which SSSD will request with " "the help of the user's TGT. If the PAC is not available the authentication " @@ -2851,24 +2858,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2344 +#: sssd.conf.5.xml:2347 msgid "check_upn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2346 +#: sssd.conf.5.xml:2349 msgid "" "If the PAC is present check if the user principal name (UPN) information is " "consistent." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2352 +#: sssd.conf.5.xml:2355 msgid "check_upn_allow_missing" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2357 msgid "" "This option should be used together with 'check_upn' and handles the case " "where a UPN is set on the server-side but is not read by SSSD. The typical " @@ -2880,7 +2887,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2366 +#: sssd.conf.5.xml:2369 msgid "" "Currently this option is set by default to avoid regressions in such " "environments. A log message will be added to the system log and SSSD's debug " @@ -2891,60 +2898,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2380 +#: sssd.conf.5.xml:2383 msgid "upn_dns_info_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2382 +#: sssd.conf.5.xml:2385 msgid "The PAC must contain the UPN-DNS-INFO buffer, implies 'check_upn'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2387 +#: sssd.conf.5.xml:2390 msgid "check_upn_dns_info_ex" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2389 +#: sssd.conf.5.xml:2392 msgid "" "If the PAC is present and the extension to the UPN-DNS-INFO buffer is " "available check if the information in the extension is consistent." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2396 +#: sssd.conf.5.xml:2399 msgid "upn_dns_info_ex_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2401 msgid "" "The PAC must contain the extension of the UPN-DNS-INFO buffer, implies " "'check_upn_dns_info_ex', 'upn_dns_info_present' and 'check_upn'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2325 msgid "" "The following options can be used alone or in a comma-separated list: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2408 +#: sssd.conf.5.xml:2411 msgid "" "Default: no_check (AD and IPA provider 'check_upn, check_upn_allow_missing, " "check_upn_dns_info_ex')" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2417 +#: sssd.conf.5.xml:2420 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2419 +#: sssd.conf.5.xml:2422 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2954,66 +2961,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2432 +#: sssd.conf.5.xml:2435 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2436 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:2439 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2443 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:2446 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2446 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:2449 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2451 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:2454 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2454 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:2457 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2463 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:2466 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2466 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:2469 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2439 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:2442 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:2476 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2478 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:2481 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2481 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:2484 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -3021,17 +3028,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2487 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:2490 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2492 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:2495 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2495 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:2498 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -3039,7 +3046,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2501 sssd.conf.5.xml:2533 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:2504 sssd.conf.5.xml:2536 sssd-session-recording.5.xml:129 #: sssd-session-recording.5.xml:161 msgid "" "NOTE: using this option (having it set to anything) has a considerable " @@ -3048,59 +3055,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2508 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:2511 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2513 sssd-session-recording.5.xml:141 +#: sssd.conf.5.xml:2516 sssd-session-recording.5.xml:141 #, fuzzy #| msgid "re_expression (string)" msgid "exclude_users (string)" msgstr "re_expression (tekst)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2516 sssd-session-recording.5.xml:144 +#: sssd.conf.5.xml:2519 sssd-session-recording.5.xml:144 msgid "" "A comma-separated list of users to be excluded from recording, only " "applicable with 'scope=all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2520 sssd-session-recording.5.xml:148 +#: sssd.conf.5.xml:2523 sssd-session-recording.5.xml:148 msgid "Default: Empty. No users excluded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2525 sssd-session-recording.5.xml:153 +#: sssd.conf.5.xml:2528 sssd-session-recording.5.xml:153 msgid "exclude_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2528 sssd-session-recording.5.xml:156 +#: sssd.conf.5.xml:2531 sssd-session-recording.5.xml:156 msgid "" "A comma-separated list of groups, members of which should be excluded from " "recording. Only applicable with 'scope=all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2540 sssd-session-recording.5.xml:168 +#: sssd.conf.5.xml:2543 sssd-session-recording.5.xml:168 msgid "Default: Empty. No groups excluded." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:2550 +#: sssd.conf.5.xml:2553 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para> -#: sssd.conf.5.xml:2557 sssd.conf.5.xml:4041 sssd.conf.5.xml:4042 -#: sssd.conf.5.xml:4045 +#: sssd.conf.5.xml:2560 sssd.conf.5.xml:4044 sssd.conf.5.xml:4045 +#: sssd.conf.5.xml:4048 msgid "enabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2560 +#: sssd.conf.5.xml:2563 msgid "" "Explicitly enable or disable the domain. If <quote>true</quote>, the domain " "is always <quote>enabled</quote>. If <quote>false</quote>, the domain is " @@ -3110,12 +3117,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2572 +#: sssd.conf.5.xml:2575 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2578 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -3124,14 +3131,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2583 +#: sssd.conf.5.xml:2586 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2587 +#: sssd.conf.5.xml:2590 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -3140,38 +3147,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2595 +#: sssd.conf.5.xml:2598 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2602 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2603 +#: sssd.conf.5.xml:2606 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2609 +#: sssd.conf.5.xml:2612 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2615 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2617 +#: sssd.conf.5.xml:2620 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -3180,24 +3187,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2627 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2631 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2637 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2637 +#: sssd.conf.5.xml:2640 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -3206,36 +3213,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:2648 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:2651 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2651 sssd.conf.5.xml:2942 sssd.conf.5.xml:3119 +#: sssd.conf.5.xml:2654 sssd.conf.5.xml:2945 sssd.conf.5.xml:3122 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2654 +#: sssd.conf.5.xml:2657 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2659 +#: sssd.conf.5.xml:2662 msgid "" "Feature is only supported for domains with id_provider = ldap or id_provider " "= proxy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2663 +#: sssd.conf.5.xml:2666 msgid "" "Note: Enabling enumeration has a severe performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -3249,14 +3256,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2678 +#: sssd.conf.5.xml:2681 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2683 +#: sssd.conf.5.xml:2686 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -3265,14 +3272,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2694 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2696 +#: sssd.conf.5.xml:2699 msgid "" "Note: the proxy provider is tested with open source modules like " "'libnss_files' and 'libnss_ldap'. 3rd party modules must follow the " @@ -3280,32 +3287,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2705 +#: sssd.conf.5.xml:2708 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2712 +#: sssd.conf.5.xml:2715 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2716 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2716 +#: sssd.conf.5.xml:2719 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2717 +#: sssd.conf.5.xml:2720 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2708 +#: sssd.conf.5.xml:2711 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -3314,19 +3321,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2731 +#: sssd.conf.5.xml:2734 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2734 +#: sssd.conf.5.xml:2737 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2738 +#: sssd.conf.5.xml:2741 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -3337,139 +3344,139 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2751 +#: sssd.conf.5.xml:2754 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2757 +#: sssd.conf.5.xml:2760 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2760 +#: sssd.conf.5.xml:2763 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2764 sssd.conf.5.xml:2777 sssd.conf.5.xml:2790 -#: sssd.conf.5.xml:2803 sssd.conf.5.xml:2817 sssd.conf.5.xml:2830 -#: sssd.conf.5.xml:2844 sssd.conf.5.xml:2858 sssd.conf.5.xml:2871 +#: sssd.conf.5.xml:2767 sssd.conf.5.xml:2780 sssd.conf.5.xml:2793 +#: sssd.conf.5.xml:2806 sssd.conf.5.xml:2820 sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2847 sssd.conf.5.xml:2861 sssd.conf.5.xml:2874 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2773 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2776 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2783 +#: sssd.conf.5.xml:2786 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2786 +#: sssd.conf.5.xml:2789 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2796 +#: sssd.conf.5.xml:2799 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2799 +#: sssd.conf.5.xml:2802 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2812 msgid "entry_cache_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2812 +#: sssd.conf.5.xml:2815 msgid "" "How many seconds should nss_sss consider hosts and networks entries valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:2826 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2826 +#: sssd.conf.5.xml:2829 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2836 +#: sssd.conf.5.xml:2839 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2839 +#: sssd.conf.5.xml:2842 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2850 +#: sssd.conf.5.xml:2853 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2853 +#: sssd.conf.5.xml:2856 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2867 msgid "entry_cache_computer_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2867 +#: sssd.conf.5.xml:2870 msgid "" "How many seconds to keep the local computer entry before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2877 +#: sssd.conf.5.xml:2880 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2880 +#: sssd.conf.5.xml:2883 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2885 +#: sssd.conf.5.xml:2888 msgid "" "The background refresh will process users, groups and netgroups in the " "cache. For users who have performed the initgroups (get group membership for " @@ -3478,17 +3485,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2893 +#: sssd.conf.5.xml:2896 msgid "This option is automatically inherited for all trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2897 +#: sssd.conf.5.xml:2900 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2901 +#: sssd.conf.5.xml:2904 msgid "" "Cache entry will be refreshed by background task when 2/3 of cache timeout " "has already passed. If there are existing cached entries, the background " @@ -3500,18 +3507,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2914 sssd-ldap.5.xml:361 sssd-ldap.5.xml:1774 +#: sssd.conf.5.xml:2917 sssd-ldap.5.xml:372 sssd-ldap.5.xml:1785 #: sssd-ipa.5.xml:270 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2920 +#: sssd.conf.5.xml:2923 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:2926 msgid "" "Determines if user credentials are also cached in the local LDB cache. The " "cached credentials refer to passwords, which includes the first (long term) " @@ -3522,7 +3529,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2934 +#: sssd.conf.5.xml:2937 msgid "" "Take a note that while credentials are stored as a salted SHA512 hash, this " "still potentially poses some security risk in case an attacker manages to " @@ -3531,12 +3538,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:2951 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2951 +#: sssd.conf.5.xml:2954 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -3544,19 +3551,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2958 +#: sssd.conf.5.xml:2961 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:2972 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:2975 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -3565,17 +3572,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2979 +#: sssd.conf.5.xml:2982 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:2987 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2995 +#: sssd.conf.5.xml:2998 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -3584,28 +3591,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3002 +#: sssd.conf.5.xml:3005 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3008 +#: sssd.conf.5.xml:3011 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3011 +#: sssd.conf.5.xml:3014 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3015 +#: sssd.conf.5.xml:3018 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3018 +#: sssd.conf.5.xml:3021 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3613,7 +3620,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3026 +#: sssd.conf.5.xml:3029 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3621,8 +3628,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3034 sssd.conf.5.xml:3145 sssd.conf.5.xml:3196 -#: sssd.conf.5.xml:3259 +#: sssd.conf.5.xml:3037 sssd.conf.5.xml:3148 sssd.conf.5.xml:3199 +#: sssd.conf.5.xml:3262 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Identity Management provider. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3630,8 +3637,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3043 sssd.conf.5.xml:3154 sssd.conf.5.xml:3205 -#: sssd.conf.5.xml:3268 +#: sssd.conf.5.xml:3046 sssd.conf.5.xml:3157 sssd.conf.5.xml:3208 +#: sssd.conf.5.xml:3271 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3639,19 +3646,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3054 +#: sssd.conf.5.xml:3057 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3057 +#: sssd.conf.5.xml:3060 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3062 +#: sssd.conf.5.xml:3065 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -3660,7 +3667,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3070 +#: sssd.conf.5.xml:3073 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -3668,24 +3675,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3077 +#: sssd.conf.5.xml:3080 msgid "" "Default: FALSE (TRUE for trusted domain/sub-domains or if " "default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3084 +#: sssd.conf.5.xml:3087 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3087 +#: sssd.conf.5.xml:3090 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3090 +#: sssd.conf.5.xml:3093 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -3697,7 +3704,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3111 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -3705,30 +3712,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3114 sssd.conf.5.xml:3835 sssd-ldap.5.xml:327 -#: sssd-ldap.5.xml:356 sssd-ldap.5.xml:409 sssd-ldap.5.xml:469 -#: sssd-ldap.5.xml:490 sssd-ldap.5.xml:521 sssd-ldap.5.xml:544 -#: sssd-ldap.5.xml:583 sssd-ldap.5.xml:602 sssd-ldap.5.xml:626 -#: sssd-ldap.5.xml:1054 sssd-ldap.5.xml:1087 +#: sssd.conf.5.xml:3117 sssd.conf.5.xml:3838 sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:367 sssd-ldap.5.xml:420 sssd-ldap.5.xml:480 +#: sssd-ldap.5.xml:501 sssd-ldap.5.xml:532 sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:594 sssd-ldap.5.xml:613 sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:1065 sssd-ldap.5.xml:1098 msgid "" "This option can be also set per subdomain or inherited via " "<emphasis>subdomain_inherit</emphasis>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3124 +#: sssd.conf.5.xml:3127 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3127 +#: sssd.conf.5.xml:3130 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3131 sssd.conf.5.xml:3189 +#: sssd.conf.5.xml:3134 sssd.conf.5.xml:3192 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3736,7 +3743,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3138 +#: sssd.conf.5.xml:3141 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3744,30 +3751,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3162 +#: sssd.conf.5.xml:3165 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3168 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3168 +#: sssd.conf.5.xml:3171 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3174 +#: sssd.conf.5.xml:3177 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3177 +#: sssd.conf.5.xml:3180 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3775,19 +3782,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3183 +#: sssd.conf.5.xml:3186 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3186 +#: sssd.conf.5.xml:3189 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3213 +#: sssd.conf.5.xml:3216 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3796,7 +3803,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3223 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3804,29 +3811,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3227 +#: sssd.conf.5.xml:3230 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3230 +#: sssd.conf.5.xml:3233 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3235 +#: sssd.conf.5.xml:3238 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3238 +#: sssd.conf.5.xml:3241 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3243 +#: sssd.conf.5.xml:3246 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3834,7 +3841,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3251 +#: sssd.conf.5.xml:3254 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3842,35 +3849,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3276 +#: sssd.conf.5.xml:3279 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3280 +#: sssd.conf.5.xml:3283 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3283 +#: sssd.conf.5.xml:3286 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3290 +#: sssd.conf.5.xml:3293 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3293 +#: sssd.conf.5.xml:3296 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3297 +#: sssd.conf.5.xml:3300 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3878,32 +3885,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3305 +#: sssd.conf.5.xml:3308 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3309 +#: sssd.conf.5.xml:3312 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3313 +#: sssd.conf.5.xml:3316 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3316 sssd.conf.5.xml:3402 sssd.conf.5.xml:3467 -#: sssd.conf.5.xml:3492 sssd.conf.5.xml:3528 +#: sssd.conf.5.xml:3319 sssd.conf.5.xml:3405 sssd.conf.5.xml:3470 +#: sssd.conf.5.xml:3495 sssd.conf.5.xml:3531 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3320 +#: sssd.conf.5.xml:3323 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3914,7 +3921,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3335 +#: sssd.conf.5.xml:3338 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3923,12 +3930,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3345 +#: sssd.conf.5.xml:3348 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3348 +#: sssd.conf.5.xml:3351 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3936,7 +3943,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3354 +#: sssd.conf.5.xml:3357 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3944,31 +3951,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3362 +#: sssd.conf.5.xml:3365 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3365 +#: sssd.conf.5.xml:3368 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3371 +#: sssd.conf.5.xml:3374 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3374 +#: sssd.conf.5.xml:3377 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3380 +#: sssd.conf.5.xml:3383 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3976,7 +3983,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3389 +#: sssd.conf.5.xml:3392 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3985,17 +3992,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3398 +#: sssd.conf.5.xml:3401 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3408 +#: sssd.conf.5.xml:3411 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3411 +#: sssd.conf.5.xml:3414 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -4003,36 +4010,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3418 +#: sssd.conf.5.xml:3421 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3422 +#: sssd.conf.5.xml:3425 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3426 +#: sssd.conf.5.xml:3429 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3433 +#: sssd.conf.5.xml:3436 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3436 +#: sssd.conf.5.xml:3439 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3440 +#: sssd.conf.5.xml:3443 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4040,7 +4047,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3447 +#: sssd.conf.5.xml:3450 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4048,7 +4055,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3455 +#: sssd.conf.5.xml:3458 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4056,24 +4063,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3464 +#: sssd.conf.5.xml:3467 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3474 +#: sssd.conf.5.xml:3477 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3477 +#: sssd.conf.5.xml:3480 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3481 +#: sssd.conf.5.xml:3484 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -4081,31 +4088,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3492 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3499 +#: sssd.conf.5.xml:3502 msgid "resolver_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3502 +#: sssd.conf.5.xml:3505 msgid "" "The provider which should handle hosts and networks lookups. Supported " "resolver providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3506 +#: sssd.conf.5.xml:3509 msgid "" "<quote>proxy</quote> to forward lookups to another NSS library. See " "<quote>proxy_resolver_lib_name</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3510 +#: sssd.conf.5.xml:3513 msgid "" "<quote>ldap</quote> to fetch hosts and networks stored in LDAP. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -4113,7 +4120,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3517 +#: sssd.conf.5.xml:3520 msgid "" "<quote>ad</quote> to fetch hosts and networks stored in AD. See " "<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" @@ -4122,12 +4129,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3525 +#: sssd.conf.5.xml:3528 msgid "<quote>none</quote> disallows fetching hosts and networks explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3538 +#: sssd.conf.5.xml:3541 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -4137,24 +4144,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3547 +#: sssd.conf.5.xml:3550 msgid "" "Default: <quote>^((?P<name>.+)@(?P<domain>[^@]*)|(?P<name>" "[^@]+))$</quote> which allows two different styles for user names:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3552 sssd.conf.5.xml:3566 +#: sssd.conf.5.xml:3555 sssd.conf.5.xml:3569 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3555 sssd.conf.5.xml:3569 +#: sssd.conf.5.xml:3558 sssd.conf.5.xml:3572 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3560 +#: sssd.conf.5.xml:3563 msgid "" "Default for the AD and IPA provider: <quote>^(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+))|((?P<name>.+)@(?P<domain>[^@]+))|((?P<" @@ -4163,19 +4170,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3572 +#: sssd.conf.5.xml:3575 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3575 +#: sssd.conf.5.xml:3578 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3580 +#: sssd.conf.5.xml:3583 msgid "" "The default re_expression uses the <quote>@</quote> character as a separator " "between the name and the domain. As a result of this setting the default " @@ -4185,93 +4192,93 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3632 +#: sssd.conf.5.xml:3635 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Standaard: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3638 +#: sssd.conf.5.xml:3641 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3641 +#: sssd.conf.5.xml:3644 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3645 +#: sssd.conf.5.xml:3648 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3648 +#: sssd.conf.5.xml:3651 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3651 +#: sssd.conf.5.xml:3654 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3654 +#: sssd.conf.5.xml:3657 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3657 +#: sssd.conf.5.xml:3660 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3660 +#: sssd.conf.5.xml:3663 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3666 +#: sssd.conf.5.xml:3669 #, fuzzy #| msgid "entry_negative_timeout (integer)" msgid "dns_resolver_server_timeout (integer)" msgstr "entry_negative_timeout (numeriek)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3669 +#: sssd.conf.5.xml:3672 msgid "" "Defines the amount of time (in milliseconds) SSSD would try to talk to DNS " "server before trying next DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3674 +#: sssd.conf.5.xml:3677 msgid "" "The AD provider will use this option for the CLDAP ping timeouts as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3678 sssd.conf.5.xml:3698 sssd.conf.5.xml:3719 +#: sssd.conf.5.xml:3681 sssd.conf.5.xml:3701 sssd.conf.5.xml:3722 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3683 sssd-ldap.5.xml:645 include/failover.xml:84 +#: sssd.conf.5.xml:3686 sssd-ldap.5.xml:656 include/failover.xml:84 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3689 +#: sssd.conf.5.xml:3692 #, fuzzy #| msgid "entry_negative_timeout (integer)" msgid "dns_resolver_op_timeout (integer)" msgstr "entry_negative_timeout (numeriek)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3692 +#: sssd.conf.5.xml:3695 msgid "" "Defines the amount of time (in seconds) to wait to resolve single DNS query " "(e.g. resolution of a hostname or an SRV record) before trying the next " @@ -4279,17 +4286,17 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3703 include/failover.xml:100 +#: sssd.conf.5.xml:3706 include/failover.xml:100 msgid "Default: 3" msgstr "Standaard: 3" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3709 +#: sssd.conf.5.xml:3712 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3712 +#: sssd.conf.5.xml:3715 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -4298,14 +4305,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3730 +#: sssd.conf.5.xml:3733 #, fuzzy #| msgid "entry_negative_timeout (integer)" msgid "dns_resolver_use_search_list (bool)" msgstr "entry_negative_timeout (numeriek)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3733 +#: sssd.conf.5.xml:3736 msgid "" "Normally, the DNS resolver searches the domain list defined in the " "\"search\" directive from the resolv.conf file. This can lead to delays in " @@ -4313,7 +4320,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3739 +#: sssd.conf.5.xml:3742 msgid "" "If fully qualified domain names (or _srv_) are used in the SSSD " "configuration, setting this option to FALSE can prevent unnecessary DNS " @@ -4321,38 +4328,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3745 +#: sssd.conf.5.xml:3748 #, fuzzy #| msgid "Default: 3" msgid "Default: TRUE" msgstr "Standaard: 3" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3751 +#: sssd.conf.5.xml:3754 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3754 +#: sssd.conf.5.xml:3757 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3758 +#: sssd.conf.5.xml:3761 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3764 +#: sssd.conf.5.xml:3767 #, fuzzy #| msgid "entry_negative_timeout (integer)" msgid "failover_primary_timeout (integer)" msgstr "entry_negative_timeout (numeriek)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3767 +#: sssd.conf.5.xml:3770 msgid "" "When no primary server is available, SSSD fails over to a backup server. " "This option defines the number of seconds SSSD waits before attempting to " @@ -4360,59 +4367,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3774 +#: sssd.conf.5.xml:3777 msgid "Note: The minimum value is 31." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3777 +#: sssd.conf.5.xml:3780 #, fuzzy #| msgid "Default: 3" msgid "Default: 31" msgstr "Standaard: 3" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3783 +#: sssd.conf.5.xml:3786 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3786 +#: sssd.conf.5.xml:3789 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3792 +#: sssd.conf.5.xml:3795 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3799 +#: sssd.conf.5.xml:3802 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3802 +#: sssd.conf.5.xml:3805 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3808 +#: sssd.conf.5.xml:3811 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3810 +#: sssd.conf.5.xml:3813 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3814 +#: sssd.conf.5.xml:3817 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3817 +#: sssd.conf.5.xml:3820 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -4420,31 +4427,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3825 +#: sssd.conf.5.xml:3828 msgid "" "If you want to set this value for trusted domain with IPA provider, you need " "to set it on both the client and SSSD on the server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3795 +#: sssd.conf.5.xml:3798 msgid "" "Treat user and group names as case sensitive. Possible option values are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3840 +#: sssd.conf.5.xml:3843 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3846 +#: sssd.conf.5.xml:3849 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3849 +#: sssd.conf.5.xml:3852 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -4452,114 +4459,114 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3855 +#: sssd.conf.5.xml:3858 msgid "ldap_search_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3858 +#: sssd.conf.5.xml:3861 msgid "ldap_network_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3861 +#: sssd.conf.5.xml:3864 msgid "ldap_opt_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3864 +#: sssd.conf.5.xml:3867 #, fuzzy #| msgid "enum_cache_timeout (integer)" msgid "ldap_offline_timeout" msgstr "enum_cache_timeout (numeriek)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3867 +#: sssd.conf.5.xml:3870 #, fuzzy #| msgid "reconnection_retries (integer)" msgid "ldap_enumeration_refresh_timeout" msgstr "reconnection_retries (numeriek)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3870 +#: sssd.conf.5.xml:3873 msgid "ldap_enumeration_refresh_offset" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3873 +#: sssd.conf.5.xml:3876 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3876 +#: sssd.conf.5.xml:3879 msgid "ldap_purge_cache_offset" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3879 +#: sssd.conf.5.xml:3882 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3883 +#: sssd.conf.5.xml:3886 msgid "ldap_krb5_ticket_lifetime" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3886 +#: sssd.conf.5.xml:3889 #, fuzzy #| msgid "reconnection_retries (integer)" msgid "ldap_enumeration_search_timeout" msgstr "reconnection_retries (numeriek)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3889 +#: sssd.conf.5.xml:3892 #, fuzzy #| msgid "reconnection_retries (integer)" msgid "ldap_connection_expire_timeout" msgstr "reconnection_retries (numeriek)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3892 +#: sssd.conf.5.xml:3895 #, fuzzy #| msgid "reconnection_retries (integer)" msgid "ldap_connection_expire_offset" msgstr "reconnection_retries (numeriek)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3895 +#: sssd.conf.5.xml:3898 msgid "ldap_connection_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3898 sssd-ldap.5.xml:401 +#: sssd.conf.5.xml:3901 sssd-ldap.5.xml:412 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3901 +#: sssd.conf.5.xml:3904 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3904 +#: sssd.conf.5.xml:3907 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3907 +#: sssd.conf.5.xml:3910 msgid "auto_private_groups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3910 +#: sssd.conf.5.xml:3913 msgid "case_sensitive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3915 +#: sssd.conf.5.xml:3918 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -4567,27 +4574,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3922 +#: sssd.conf.5.xml:3925 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3929 +#: sssd.conf.5.xml:3932 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3940 +#: sssd.conf.5.xml:3943 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3941 +#: sssd.conf.5.xml:3944 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3932 +#: sssd.conf.5.xml:3935 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -4597,34 +4604,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3946 +#: sssd.conf.5.xml:3949 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3950 +#: sssd.conf.5.xml:3953 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3955 +#: sssd.conf.5.xml:3958 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3958 +#: sssd.conf.5.xml:3961 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3964 +#: sssd.conf.5.xml:3967 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3967 +#: sssd.conf.5.xml:3970 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -4633,19 +4640,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3975 +#: sssd.conf.5.xml:3978 msgid "" "This option's value is inherited by all trusted domains. At the moment it is " "not possible to set a different value per trusted domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3980 +#: sssd.conf.5.xml:3983 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3984 +#: sssd.conf.5.xml:3987 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -4653,14 +4660,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3995 +#: sssd.conf.5.xml:3998 #, fuzzy #| msgid "re_expression (string)" msgid "local_auth_policy (string)" msgstr "re_expression (tekst)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3998 +#: sssd.conf.5.xml:4001 msgid "" "Local authentication methods policy. Some backends (i.e. LDAP, proxy " "provider) only support a password based authentication, while others can " @@ -4672,7 +4679,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4010 +#: sssd.conf.5.xml:4013 msgid "" "There are three possible values for this option: match, only, enable. " "<quote>match</quote> is used to match offline and online states for Kerberos " @@ -4684,7 +4691,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4023 +#: sssd.conf.5.xml:4026 msgid "" "The following table shows which authentication methods, if configured " "properly, are currently enabled or disabled for each backend, with the " @@ -4692,44 +4699,44 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4036 +#: sssd.conf.5.xml:4039 #, fuzzy #| msgid "re_expression (string)" msgid "local_auth_policy = match (default)" msgstr "re_expression (tekst)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4037 +#: sssd.conf.5.xml:4040 msgid "Passkey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4038 +#: sssd.conf.5.xml:4041 msgid "Smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4041 sssd-ldap.5.xml:189 +#: sssd.conf.5.xml:4044 sssd-ldap.5.xml:189 msgid "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4044 sssd-ldap.5.xml:194 +#: sssd.conf.5.xml:4047 sssd-ldap.5.xml:194 msgid "AD" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para> -#: sssd.conf.5.xml:4044 sssd.conf.5.xml:4047 sssd.conf.5.xml:4048 +#: sssd.conf.5.xml:4047 sssd.conf.5.xml:4050 sssd.conf.5.xml:4051 msgid "disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry> -#: sssd.conf.5.xml:4047 +#: sssd.conf.5.xml:4050 msgid "LDAP" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4052 +#: sssd.conf.5.xml:4055 msgid "" "Please note that if local Smartcard authentication is enabled and a " "Smartcard is present, Smartcard authentication will be preferred over the " @@ -4738,7 +4745,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4064 +#: sssd.conf.5.xml:4067 #, no-wrap msgid "" "[domain/shadowutils]\n" @@ -4749,7 +4756,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4060 +#: sssd.conf.5.xml:4063 msgid "" "The following configuration example allows local users to authenticate " "locally using any enabled method (i.e. smartcard, passkey). <placeholder " @@ -4757,38 +4764,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4072 +#: sssd.conf.5.xml:4075 msgid "" "It is expected that the <quote>files</quote> provider ignores the " "local_auth_policy option and supports Smartcard authentication by default." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4077 +#: sssd.conf.5.xml:4080 #, fuzzy #| msgid "Default: 3" msgid "Default: match" msgstr "Standaard: 3" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4082 +#: sssd.conf.5.xml:4085 msgid "auto_private_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4088 +#: sssd.conf.5.xml:4091 msgid "true" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4091 +#: sssd.conf.5.xml:4094 msgid "" "Create user's private group unconditionally from user's UID number. The GID " "number is ignored in this case." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4095 +#: sssd.conf.5.xml:4098 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -4797,24 +4804,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4104 +#: sssd.conf.5.xml:4107 msgid "false" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4107 +#: sssd.conf.5.xml:4110 msgid "" "Always use the user's primary GID number. The GID number must refer to a " "group object in the LDAP database." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4113 +#: sssd.conf.5.xml:4116 msgid "hybrid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4116 +#: sssd.conf.5.xml:4119 msgid "" "A primary group is autogenerated for user entries whose UID and GID numbers " "have the same value and at the same time the GID number does not correspond " @@ -4824,14 +4831,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4129 +#: sssd.conf.5.xml:4132 msgid "" "If the UID and GID of a user are different, then the GID must correspond to " "a group entry, otherwise the GID is simply not resolvable." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4136 +#: sssd.conf.5.xml:4139 msgid "" "This feature is useful for environments that wish to stop maintaining a " "separate group objects for the user private groups, but also wish to retain " @@ -4839,21 +4846,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4085 +#: sssd.conf.5.xml:4088 msgid "" "This option takes any of three available values: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4148 +#: sssd.conf.5.xml:4151 msgid "" "For subdomains, the default value is False for subdomains that use assigned " "POSIX IDs and True for subdomains that use automatic ID-mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4156 +#: sssd.conf.5.xml:4159 #, no-wrap msgid "" "[domain/forest.domain/sub.domain]\n" @@ -4861,7 +4868,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4162 +#: sssd.conf.5.xml:4165 #, no-wrap msgid "" "[domain/forest.domain]\n" @@ -4870,7 +4877,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4153 +#: sssd.conf.5.xml:4156 msgid "" "The value of auto_private_groups can either be set per subdomains in a " "subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " @@ -4879,7 +4886,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2552 +#: sssd.conf.5.xml:2555 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -4887,17 +4894,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4177 +#: sssd.conf.5.xml:4180 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4180 +#: sssd.conf.5.xml:4183 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4183 +#: sssd.conf.5.xml:4186 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here. As an alternative you can " @@ -4905,12 +4912,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4193 +#: sssd.conf.5.xml:4196 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4196 +#: sssd.conf.5.xml:4199 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -4918,12 +4925,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4206 +#: sssd.conf.5.xml:4209 msgid "proxy_resolver_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4209 +#: sssd.conf.5.xml:4212 msgid "" "The name of the NSS library to use for hosts and networks lookups in proxy " "domains. The NSS functions searched for in the library are in the form of " @@ -4931,12 +4938,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4220 +#: sssd.conf.5.xml:4223 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4223 +#: sssd.conf.5.xml:4226 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -4945,12 +4952,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4237 +#: sssd.conf.5.xml:4240 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4240 +#: sssd.conf.5.xml:4243 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -4958,19 +4965,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4173 +#: sssd.conf.5.xml:4176 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" " "id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:4256 +#: sssd.conf.5.xml:4259 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4258 +#: sssd.conf.5.xml:4261 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -4987,7 +4994,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4278 +#: sssd.conf.5.xml:4281 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -4995,17 +5002,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:4284 +#: sssd.conf.5.xml:4287 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4286 +#: sssd.conf.5.xml:4289 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4289 +#: sssd.conf.5.xml:4292 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -5014,7 +5021,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4303 +#: sssd.conf.5.xml:4306 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -5024,7 +5031,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:4311 +#: sssd.conf.5.xml:4314 #, no-wrap msgid "" "[sssd]\n" @@ -5044,12 +5051,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4331 +#: sssd.conf.5.xml:4334 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4333 +#: sssd.conf.5.xml:4336 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -5060,69 +5067,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4340 +#: sssd.conf.5.xml:4343 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4341 +#: sssd.conf.5.xml:4344 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4342 +#: sssd.conf.5.xml:4345 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4343 +#: sssd.conf.5.xml:4346 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4344 +#: sssd.conf.5.xml:4347 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4345 +#: sssd.conf.5.xml:4348 msgid "ldap_sasl_mech," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4346 +#: sssd.conf.5.xml:4349 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4347 +#: sssd.conf.5.xml:4350 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4348 +#: sssd.conf.5.xml:4351 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4349 sssd-ipa.5.xml:884 +#: sssd.conf.5.xml:4352 sssd-ipa.5.xml:948 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4353 +#: sssd.conf.5.xml:4356 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4359 +#: sssd.conf.5.xml:4362 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4361 +#: sssd.conf.5.xml:4364 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -5135,7 +5142,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4375 +#: sssd.conf.5.xml:4378 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -5143,7 +5150,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4384 +#: sssd.conf.5.xml:4387 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -5152,55 +5159,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4391 +#: sssd.conf.5.xml:4394 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4394 +#: sssd.conf.5.xml:4397 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4398 +#: sssd.conf.5.xml:4401 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4405 +#: sssd.conf.5.xml:4408 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4408 +#: sssd.conf.5.xml:4411 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4414 +#: sssd.conf.5.xml:4417 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4420 +#: sssd.conf.5.xml:4423 msgid "" -"The RULE_NAME for the <quote>files</quote> provider which tries to find a " -"user with the same name." +"If maprule is not set and provider is <quote>proxy</quote><phrase " +"condition=\"with_files_provider\">  or <quote>files</quote></phrase>, " +"the RULE_NAME name is assumed to be the name of the matching user." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4429 +#: sssd.conf.5.xml:4434 msgid "domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4432 +#: sssd.conf.5.xml:4437 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -5209,17 +5217,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4439 +#: sssd.conf.5.xml:4444 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4444 +#: sssd.conf.5.xml:4449 msgid "priority (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4447 +#: sssd.conf.5.xml:4452 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -5227,26 +5235,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4453 +#: sssd.conf.5.xml:4458 msgid "Default: the lowest priority" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4459 +#: sssd.conf.5.xml:4464 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4465 +#: sssd.conf.5.xml:4470 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4471 +#: sssd.conf.5.xml:4476 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -5255,17 +5263,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4480 +#: sssd.conf.5.xml:4485 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4488 +#: sssd.conf.5.xml:4493 msgid "PROMPTING CONFIGURATION SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4490 +#: sssd.conf.5.xml:4495 msgid "" "If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" "filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " @@ -5275,7 +5283,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4498 +#: sssd.conf.5.xml:4503 msgid "" "With the growing number of authentication methods and the possibility that " "there are multiple ones for a single user the heuristic used by pam_sss to " @@ -5284,59 +5292,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4510 +#: sssd.conf.5.xml:4515 msgid "[prompting/password]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4513 +#: sssd.conf.5.xml:4518 msgid "password_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4514 +#: sssd.conf.5.xml:4519 msgid "to change the string of the password prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4512 +#: sssd.conf.5.xml:4517 msgid "" "to configure password prompting, allowed options are: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4522 +#: sssd.conf.5.xml:4527 msgid "[prompting/2fa]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4526 +#: sssd.conf.5.xml:4531 msgid "first_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4527 +#: sssd.conf.5.xml:4532 msgid "to change the string of the prompt for the first factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4530 +#: sssd.conf.5.xml:4535 msgid "second_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4531 +#: sssd.conf.5.xml:4536 msgid "to change the string of the prompt for the second factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4534 +#: sssd.conf.5.xml:4539 msgid "single_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4535 +#: sssd.conf.5.xml:4540 msgid "" "boolean value, if True there will be only a single prompt using the value of " "first_prompt where it is expected that both factors are entered as a single " @@ -5345,7 +5353,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4524 +#: sssd.conf.5.xml:4529 msgid "" "to configure two-factor authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/> If the second factor is " @@ -5354,7 +5362,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4548 +#: sssd.conf.5.xml:4553 msgid "" "Some clients, such as SSH with 'PasswordAuthentication yes', generate their " "own prompts and do not use prompts provided by SSSD or other PAM modules. " @@ -5365,17 +5373,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4563 +#: sssd.conf.5.xml:4568 msgid "[prompting/passkey]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4569 sssd-ad.5.xml:1022 +#: sssd.conf.5.xml:4574 sssd-ad.5.xml:1022 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4571 +#: sssd.conf.5.xml:4576 msgid "" "boolean value, if True prompt a message and wait before testing the presence " "of a passkey device. Recommended if your device doesn’t have a tactile " @@ -5383,46 +5391,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4579 +#: sssd.conf.5.xml:4584 msgid "interactive_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4581 +#: sssd.conf.5.xml:4586 msgid "to change the message of the interactive prompt." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4586 +#: sssd.conf.5.xml:4591 msgid "touch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4588 +#: sssd.conf.5.xml:4593 msgid "" "boolean value, if True prompt a message to remind the user to touch the " "device." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4594 +#: sssd.conf.5.xml:4599 msgid "touch_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4596 +#: sssd.conf.5.xml:4601 msgid "to change the message of the touch prompt." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4565 +#: sssd.conf.5.xml:4570 msgid "" "to configure passkey authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4505 +#: sssd.conf.5.xml:4510 msgid "" "Each supported authentication method has its own configuration subsection " "under <quote>[prompting/...]</quote>. Currently there are: <placeholder " @@ -5431,7 +5439,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4607 +#: sssd.conf.5.xml:4612 msgid "" "It is possible to add a subsection for specific PAM services, e.g. " "<quote>[prompting/password/sshd]</quote> to individual change the prompting " @@ -5439,12 +5447,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4614 pam_sss_gss.8.xml:157 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:4619 pam_sss_gss.8.xml:157 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4620 +#: sssd.conf.5.xml:4625 #, no-wrap msgid "" "[sssd]\n" @@ -5473,7 +5481,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4616 +#: sssd.conf.5.xml:4621 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -5482,7 +5490,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4652 +#: sssd.conf.5.xml:4657 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -5490,7 +5498,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4646 +#: sssd.conf.5.xml:4651 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -5501,7 +5509,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4663 +#: sssd.conf.5.xml:4668 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -5512,7 +5520,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4657 +#: sssd.conf.5.xml:4662 msgid "" "3. The following example shows the configuration of a certificate mapping " "rule. It is valid for the configured domain <quote>my.domain</quote> and " @@ -5782,8 +5790,17 @@ msgstr "" msgid "ldap_modify - Direct modification of userPassword (not recommended)." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:239 +msgid "" +"exop_force - Try Password Modify Extended Operation (RFC 3062) even if there " +"are no grace logins left. Depending on the type and configuration of the " +"LDAP server the password change might fail because an authenticated bind is " +"not possible." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:240 +#: sssd-ldap.5.xml:251 msgid "" "Note: First, a new connection is established to verify current password by " "binding as the user that requested password change. If successful, this " @@ -5792,74 +5809,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:248 +#: sssd-ldap.5.xml:259 msgid "Default: exop" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:265 msgid "ldap_default_bind_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:268 msgid "The default bind DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:264 +#: sssd-ldap.5.xml:275 msgid "ldap_default_authtok_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:267 +#: sssd-ldap.5.xml:278 msgid "The type of the authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:271 +#: sssd-ldap.5.xml:282 msgid "The two mechanisms currently supported are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:274 +#: sssd-ldap.5.xml:285 msgid "password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:288 msgid "obfuscated_password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:291 msgid "Default: password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:283 +#: sssd-ldap.5.xml:294 msgid "" "See the <citerefentry> <refentrytitle>sss_obfuscate</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> manual page for more information." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:294 +#: sssd-ldap.5.xml:305 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 +#: sssd-ldap.5.xml:308 msgid "The authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:314 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:317 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -5868,24 +5885,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:319 +#: sssd-ldap.5.xml:330 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:322 +#: sssd-ldap.5.xml:333 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:349 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:341 +#: sssd-ldap.5.xml:352 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -5893,7 +5910,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:358 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -5902,12 +5919,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:367 +#: sssd-ldap.5.xml:378 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:370 +#: sssd-ldap.5.xml:381 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5915,7 +5932,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:377 +#: sssd-ldap.5.xml:388 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5925,7 +5942,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:397 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5935,67 +5952,67 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:395 +#: sssd-ldap.5.xml:406 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 +#: sssd-ldap.5.xml:415 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:414 +#: sssd-ldap.5.xml:425 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:420 +#: sssd-ldap.5.xml:431 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:423 +#: sssd-ldap.5.xml:434 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:427 sssd-ipa.5.xml:462 sssd-ipa.5.xml:481 sssd-ipa.5.xml:500 -#: sssd-ipa.5.xml:519 +#: sssd-ldap.5.xml:438 sssd-ipa.5.xml:526 sssd-ipa.5.xml:545 sssd-ipa.5.xml:564 +#: sssd-ipa.5.xml:583 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " "multiple search bases." msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:432 sssd-ipa.5.xml:467 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:443 sssd-ipa.5.xml:531 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:450 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:444 +#: sssd-ldap.5.xml:455 msgid "ldap_iphost_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:449 +#: sssd-ldap.5.xml:460 msgid "ldap_ipnetwork_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:465 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:468 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -6003,7 +6020,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:463 +#: sssd-ldap.5.xml:474 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -6011,12 +6028,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:480 +#: sssd-ldap.5.xml:491 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:483 +#: sssd-ldap.5.xml:494 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -6024,12 +6041,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:501 +#: sssd-ldap.5.xml:512 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:504 +#: sssd-ldap.5.xml:515 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -6040,12 +6057,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:532 +#: sssd-ldap.5.xml:543 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:546 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -6054,12 +6071,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:566 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:569 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -6068,7 +6085,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:577 msgid "" "If the connection is idle (not actively running an operation) within " "<emphasis>ldap_opt_timeout</emphasis> seconds of expiration, then it will be " @@ -6079,38 +6096,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:578 +#: sssd-ldap.5.xml:589 msgid "" "This timeout can be extended of a random value specified by " "<emphasis>ldap_connection_expire_offset</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:588 sssd-ldap.5.xml:631 sssd-ldap.5.xml:1749 +#: sssd-ldap.5.xml:599 sssd-ldap.5.xml:642 sssd-ldap.5.xml:1760 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:594 +#: sssd-ldap.5.xml:605 msgid "ldap_connection_expire_offset (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:597 +#: sssd-ldap.5.xml:608 msgid "" "Random offset between 0 and configured value is added to " "<emphasis>ldap_connection_expire_timeout</emphasis>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:624 #, fuzzy #| msgid "reconnection_retries (integer)" msgid "ldap_connection_idle_timeout (integer)" msgstr "reconnection_retries (numeriek)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 +#: sssd-ldap.5.xml:627 msgid "" "Specifies a timeout (in seconds) that an idle connection to an LDAP server " "will be maintained. If the connection is idle for more than this time then " @@ -6118,29 +6135,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:622 +#: sssd-ldap.5.xml:633 msgid "You can disable this timeout by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:648 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:651 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:662 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:654 +#: sssd-ldap.5.xml:665 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -6148,14 +6165,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:660 +#: sssd-ldap.5.xml:671 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:666 +#: sssd-ldap.5.xml:677 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -6163,17 +6180,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:678 +#: sssd-ldap.5.xml:689 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:681 +#: sssd-ldap.5.xml:692 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:684 +#: sssd-ldap.5.xml:695 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -6183,12 +6200,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:699 +#: sssd-ldap.5.xml:710 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 +#: sssd-ldap.5.xml:713 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -6196,17 +6213,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:708 sssd-ldap.5.xml:724 +#: sssd-ldap.5.xml:719 sssd-ldap.5.xml:735 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:715 +#: sssd-ldap.5.xml:726 msgid "ldap_sasl_maxssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:718 +#: sssd-ldap.5.xml:729 msgid "" "When communicating with an LDAP server using SASL, specify the maximal " "security level necessary to establish the connection. The values of this " @@ -6214,12 +6231,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:742 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:734 +#: sssd-ldap.5.xml:745 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -6227,7 +6244,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:740 +#: sssd-ldap.5.xml:751 msgid "" "You can turn off dereference lookups completely by setting the value to 0. " "Please note that there are some codepaths in SSSD, like the IPA HBAC " @@ -6238,7 +6255,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:751 +#: sssd-ldap.5.xml:762 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -6247,7 +6264,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 +#: sssd-ldap.5.xml:770 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -6255,12 +6272,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:783 msgid "ldap_ignore_unreadable_references (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 +#: sssd-ldap.5.xml:786 msgid "" "Ignore unreadable LDAP entries referenced in group's member attribute. If " "this parameter is set to false an error will be returned and the operation " @@ -6268,7 +6285,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:782 +#: sssd-ldap.5.xml:793 msgid "" "This parameter may be useful when using the AD provider and the computer " "account that sssd uses to connect to AD does not have access to a particular " @@ -6276,26 +6293,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:795 +#: sssd-ldap.5.xml:806 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:798 +#: sssd-ldap.5.xml:809 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 +#: sssd-ldap.5.xml:815 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:808 +#: sssd-ldap.5.xml:819 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6303,7 +6320,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:826 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6311,7 +6328,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:821 +#: sssd-ldap.5.xml:832 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -6319,41 +6336,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:838 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:831 +#: sssd-ldap.5.xml:842 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:837 +#: sssd-ldap.5.xml:848 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:840 +#: sssd-ldap.5.xml:851 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 sssd-ldap.5.xml:864 sssd-ldap.5.xml:905 +#: sssd-ldap.5.xml:856 sssd-ldap.5.xml:875 sssd-ldap.5.xml:916 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:852 +#: sssd-ldap.5.xml:863 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:866 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -6363,32 +6380,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:871 +#: sssd-ldap.5.xml:882 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:885 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 +#: sssd-ldap.5.xml:895 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:898 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:907 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:910 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -6396,12 +6413,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 +#: sssd-ldap.5.xml:923 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:926 msgid "" "Specifies that the id_provider connection must also use <systemitem " "class=\"protocol\">tls</systemitem> to protect the channel. <emphasis>true</" @@ -6409,12 +6426,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:937 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:940 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -6422,17 +6439,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:946 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:945 +#: sssd-ldap.5.xml:956 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:959 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -6443,24 +6460,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:960 +#: sssd-ldap.5.xml:971 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:966 +#: sssd-ldap.5.xml:977 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:969 +#: sssd-ldap.5.xml:980 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " "tested and supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 +#: sssd-ldap.5.xml:984 msgid "" "If the backend supports sub-domains the value of ldap_sasl_mech is " "automatically inherited to the sub-domains. If a different value is needed " @@ -6471,12 +6488,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:989 +#: sssd-ldap.5.xml:1000 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1001 +#: sssd-ldap.5.xml:1012 #, no-wrap msgid "" "hostname@REALM\n" @@ -6489,7 +6506,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:992 +#: sssd-ldap.5.xml:1003 msgid "" "Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " "this represents the Kerberos principal used for authentication to the " @@ -6501,17 +6518,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1012 +#: sssd-ldap.5.xml:1023 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1018 +#: sssd-ldap.5.xml:1029 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1032 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6519,49 +6536,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1038 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 +#: sssd-ldap.5.xml:1044 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 +#: sssd-ldap.5.xml:1047 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1041 +#: sssd-ldap.5.xml:1052 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1047 +#: sssd-ldap.5.xml:1058 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1050 +#: sssd-ldap.5.xml:1061 msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 sssd-krb5.5.xml:247 +#: sssd-ldap.5.xml:1070 sssd-krb5.5.xml:247 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 +#: sssd-ldap.5.xml:1076 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 +#: sssd-ldap.5.xml:1079 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -6569,28 +6586,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1080 +#: sssd-ldap.5.xml:1091 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1094 msgid "" "Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1092 sssd-ad.5.xml:1253 +#: sssd-ldap.5.xml:1103 sssd-ad.5.xml:1256 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1098 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1109 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1101 +#: sssd-ldap.5.xml:1112 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6602,7 +6619,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1113 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1124 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6610,7 +6627,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1118 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1129 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -6618,39 +6635,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1127 sssd-ipa.5.xml:531 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1138 sssd-ipa.5.xml:595 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1130 +#: sssd-ldap.5.xml:1141 msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1134 +#: sssd-ldap.5.xml:1145 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1140 include/krb5_options.xml:154 +#: sssd-ldap.5.xml:1151 include/krb5_options.xml:154 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1143 +#: sssd-ldap.5.xml:1154 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1155 sssd-krb5.5.xml:336 +#: sssd-ldap.5.xml:1166 sssd-krb5.5.xml:336 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1158 sssd-krb5.5.xml:339 +#: sssd-ldap.5.xml:1169 sssd-krb5.5.xml:339 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -6660,7 +6677,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 sssd-krb5.5.xml:350 +#: sssd-ldap.5.xml:1180 sssd-krb5.5.xml:350 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -6668,26 +6685,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1183 +#: sssd-ldap.5.xml:1194 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1186 +#: sssd-ldap.5.xml:1197 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1202 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1196 +#: sssd-ldap.5.xml:1207 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -6696,7 +6713,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1204 +#: sssd-ldap.5.xml:1215 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -6704,31 +6721,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1213 +#: sssd-ldap.5.xml:1224 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1232 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1235 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 +#: sssd-ldap.5.xml:1239 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1233 +#: sssd-ldap.5.xml:1244 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6741,51 +6758,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1263 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1255 +#: sssd-ldap.5.xml:1266 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1259 +#: sssd-ldap.5.xml:1270 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1265 +#: sssd-ldap.5.xml:1276 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1279 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 +#: sssd-ldap.5.xml:1284 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1290 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 +#: sssd-ldap.5.xml:1293 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1288 +#: sssd-ldap.5.xml:1299 msgid "" "It is recommend to set this option explicitly if \"ldap_pwd_policy = " "shadow\" is used to let SSSD know if the LDAP server will update " @@ -6794,12 +6811,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1313 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1305 +#: sssd-ldap.5.xml:1316 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6815,12 +6832,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1336 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1328 +#: sssd-ldap.5.xml:1339 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6829,14 +6846,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1332 +#: sssd-ldap.5.xml:1343 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 +#: sssd-ldap.5.xml:1348 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6845,24 +6862,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1345 sssd-ldap.5.xml:1401 +#: sssd-ldap.5.xml:1356 sssd-ldap.5.xml:1412 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1351 +#: sssd-ldap.5.xml:1362 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1354 +#: sssd-ldap.5.xml:1365 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1358 +#: sssd-ldap.5.xml:1369 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6870,19 +6887,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1365 +#: sssd-ldap.5.xml:1376 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1368 +#: sssd-ldap.5.xml:1379 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1373 +#: sssd-ldap.5.xml:1384 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6891,7 +6908,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1380 +#: sssd-ldap.5.xml:1391 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6899,7 +6916,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1386 +#: sssd-ldap.5.xml:1397 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6908,7 +6925,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1394 +#: sssd-ldap.5.xml:1405 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6916,22 +6933,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1407 +#: sssd-ldap.5.xml:1418 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1410 sssd-ipa.5.xml:356 +#: sssd-ldap.5.xml:1421 sssd-ipa.5.xml:420 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 +#: sssd-ldap.5.xml:1425 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1417 +#: sssd-ldap.5.xml:1428 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6941,14 +6958,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1427 +#: sssd-ldap.5.xml:1438 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1434 +#: sssd-ldap.5.xml:1445 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6961,12 +6978,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1451 +#: sssd-ldap.5.xml:1462 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 sssd-ipa.5.xml:364 +#: sssd-ldap.5.xml:1466 sssd-ipa.5.xml:428 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6976,31 +6993,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1465 sssd-ipa.5.xml:374 +#: sssd-ldap.5.xml:1476 sssd-ipa.5.xml:438 msgid "" "The difference between these options is the action taken if user password is " "expired:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1470 sssd-ipa.5.xml:379 +#: sssd-ldap.5.xml:1481 sssd-ipa.5.xml:443 msgid "pwd_expire_policy_reject - user is denied to log in," msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1476 sssd-ipa.5.xml:385 +#: sssd-ldap.5.xml:1487 sssd-ipa.5.xml:449 msgid "pwd_expire_policy_warn - user is still able to log in," msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1482 sssd-ipa.5.xml:391 +#: sssd-ldap.5.xml:1493 sssd-ipa.5.xml:455 msgid "" "pwd_expire_policy_renew - user is prompted to change their password " "immediately." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1490 +#: sssd-ldap.5.xml:1501 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to shadow or mit_kerberos, these " @@ -7008,50 +7025,50 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1507 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1501 +#: sssd-ldap.5.xml:1512 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1505 +#: sssd-ldap.5.xml:1516 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1520 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1514 +#: sssd-ldap.5.xml:1525 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1528 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1524 +#: sssd-ldap.5.xml:1535 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 +#: sssd-ldap.5.xml:1538 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -7060,74 +7077,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:1546 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1538 +#: sssd-ldap.5.xml:1549 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1555 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1558 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1563 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1556 +#: sssd-ldap.5.xml:1567 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1561 +#: sssd-ldap.5.xml:1572 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1566 +#: sssd-ldap.5.xml:1577 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 +#: sssd-ldap.5.xml:1582 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1579 +#: sssd-ldap.5.xml:1590 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1593 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1586 +#: sssd-ldap.5.xml:1597 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -7138,7 +7155,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1597 +#: sssd-ldap.5.xml:1608 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -7146,62 +7163,62 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1609 sssd-ifp.5.xml:152 +#: sssd-ldap.5.xml:1620 sssd-ifp.5.xml:152 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1612 +#: sssd-ldap.5.xml:1623 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1616 +#: sssd-ldap.5.xml:1627 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1631 msgid "Default: 1000 (often the size of one page)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1626 +#: sssd-ldap.5.xml:1637 #, fuzzy #| msgid "debug_level (integer)" msgid "ldap_library_debug_level (integer)" msgstr "debug_level (numeriek)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1629 +#: sssd-ldap.5.xml:1640 msgid "" "Switches on libldap debugging with the given level. The libldap debug " "messages will be written independent of the general debug_level." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1634 +#: sssd-ldap.5.xml:1645 msgid "" "OpenLDAP uses a bitmap to enable debugging for specific components, -1 will " "enable full debug output." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1639 +#: sssd-ldap.5.xml:1650 msgid "Default: 0 (libldap debugging disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1645 +#: sssd-ldap.5.xml:1656 #, fuzzy #| msgid "re_expression (string)" msgid "ldap_use_ppolicy (boolean)" msgstr "re_expression (tekst)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1659 msgid "" "Turns on requesting and relying on the server-side password policy controls. " "Disabling this allows interacting with services which send back invalid " @@ -7209,14 +7226,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1671 #, fuzzy #| msgid "debug_level (integer)" msgid "ldap_ppolicy_pwd_change_threshold (integer)" msgstr "debug_level (numeriek)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1663 +#: sssd-ldap.5.xml:1674 msgid "" "Forces a password change when server side password policy controls are " "enabled and remaining grace logins returned by the server after the " @@ -7239,12 +7256,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1683 +#: sssd-ldap.5.xml:1694 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1685 +#: sssd-ldap.5.xml:1696 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -7252,43 +7269,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 +#: sssd-ldap.5.xml:1707 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 +#: sssd-ldap.5.xml:1710 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1715 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1709 +#: sssd-ldap.5.xml:1720 msgid "" "You can disable full refresh by setting this option to 0. However, either " "smart or full refresh must be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1725 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1720 +#: sssd-ldap.5.xml:1731 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1734 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest " @@ -7296,14 +7313,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1740 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1733 +#: sssd-ldap.5.xml:1744 msgid "" "<emphasis>Note:</emphasis> the highest USN value can be updated by three " "tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " @@ -7313,19 +7330,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1744 +#: sssd-ldap.5.xml:1755 msgid "" "You can disable smart refresh by setting this option to 0. However, either " "smart or full refresh must be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1755 +#: sssd-ldap.5.xml:1766 msgid "ldap_sudo_random_offset (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1758 +#: sssd-ldap.5.xml:1769 msgid "" "Random offset between 0 and configured value is added to smart and full " "refresh periods each time the periodic task is scheduled. The value is in " @@ -7333,7 +7350,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 +#: sssd-ldap.5.xml:1775 msgid "" "Note that this random offset is also applied on the first SSSD start which " "delays the first sudo rules refresh. This prolongs the time when the sudo " @@ -7341,106 +7358,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1770 +#: sssd-ldap.5.xml:1781 msgid "You can disable this offset by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1780 +#: sssd-ldap.5.xml:1791 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1794 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1794 +#: sssd-ldap.5.xml:1805 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1797 +#: sssd-ldap.5.xml:1808 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1813 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1807 sssd-ldap.5.xml:1830 sssd-ldap.5.xml:1848 -#: sssd-ldap.5.xml:1866 +#: sssd-ldap.5.xml:1818 sssd-ldap.5.xml:1841 sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1877 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1812 sssd-ldap.5.xml:1835 +#: sssd-ldap.5.xml:1823 sssd-ldap.5.xml:1846 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1818 +#: sssd-ldap.5.xml:1829 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1821 +#: sssd-ldap.5.xml:1832 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1826 +#: sssd-ldap.5.xml:1837 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1841 +#: sssd-ldap.5.xml:1852 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1855 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1870 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1862 +#: sssd-ldap.5.xml:1873 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:1872 +#: sssd-ldap.5.xml:1883 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1884 +#: sssd-ldap.5.xml:1895 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7449,59 +7466,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1894 +#: sssd-ldap.5.xml:1905 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1896 +#: sssd-ldap.5.xml:1907 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1913 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1905 +#: sssd-ldap.5.xml:1916 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1919 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1919 +#: sssd-ldap.5.xml:1930 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1926 +#: sssd-ldap.5.xml:1937 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1931 +#: sssd-ldap.5.xml:1942 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1936 +#: sssd-ldap.5.xml:1947 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:1941 +#: sssd-ldap.5.xml:1952 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:1943 +#: sssd-ldap.5.xml:1954 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -7510,22 +7527,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:1950 +#: sssd-ldap.5.xml:1961 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:1963 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1968 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1921 +#: sssd-ldap.5.xml:1932 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -7534,14 +7551,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1972 sssd-simple.5.xml:131 sssd-ipa.5.xml:930 -#: sssd-ad.5.xml:1392 sssd-krb5.5.xml:483 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:1983 sssd-simple.5.xml:131 sssd-ipa.5.xml:994 +#: sssd-ad.5.xml:1459 sssd-krb5.5.xml:483 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:155 sssd-session-recording.5.xml:176 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1974 +#: sssd-ldap.5.xml:1985 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -7549,7 +7566,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1980 +#: sssd-ldap.5.xml:1991 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7562,27 +7579,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:1979 sssd-ldap.5.xml:1997 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:938 sssd-ad.5.xml:1400 sssd-sudo.5.xml:56 sssd-krb5.5.xml:492 -#: sssd-files.5.xml:162 sssd-files.5.xml:173 sssd-session-recording.5.xml:182 -#: include/ldap_id_mapping.xml:105 +#: sssd-ldap.5.xml:1990 sssd-ldap.5.xml:2008 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:1002 sssd-ad.5.xml:1467 sssd-sudo.5.xml:56 +#: sssd-krb5.5.xml:492 sssd-files.5.xml:162 sssd-files.5.xml:173 +#: sssd-session-recording.5.xml:182 include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1991 +#: sssd-ldap.5.xml:2002 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1993 +#: sssd-ldap.5.xml:2004 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1998 +#: sssd-ldap.5.xml:2009 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7598,13 +7615,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2013 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1415 sssd.8.xml:270 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2024 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1482 sssd.8.xml:270 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2015 +#: sssd-ldap.5.xml:2026 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -9851,7 +9868,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 sssd-ad.5.xml:1182 +#: sssd-ipa.5.xml:129 sssd-ad.5.xml:1185 msgid "dyndns_update (boolean)" msgstr "" @@ -9866,7 +9883,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:141 sssd-ad.5.xml:1196 +#: sssd-ipa.5.xml:141 sssd-ad.5.xml:1199 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -9881,12 +9898,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:158 sssd-ad.5.xml:1207 +#: sssd-ipa.5.xml:158 sssd-ad.5.xml:1210 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:161 sssd-ad.5.xml:1210 +#: sssd-ipa.5.xml:161 sssd-ad.5.xml:1213 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -9907,12 +9924,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:178 sssd-ad.5.xml:1221 +#: sssd-ipa.5.xml:178 sssd-ad.5.xml:1224 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:181 sssd-ad.5.xml:1224 +#: sssd-ipa.5.xml:181 sssd-ad.5.xml:1227 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -9936,17 +9953,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:198 sssd-ad.5.xml:1235 +#: sssd-ipa.5.xml:198 sssd-ad.5.xml:1238 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:204 sssd-ad.5.xml:1291 +#: sssd-ipa.5.xml:204 sssd-ad.5.xml:1294 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:207 sssd-ad.5.xml:1294 +#: sssd-ipa.5.xml:207 sssd-ad.5.xml:1297 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -9954,17 +9971,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:213 sssd-ad.5.xml:1300 +#: sssd-ipa.5.xml:213 sssd-ad.5.xml:1303 msgid "Default: GSS-TSIG" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:219 sssd-ad.5.xml:1306 +#: sssd-ipa.5.xml:219 sssd-ad.5.xml:1309 msgid "dyndns_auth_ptr (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:222 sssd-ad.5.xml:1309 +#: sssd-ipa.5.xml:222 sssd-ad.5.xml:1312 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "PTR updates with the DNS server, insecure updates can be sent by setting " @@ -9972,7 +9989,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:228 sssd-ad.5.xml:1315 +#: sssd-ipa.5.xml:228 sssd-ad.5.xml:1318 msgid "Default: Same as dyndns_auth" msgstr "" @@ -9999,7 +10016,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1241 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1244 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -10012,12 +10029,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:276 sssd-ad.5.xml:1259 +#: sssd-ipa.5.xml:276 sssd-ad.5.xml:1262 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 sssd-ad.5.xml:1262 +#: sssd-ipa.5.xml:279 sssd-ad.5.xml:1265 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -10031,7 +10048,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:290 sssd-ad.5.xml:1267 +#: sssd-ipa.5.xml:290 sssd-ad.5.xml:1270 msgid "" "Note that <emphasis>dyndns_update_per_family</emphasis> parameter does not " "apply for PTR record updates. Those updates are always sent separately." @@ -10043,60 +10060,77 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1278 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1281 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:304 sssd-ad.5.xml:1281 +#: sssd-ipa.5.xml:304 sssd-ad.5.xml:1284 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:308 sssd-ad.5.xml:1285 +#: sssd-ipa.5.xml:308 sssd-ad.5.xml:1288 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:314 sssd-ad.5.xml:1321 +#: sssd-ipa.5.xml:314 sssd-ad.5.xml:1324 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1324 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1327 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 sssd-ad.5.xml:1329 +#: sssd-ipa.5.xml:322 sssd-ad.5.xml:1332 msgid "" "Setting this option makes sense for environments where the DNS server is " -"different from the identity server." +"different from the identity server or when we use encrypted DNS." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:327 sssd-ad.5.xml:1337 +msgid "" +"The parameter can be a simple string containing DNS name or IP address. It " +"can also be an URI. The URI can look like <emphasis>dns://servername/</" +"emphasis> or <emphasis>dns+tls://1.2.3.4:853#servername/</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:334 sssd-ad.5.xml:1344 +msgid "" +"The second example enables DNS-over-TLS protocol for DNS updates. The " +"nsupdate utility must support DoT - check the <emphasis>man nsupdate</" +"emphasis> before enabling it in SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:327 sssd-ad.5.xml:1334 +#: sssd-ipa.5.xml:340 sssd-ad.5.xml:1350 msgid "" "Please note that this option will be only used in fallback attempt when " -"previous attempt using autodetected settings failed." +"previous attempt using autodetected settings failed or when DNS-over-TLS is " +"enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:332 sssd-ad.5.xml:1339 +#: sssd-ipa.5.xml:346 sssd-ad.5.xml:1356 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:338 sssd-ad.5.xml:1345 +#: sssd-ipa.5.xml:352 sssd-ad.5.xml:1362 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:341 sssd-ad.5.xml:1348 +#: sssd-ipa.5.xml:355 sssd-ad.5.xml:1365 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -10104,179 +10138,237 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:353 +#: sssd-ipa.5.xml:367 sssd-ad.5.xml:1377 +msgid "dyndns_dot_cacert (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:370 sssd-ad.5.xml:1380 +msgid "" +"This option specifies the file of the certificate authorities certificates " +"(in PEM format) in order to verify the remote server TLS certificate when " +"using DoT." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:376 sssd-ad.5.xml:1386 +msgid "Default: None (use global certificate store)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:382 sssd-ad.5.xml:1392 +msgid "dyndns_dot_cert (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:385 sssd-ad.5.xml:1395 +msgid "" +"This option sets the certificate(s) file for authentication for the DoT " +"transport to the remote server. The certificate chain file is expected to be " +"in PEM format." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:391 sssd-ad.5.xml:1401 +msgid "" +"The <emphasis>dyndns_dot_cert</emphasis> and <emphasis>dyndns_dot_key</" +"emphasis> options must be both set to achieve mutual TLS authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:396 sssd-ipa.5.xml:411 sssd-ad.5.xml:1406 sssd-ad.5.xml:1421 +msgid "Default: None (Do not use TLS authentication)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:402 sssd-ad.5.xml:1412 +#, fuzzy +#| msgid "re_expression (string)" +msgid "dyndns_dot_key (string)" +msgstr "re_expression (tekst)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:405 sssd-ad.5.xml:1415 +msgid "" +"This option sets the key file for authenticated encryption for the DoT " +"transport to the remote server. The private key file is expected to be in " +"PEM format." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:417 #, fuzzy #| msgid "re_expression (string)" msgid "ipa_access_order (string)" msgstr "re_expression (tekst)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:360 +#: sssd-ipa.5.xml:424 msgid "<emphasis>expire</emphasis>: use IPA's account expiration policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:399 +#: sssd-ipa.5.xml:463 msgid "" "Please note that 'access_provider = ipa' must be set for this feature to " "work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:406 +#: sssd-ipa.5.xml:470 msgid "ipa_deskprofile_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:409 +#: sssd-ipa.5.xml:473 msgid "" "Optional. Use the given string as search base for Desktop Profile related " "objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:413 sssd-ipa.5.xml:440 +#: sssd-ipa.5.xml:477 sssd-ipa.5.xml:504 msgid "Default: Use base DN" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:419 +#: sssd-ipa.5.xml:483 msgid "ipa_subid_ranges_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:422 +#: sssd-ipa.5.xml:486 msgid "" "Optional. Use the given string as search base for subordinate ranges related " "objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:426 +#: sssd-ipa.5.xml:490 msgid "Default: the value of <emphasis>cn=subids,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:433 +#: sssd-ipa.5.xml:497 msgid "ipa_hbac_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:436 +#: sssd-ipa.5.xml:500 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:446 +#: sssd-ipa.5.xml:510 msgid "ipa_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:449 +#: sssd-ipa.5.xml:513 msgid "Deprecated. Use ldap_host_search_base instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:455 +#: sssd-ipa.5.xml:519 msgid "ipa_selinux_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:458 +#: sssd-ipa.5.xml:522 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:474 +#: sssd-ipa.5.xml:538 msgid "ipa_subdomains_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:477 +#: sssd-ipa.5.xml:541 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 +#: sssd-ipa.5.xml:550 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:493 +#: sssd-ipa.5.xml:557 msgid "ipa_master_domain_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:496 +#: sssd-ipa.5.xml:560 msgid "Optional. Use the given string as search base for master domain object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:505 +#: sssd-ipa.5.xml:569 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 +#: sssd-ipa.5.xml:576 msgid "ipa_views_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 +#: sssd-ipa.5.xml:579 msgid "Optional. Use the given string as search base for views containers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:524 +#: sssd-ipa.5.xml:588 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:534 +#: sssd-ipa.5.xml:598 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:538 +#: sssd-ipa.5.xml:602 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:546 sssd-ad.5.xml:1363 +#: sssd-ipa.5.xml:610 sssd-ad.5.xml:1430 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:549 sssd-ad.5.xml:1366 +#: sssd-ipa.5.xml:613 sssd-ad.5.xml:1433 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:553 sssd-ad.5.xml:1370 +#: sssd-ipa.5.xml:617 sssd-ad.5.xml:1437 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:557 sssd-ad.5.xml:1374 +#: sssd-ipa.5.xml:621 sssd-ad.5.xml:1441 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:564 +#: sssd-ipa.5.xml:628 msgid "ipa_deskprofile_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:567 +#: sssd-ipa.5.xml:631 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server. This will reduce the latency and load on the IPA server if there " @@ -10284,34 +10376,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:574 sssd-ipa.5.xml:604 sssd-ipa.5.xml:620 sssd-ad.5.xml:600 +#: sssd-ipa.5.xml:638 sssd-ipa.5.xml:668 sssd-ipa.5.xml:684 sssd-ad.5.xml:600 msgid "Default: 5 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:580 +#: sssd-ipa.5.xml:644 msgid "ipa_deskprofile_request_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:583 +#: sssd-ipa.5.xml:647 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server in case the last request did not return any rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:588 +#: sssd-ipa.5.xml:652 msgid "Default: 60 (minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:594 +#: sssd-ipa.5.xml:658 msgid "ipa_hbac_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:597 +#: sssd-ipa.5.xml:661 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -10319,12 +10411,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:610 +#: sssd-ipa.5.xml:674 msgid "ipa_hbac_selinux (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:613 +#: sssd-ipa.5.xml:677 msgid "" "The amount of time between lookups of the SELinux maps against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -10332,33 +10424,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:626 +#: sssd-ipa.5.xml:690 msgid "ipa_server_mode (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:629 +#: sssd-ipa.5.xml:693 msgid "" "This option will be set by the IPA installer (ipa-server-install) " "automatically and denotes if SSSD is running on an IPA server or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:634 +#: sssd-ipa.5.xml:698 msgid "" "On an IPA server SSSD will lookup users and groups from trusted domains " "directly while on a client it will ask an IPA server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:639 +#: sssd-ipa.5.xml:703 msgid "" "NOTE: There are currently some assumptions that must be met when SSSD is " "running on an IPA server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:644 +#: sssd-ipa.5.xml:708 msgid "" "The <quote>ipa_server</quote> option must be configured to point to the IPA " "server itself. This is already the default set by the IPA installer, so no " @@ -10366,59 +10458,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:653 +#: sssd-ipa.5.xml:717 msgid "" "The <quote>full_name_format</quote> option must not be tweaked to only print " "short names for users from trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:668 +#: sssd-ipa.5.xml:732 msgid "ipa_automount_location (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:671 +#: sssd-ipa.5.xml:735 msgid "The automounter location this IPA client will be using" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:674 +#: sssd-ipa.5.xml:738 msgid "Default: The location named \"default\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:682 +#: sssd-ipa.5.xml:746 msgid "VIEWS AND OVERRIDES" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:691 +#: sssd-ipa.5.xml:755 msgid "ipa_view_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:694 +#: sssd-ipa.5.xml:758 msgid "Objectclass of the view container." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:697 +#: sssd-ipa.5.xml:761 msgid "Default: nsContainer" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:703 +#: sssd-ipa.5.xml:767 msgid "ipa_view_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:706 +#: sssd-ipa.5.xml:770 msgid "Name of the attribute holding the name of the view." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:710 sssd-ldap-attributes.5.xml:496 +#: sssd-ipa.5.xml:774 sssd-ldap-attributes.5.xml:496 #: sssd-ldap-attributes.5.xml:832 sssd-ldap-attributes.5.xml:913 #: sssd-ldap-attributes.5.xml:1010 sssd-ldap-attributes.5.xml:1068 #: sssd-ldap-attributes.5.xml:1226 sssd-ldap-attributes.5.xml:1271 @@ -10426,128 +10518,128 @@ msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:716 +#: sssd-ipa.5.xml:780 msgid "ipa_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:719 +#: sssd-ipa.5.xml:783 msgid "Objectclass of the override objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:722 +#: sssd-ipa.5.xml:786 msgid "Default: ipaOverrideAnchor" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:728 +#: sssd-ipa.5.xml:792 msgid "ipa_anchor_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:731 +#: sssd-ipa.5.xml:795 msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:735 +#: sssd-ipa.5.xml:799 msgid "Default: ipaAnchorUUID" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:741 +#: sssd-ipa.5.xml:805 msgid "ipa_user_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:744 +#: sssd-ipa.5.xml:808 msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:749 +#: sssd-ipa.5.xml:813 msgid "User overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:752 +#: sssd-ipa.5.xml:816 msgid "ldap_user_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:755 +#: sssd-ipa.5.xml:819 msgid "ldap_user_uid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:758 +#: sssd-ipa.5.xml:822 msgid "ldap_user_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:761 +#: sssd-ipa.5.xml:825 msgid "ldap_user_gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:764 +#: sssd-ipa.5.xml:828 msgid "ldap_user_home_directory" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:767 +#: sssd-ipa.5.xml:831 msgid "ldap_user_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:770 +#: sssd-ipa.5.xml:834 msgid "ldap_user_ssh_public_key" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:775 +#: sssd-ipa.5.xml:839 msgid "Default: ipaUserOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:781 +#: sssd-ipa.5.xml:845 msgid "ipa_group_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:784 +#: sssd-ipa.5.xml:848 msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:789 +#: sssd-ipa.5.xml:853 msgid "Group overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:792 +#: sssd-ipa.5.xml:856 msgid "ldap_group_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:795 +#: sssd-ipa.5.xml:859 msgid "ldap_group_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:800 +#: sssd-ipa.5.xml:864 msgid "Default: ipaGroupOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:684 +#: sssd-ipa.5.xml:748 msgid "" "SSSD can handle views and overrides which are offered by FreeIPA 4.1 and " "later version. Since all paths and objectclasses are fixed on the server " @@ -10557,19 +10649,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:812 +#: sssd-ipa.5.xml:876 msgid "SUBDOMAINS PROVIDER" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:814 +#: sssd-ipa.5.xml:878 msgid "" "The IPA subdomains provider behaves slightly differently if it is configured " "explicitly or implicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:818 +#: sssd-ipa.5.xml:882 msgid "" "If the option 'subdomains_provider = ipa' is found in the domain section of " "sssd.conf, the IPA subdomains provider is configured explicitly, and all " @@ -10577,7 +10669,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:824 +#: sssd-ipa.5.xml:888 msgid "" "If the option 'subdomains_provider' is not set in the domain section of sssd." "conf but there is the option 'id_provider = ipa', the IPA subdomains " @@ -10589,12 +10681,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:835 +#: sssd-ipa.5.xml:899 msgid "TRUSTED DOMAINS CONFIGURATION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:843 +#: sssd-ipa.5.xml:907 #, no-wrap msgid "" "[domain/ipa.domain.com/ad.domain.com]\n" @@ -10602,7 +10694,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:837 +#: sssd-ipa.5.xml:901 msgid "" "Some configuration options can also be set for a trusted domain. A trusted " "domain configuration can be set using the trusted domain subsection as shown " @@ -10612,80 +10704,80 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:848 +#: sssd-ipa.5.xml:912 msgid "" "For more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:855 +#: sssd-ipa.5.xml:919 msgid "" "Different configuration options are tunable for a trusted domain depending " "on whether you are configuring SSSD on an IPA server or an IPA client." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:860 +#: sssd-ipa.5.xml:924 msgid "OPTIONS TUNABLE ON IPA MASTERS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:862 +#: sssd-ipa.5.xml:926 msgid "" "The following options can be set in a subdomain section on an IPA master:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:866 sssd-ipa.5.xml:896 +#: sssd-ipa.5.xml:930 sssd-ipa.5.xml:960 msgid "ad_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:869 +#: sssd-ipa.5.xml:933 msgid "ad_backup_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:872 sssd-ipa.5.xml:899 +#: sssd-ipa.5.xml:936 sssd-ipa.5.xml:963 msgid "ad_site" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:875 +#: sssd-ipa.5.xml:939 msgid "ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:878 +#: sssd-ipa.5.xml:942 msgid "ldap_user_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:881 +#: sssd-ipa.5.xml:945 msgid "ldap_group_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:890 +#: sssd-ipa.5.xml:954 msgid "OPTIONS TUNABLE ON IPA CLIENTS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:892 +#: sssd-ipa.5.xml:956 msgid "" "The following options can be set in a subdomain section on an IPA client:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:904 +#: sssd-ipa.5.xml:968 msgid "" "Note that if both options are set, only <quote>ad_server</quote> is " "evaluated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:908 +#: sssd-ipa.5.xml:972 msgid "" "Since any request for a user or a group identity from a trusted domain " "triggered from an IPA client is resolved by the IPA server, the " @@ -10699,7 +10791,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:932 +#: sssd-ipa.5.xml:996 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10707,7 +10799,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:939 +#: sssd-ipa.5.xml:1003 #, no-wrap msgid "" "[domain/example.com]\n" @@ -11833,6 +11925,11 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:1136 +msgid "This option is deprecated." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1139 msgid "" "If this option is set to <quote>true</quote> SSSD will not filter out Domain " "Local groups from remote domains in the AD forest. By default they are " @@ -11843,7 +11940,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1146 +#: sssd-ad.5.xml:1149 msgid "" "Please note that setting this option to <quote>true</quote> will be against " "the intention of Domain Local group in Active Directory and <emphasis>SHOULD " @@ -11858,7 +11955,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1162 +#: sssd-ad.5.xml:1165 msgid "" "Given the comments above, if this option is set to <quote>true</quote> the " "tokenGroups request must be disabled by setting <quote>ldap_use_tokengroups</" @@ -11870,7 +11967,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1185 +#: sssd-ad.5.xml:1188 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -11881,19 +11978,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1215 +#: sssd-ad.5.xml:1218 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1231 +#: sssd-ad.5.xml:1234 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1244 +#: sssd-ad.5.xml:1247 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -11903,7 +12000,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1394 +#: sssd-ad.5.xml:1461 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -11911,7 +12008,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1401 +#: sssd-ad.5.xml:1468 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -11926,7 +12023,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1421 +#: sssd-ad.5.xml:1488 #, no-wrap msgid "" "access_provider = ldap\n" @@ -11935,7 +12032,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1417 +#: sssd-ad.5.xml:1484 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -11943,7 +12040,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1427 +#: sssd-ad.5.xml:1494 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -11953,7 +12050,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1435 +#: sssd-ad.5.xml:1502 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -17528,7 +17625,7 @@ msgstr "" #: include/ldap_id_mapping.xml:67 msgid "" "The SSSD ID-mapping algorithm takes a range of available UIDs and divides it " -"into equally-sized component sections - called \"slices\"-. Each slice " +"into equally-sized component sections - called \"slices\". Each slice " "represents the space available to an Active Directory domain." msgstr "" @@ -17673,7 +17770,7 @@ msgid "" "For example, if your most recently-added Active Directory user has " "objectSid=S-1-5-21-2153326666-2176343378-3404031434-1107, " "<quote>ldap_idmap_range_size</quote> must be at least 1108 as range size is " -"equal to maximal SID minus minimal SID plus one (e.g. 1108 = 1107 - 0 + 1)." +"equal to maximal RID minus minimal RID plus one (e.g. 1108 = 1107 - 0 + 1)." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> diff --git a/src/man/po/pt.po b/src/man/po/pt.po index c5c47a06ade..051b6363cee 100644 --- a/src/man/po/pt.po +++ b/src/man/po/pt.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 2.3.0\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2024-10-15 11:44+0200\n" +"POT-Creation-Date: 2024-12-10 14:33+0100\n" "PO-Revision-Date: 2014-12-15 12:05-0500\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: Portuguese (http://www.transifex.com/projects/p/sssd/language/" @@ -131,19 +131,19 @@ msgstr "" #| "<filename>sssd.conf</filename> must be a regular file, owned by root and " #| "only root may read from or write to the file." msgid "" -"<filename>sssd.conf</filename> must be a regular file that is owned, " -"readable, and writeable by the same user as configured to run SSSD service." +"<filename>sssd.conf</filename> must be a regular file that is accessible " +"only by the user used to run SSSD service or root." msgstr "" "<filename>sssd.conf</filename> deve ser um ficheiro regular, pertencente a " "raiz e somente raiz pode ler ou gravar o arquivo." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:67 +#: sssd.conf.5.xml:66 msgid "CONFIGURATION SNIPPETS FROM INCLUDE DIRECTORY" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:70 +#: sssd.conf.5.xml:69 msgid "" "The configuration file <filename>sssd.conf</filename> will include " "configuration snippets using the include directory <filename>conf.d</" @@ -151,7 +151,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:76 +#: sssd.conf.5.xml:75 msgid "" "Any file placed in <filename>conf.d</filename> that ends in " "<quote><filename>.conf</filename></quote> and does not begin with a dot " @@ -160,7 +160,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:84 +#: sssd.conf.5.xml:83 msgid "" "The configuration snippets from <filename>conf.d</filename> have higher " "priority than <filename>sssd.conf</filename> and will override " @@ -173,39 +173,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:98 +#: sssd.conf.5.xml:97 msgid "" "The snippet files require the same owner and permissions as <filename>sssd." "conf</filename>." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:104 +#: sssd.conf.5.xml:103 msgid "GENERAL OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:106 +#: sssd.conf.5.xml:105 msgid "Following options are usable in more than one configuration sections." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:110 +#: sssd.conf.5.xml:109 msgid "Options usable in all sections" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:114 +#: sssd.conf.5.xml:113 msgid "debug_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:118 +#: sssd.conf.5.xml:117 msgid "debug (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:121 +#: sssd.conf.5.xml:120 msgid "" "SSSD 1.14 and later also includes the <replaceable>debug</replaceable> alias " "for <replaceable>debug_level</replaceable> as a convenience feature. If both " @@ -214,64 +214,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:131 +#: sssd.conf.5.xml:130 msgid "debug_timestamps (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:134 +#: sssd.conf.5.xml:133 msgid "" "Add a timestamp to the debug messages. If journald is enabled for SSSD " "debug logging this option is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 sssd.conf.5.xml:176 sssd.conf.5.xml:338 -#: sssd.conf.5.xml:698 sssd.conf.5.xml:713 sssd.conf.5.xml:923 -#: sssd.conf.5.xml:1041 sssd.conf.5.xml:2169 sssd-ldap.5.xml:920 -#: sssd-ldap.5.xml:1074 sssd-ldap.5.xml:1177 sssd-ldap.5.xml:1246 -#: sssd-ldap.5.xml:1654 sssd-ldap.5.xml:1788 sssd-ldap.5.xml:1853 -#: sssd-ipa.5.xml:347 sssd-ad.5.xml:252 sssd-ad.5.xml:367 sssd-ad.5.xml:1201 -#: sssd-ad.5.xml:1354 sssd-krb5.5.xml:358 +#: sssd.conf.5.xml:138 sssd.conf.5.xml:175 sssd.conf.5.xml:337 +#: sssd.conf.5.xml:701 sssd.conf.5.xml:716 sssd.conf.5.xml:926 +#: sssd.conf.5.xml:1044 sssd.conf.5.xml:2172 sssd-ldap.5.xml:931 +#: sssd-ldap.5.xml:1085 sssd-ldap.5.xml:1188 sssd-ldap.5.xml:1257 +#: sssd-ldap.5.xml:1665 sssd-ldap.5.xml:1799 sssd-ldap.5.xml:1864 +#: sssd-ipa.5.xml:361 sssd-ad.5.xml:252 sssd-ad.5.xml:367 sssd-ad.5.xml:1204 +#: sssd-ad.5.xml:1371 sssd-krb5.5.xml:358 msgid "Default: true" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:144 +#: sssd.conf.5.xml:143 msgid "debug_microseconds (bool)" msgstr "debug_microseconds (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:147 +#: sssd.conf.5.xml:146 msgid "" "Add microseconds to the timestamp in debug messages. If journald is enabled " "for SSSD debug logging this option is ignored." msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:152 sssd.conf.5.xml:636 sssd.conf.5.xml:920 -#: sssd.conf.5.xml:2072 sssd.conf.5.xml:2139 sssd.conf.5.xml:4231 -#: sssd-ldap.5.xml:313 sssd-ldap.5.xml:939 sssd-ldap.5.xml:1149 -#: sssd-ldap.5.xml:1603 sssd-ldap.5.xml:1877 sssd-ipa.5.xml:152 -#: sssd-ipa.5.xml:254 sssd-ipa.5.xml:662 sssd-ad.5.xml:1107 sssd-krb5.5.xml:268 +#: sssd.conf.5.xml:151 sssd.conf.5.xml:639 sssd.conf.5.xml:923 +#: sssd.conf.5.xml:2075 sssd.conf.5.xml:2142 sssd.conf.5.xml:4234 +#: sssd-ldap.5.xml:324 sssd-ldap.5.xml:950 sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1888 sssd-ipa.5.xml:152 +#: sssd-ipa.5.xml:254 sssd-ipa.5.xml:726 sssd-ad.5.xml:1107 sssd-krb5.5.xml:268 #: sssd-krb5.5.xml:330 sssd-krb5.5.xml:432 include/krb5_options.xml:163 msgid "Default: false" msgstr "Padrão: false" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:157 +#: sssd.conf.5.xml:156 #, fuzzy #| msgid "debug_microseconds (bool)" msgid "debug_backtrace_enabled (bool)" msgstr "debug_microseconds (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:160 +#: sssd.conf.5.xml:159 msgid "Enable debug backtrace." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:163 +#: sssd.conf.5.xml:162 msgid "" "In case SSSD is run with debug_level less than 9, everything is logged to a " "ring buffer in memory and flushed to a log file on any error up to and " @@ -281,15 +281,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:172 +#: sssd.conf.5.xml:171 msgid "" "Feature is only supported for `logger == files` (i.e. setting doesn't have " "effect for other logger types)." msgstr "" #. type: Content of: outside any tag (error?) -#: sssd.conf.5.xml:112 sssd.conf.5.xml:187 sssd-ldap.5.xml:1694 -#: sssd-ldap.5.xml:1900 sss-certmap.5.xml:645 sssd-systemtap.5.xml:82 +#: sssd.conf.5.xml:111 sssd.conf.5.xml:186 sssd-ldap.5.xml:1705 +#: sssd-ldap.5.xml:1911 sss-certmap.5.xml:645 sssd-systemtap.5.xml:82 #: sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 #: sssd-systemtap.5.xml:330 sssd-ldap-attributes.5.xml:40 #: sssd-ldap-attributes.5.xml:661 sssd-ldap-attributes.5.xml:803 @@ -301,17 +301,17 @@ msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:185 +#: sssd.conf.5.xml:184 msgid "Options usable in SERVICE and DOMAIN sections" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:189 +#: sssd.conf.5.xml:188 msgid "timeout (integer)" msgstr "timeout (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:192 +#: sssd.conf.5.xml:191 msgid "" "Timeout in seconds between heartbeats for this service. This is used to " "ensure that the process is alive and capable of answering requests. Note " @@ -319,33 +319,33 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:199 sssd.conf.5.xml:1261 sssd.conf.5.xml:1738 -#: sssd.conf.5.xml:4247 sssd-ldap.5.xml:766 include/ldap_id_mapping.xml:270 +#: sssd.conf.5.xml:198 sssd.conf.5.xml:1264 sssd.conf.5.xml:1741 +#: sssd.conf.5.xml:4250 sssd-ldap.5.xml:777 include/ldap_id_mapping.xml:270 msgid "Default: 10" msgstr "Padrão: 10" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:209 +#: sssd.conf.5.xml:208 msgid "SPECIAL SECTIONS" msgstr "SECÇÕES ESPECIAIS" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:212 +#: sssd.conf.5.xml:211 msgid "The [sssd] section" msgstr "A seção [SSSD]" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><title> -#: sssd.conf.5.xml:221 +#: sssd.conf.5.xml:220 msgid "Section parameters" msgstr "Parâmetros de secção" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:223 +#: sssd.conf.5.xml:222 msgid "services" msgstr "serviços" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:226 +#: sssd.conf.5.xml:225 msgid "" "Comma separated list of services that are started when sssd itself starts. " "<phrase condition=\"have_systemd\"> The services' list is optional on " @@ -354,7 +354,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:235 +#: sssd.conf.5.xml:234 msgid "" "Supported services: nss, pam, ifp <phrase condition=\"with_sudo\">, sudo</" "phrase> <phrase condition=\"with_autofs\">, autofs</phrase> <phrase " @@ -363,7 +363,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:242 +#: sssd.conf.5.xml:241 msgid "" "<phrase condition=\"have_systemd\"> By default, all services are disabled " "and the administrator must enable the ones allowed to be used by executing: " @@ -371,12 +371,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:251 +#: sssd.conf.5.xml:250 msgid "domains" msgstr "domínios" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:254 +#: sssd.conf.5.xml:253 msgid "" "A domain is a database containing user information. SSSD can use more " "domains at the same time, but at least one must be configured or SSSD won't " @@ -387,19 +387,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:267 sssd.conf.5.xml:3535 +#: sssd.conf.5.xml:266 sssd.conf.5.xml:3538 msgid "re_expression (string)" msgstr "re_expression (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:270 +#: sssd.conf.5.xml:269 msgid "" "Default regular expression that describes how to parse the string containing " "user name and domain into these components." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:275 +#: sssd.conf.5.xml:274 msgid "" "Each domain can have an individual regular expression configured. For some " "ID providers there are also default regular expressions. See DOMAIN SECTIONS " @@ -407,12 +407,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:284 sssd.conf.5.xml:3592 +#: sssd.conf.5.xml:283 sssd.conf.5.xml:3595 msgid "full_name_format (string)" msgstr "full_name_format (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:3595 +#: sssd.conf.5.xml:286 sssd.conf.5.xml:3598 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -420,70 +420,70 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:298 sssd.conf.5.xml:3606 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:3609 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 sssd.conf.5.xml:3607 +#: sssd.conf.5.xml:298 sssd.conf.5.xml:3610 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:302 sssd.conf.5.xml:3610 +#: sssd.conf.5.xml:301 sssd.conf.5.xml:3613 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:305 sssd.conf.5.xml:3613 +#: sssd.conf.5.xml:304 sssd.conf.5.xml:3616 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:311 sssd.conf.5.xml:3619 +#: sssd.conf.5.xml:310 sssd.conf.5.xml:3622 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:314 sssd.conf.5.xml:3622 +#: sssd.conf.5.xml:313 sssd.conf.5.xml:3625 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:295 sssd.conf.5.xml:3603 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:3606 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:324 +#: sssd.conf.5.xml:323 msgid "" "Each domain can have an individual format string configured. See DOMAIN " "SECTIONS for more info on this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:330 +#: sssd.conf.5.xml:329 msgid "monitor_resolv_conf (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:333 +#: sssd.conf.5.xml:332 msgid "" "Controls if SSSD should monitor the state of resolv.conf to identify when it " "needs to update its internal DNS resolver." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:343 +#: sssd.conf.5.xml:342 msgid "try_inotify (boolean)" msgstr "try_inotify (boolean)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:346 +#: sssd.conf.5.xml:345 msgid "" "By default, SSSD will attempt to use inotify to monitor configuration files " "changes and will fall back to polling every five seconds if inotify cannot " @@ -491,7 +491,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:352 +#: sssd.conf.5.xml:351 msgid "" "There are some limited situations where it is preferred that we should skip " "even trying to use inotify. In these rare cases, this option should be set " @@ -499,52 +499,52 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:358 +#: sssd.conf.5.xml:357 msgid "" "Default: true on platforms where inotify is supported. False on other " "platforms." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:362 +#: sssd.conf.5.xml:361 msgid "" "Note: this option will have no effect on platforms where inotify is " "unavailable. On these platforms, polling will always be used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 +#: sssd.conf.5.xml:368 msgid "krb5_rcache_dir (string)" msgstr "krb5_rcache_dir (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 +#: sssd.conf.5.xml:371 msgid "" "Directory on the filesystem where SSSD should store Kerberos replay cache " "files." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:376 +#: sssd.conf.5.xml:375 msgid "" "This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " "SSSD to let libkrb5 decide the appropriate location for the replay cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:382 +#: sssd.conf.5.xml:381 msgid "" "Default: Distribution-specific and specified at build-time. " "(__LIBKRB5_DEFAULTS__ if not configured)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:389 +#: sssd.conf.5.xml:388 msgid "user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:392 +#: sssd.conf.5.xml:391 msgid "" "A legacy (deprecated) method to configure the user to drop the privileges to " "where appropriate to avoid running as the root user. The only supported " @@ -552,14 +552,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 +#: sssd.conf.5.xml:398 msgid "" "This option is ignored if main SSSD process is started under non-root user " "initially (preferred method)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:404 +#: sssd.conf.5.xml:403 msgid "" "This option doesn't apply to socket activated services, as in this case the " "user to run the processes is configured in systemd service files. Keep in " @@ -569,17 +569,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:415 +#: sssd.conf.5.xml:414 msgid "Default: not set, process will run as root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:420 +#: sssd.conf.5.xml:419 msgid "default_domain_suffix (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:423 +#: sssd.conf.5.xml:422 +msgid "" +"Please note that this option is deprecated and domain_resolution_order " +"should be used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:426 msgid "" "This string will be used as a default domain name for all names without a " "domain name component. The main use case is environments where the primary " @@ -589,7 +596,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 +#: sssd.conf.5.xml:436 msgid "" "Please note that if this option is set all users from the primary domain " "have to use their fully qualified name, e.g. user@domain.name, to log in. " @@ -602,8 +609,8 @@ msgid "" msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:450 sssd-ldap.5.xml:878 sssd-ldap.5.xml:890 -#: sssd-ldap.5.xml:983 sssd-ad.5.xml:921 sssd-ad.5.xml:996 sssd-krb5.5.xml:468 +#: sssd.conf.5.xml:453 sssd-ldap.5.xml:889 sssd-ldap.5.xml:901 +#: sssd-ldap.5.xml:994 sssd-ad.5.xml:921 sssd-ad.5.xml:996 sssd-krb5.5.xml:468 #: sssd-ldap-attributes.5.xml:470 sssd-ldap-attributes.5.xml:978 #: include/ldap_id_mapping.xml:211 include/ldap_id_mapping.xml:222 #: include/krb5_options.xml:148 @@ -611,12 +618,12 @@ msgid "Default: not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:455 +#: sssd.conf.5.xml:458 msgid "override_space (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:458 +#: sssd.conf.5.xml:461 msgid "" "This parameter will replace spaces (space bar) with the given character for " "user and group names. e.g. (_). User name "john doe" will be " @@ -626,7 +633,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:467 +#: sssd.conf.5.xml:470 msgid "" "Please note it is a configuration error to use a replacement character that " "might be used in user or group names. If a name contains the replacement " @@ -635,22 +642,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:475 +#: sssd.conf.5.xml:478 msgid "Default: not set (spaces will not be replaced)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:480 +#: sssd.conf.5.xml:483 msgid "certificate_verification (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:488 +#: sssd.conf.5.xml:491 msgid "no_ocsp" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:490 +#: sssd.conf.5.xml:493 msgid "" "Disables Online Certificate Status Protocol (OCSP) checks. This might be " "needed if the OCSP servers defined in the certificate are not reachable from " @@ -658,12 +665,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:498 +#: sssd.conf.5.xml:501 msgid "soft_ocsp" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:500 +#: sssd.conf.5.xml:503 msgid "" "If a connection cannot be established to an OCSP responder the OCSP check is " "skipped. This option should be used to allow authentication when the system " @@ -671,61 +678,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:510 +#: sssd.conf.5.xml:513 msgid "ocsp_dgst" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:512 +#: sssd.conf.5.xml:515 msgid "" "Digest (hash) function used to create the certificate ID for the OCSP " "request. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:516 +#: sssd.conf.5.xml:519 msgid "sha1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:517 +#: sssd.conf.5.xml:520 msgid "sha256" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:518 +#: sssd.conf.5.xml:521 msgid "sha384" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:519 +#: sssd.conf.5.xml:522 msgid "sha512" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:522 +#: sssd.conf.5.xml:525 msgid "Default: sha1 (to allow compatibility with RFC5019-compliant responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:528 +#: sssd.conf.5.xml:531 msgid "no_verification" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:530 +#: sssd.conf.5.xml:533 msgid "" "Disables verification completely. This option should only be used for " "testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:536 +#: sssd.conf.5.xml:539 msgid "partial_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:538 +#: sssd.conf.5.xml:541 msgid "" "Allow verification to succeed even if a <replaceable>complete</replaceable> " "chain cannot be built to a self-signed trust-anchor, provided it is possible " @@ -733,12 +740,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:547 +#: sssd.conf.5.xml:550 msgid "ocsp_default_responder=URL" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:549 +#: sssd.conf.5.xml:552 msgid "" "Sets the OCSP default responder which should be used instead of the one " "mentioned in the certificate. URL must be replaced with the URL of the OCSP " @@ -746,24 +753,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:559 +#: sssd.conf.5.xml:562 msgid "ocsp_default_responder_signing_cert=NAME" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:561 +#: sssd.conf.5.xml:564 msgid "" "This option is currently ignored. All needed certificates must be available " "in the PEM file given by pam_cert_db_path." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:569 +#: sssd.conf.5.xml:572 msgid "crl_file=/PATH/TO/CRL/FILE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:571 +#: sssd.conf.5.xml:574 msgid "" "Use the Certificate Revocation List (CRL) from the given file during the " "verification of the certificate. The CRL must be given in PEM format, see " @@ -772,12 +779,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:584 +#: sssd.conf.5.xml:587 msgid "soft_crl" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:587 +#: sssd.conf.5.xml:590 msgid "" "If a Certificate Revocation List (CRL) is expired ignore the expiration " "time of the CRL and check the related certificates with the expired CRL. " @@ -786,7 +793,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:483 +#: sssd.conf.5.xml:486 msgid "" "With this parameter the certificate verification can be tuned with a comma " "separated list of options. Supported options are: <placeholder " @@ -794,58 +801,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 +#: sssd.conf.5.xml:603 msgid "Unknown options are reported but ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:603 +#: sssd.conf.5.xml:606 msgid "Default: not set, i.e. do not restrict certificate verification" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:609 +#: sssd.conf.5.xml:612 msgid "disable_netlink (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:612 +#: sssd.conf.5.xml:615 msgid "" "SSSD hooks into the netlink interface to monitor changes to routes, " "addresses, links and trigger certain actions." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 +#: sssd.conf.5.xml:620 msgid "" "The SSSD state changes caused by netlink events may be undesirable and can " "be disabled by setting this option to 'true'" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:622 +#: sssd.conf.5.xml:625 msgid "Default: false (netlink changes are detected)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:627 +#: sssd.conf.5.xml:630 msgid "enable_files_domain (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:630 +#: sssd.conf.5.xml:633 msgid "" "When this option is enabled, SSSD prepends an implicit domain with " "<quote>id_provider=files</quote> before any explicitly configured domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:641 +#: sssd.conf.5.xml:644 msgid "domain_resolution_order" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:644 +#: sssd.conf.5.xml:647 msgid "" "Comma separated list of domains and subdomains representing the lookup order " "that will be followed. The list doesn't have to include all possible " @@ -856,7 +863,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:656 +#: sssd.conf.5.xml:659 msgid "" "Please, note that when this option is set the output format of all commands " "is always fully-qualified even when using short names for input <phrase " @@ -874,20 +881,20 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:684 sssd.conf.5.xml:1762 sssd.conf.5.xml:4297 +#: sssd.conf.5.xml:687 sssd.conf.5.xml:1765 sssd.conf.5.xml:4300 #: sssd-ad.5.xml:187 sssd-ad.5.xml:328 sssd-ad.5.xml:342 msgid "Default: Not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:692 #, fuzzy #| msgid "ldap_krb5_init_creds (boolean)" msgid "implicit_pac_responder (boolean)" msgstr "ldap_krb5_init_creds (boolean)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 +#: sssd.conf.5.xml:695 msgid "" "The PAC responder is enabled automatically for the IPA and AD provider to " "evaluate and check the PAC. If it has to be disabled set this option to " @@ -895,14 +902,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:703 +#: sssd.conf.5.xml:706 #, fuzzy #| msgid "krb5_validate (boolean)" msgid "core_dumpable (boolean)" msgstr "krb5_validate (boolean)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:706 +#: sssd.conf.5.xml:709 msgid "" "This option can be used for general system hardening: setting it to 'false' " "forbids core dumps for all SSSD processes to avoid leaking plain text " @@ -910,28 +917,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:718 +#: sssd.conf.5.xml:721 #, fuzzy #| msgid "ldap_user_principal (string)" msgid "passkey_verification (string)" msgstr "ldap_user_principal (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:726 +#: sssd.conf.5.xml:729 #, fuzzy #| msgid "ldap_user_principal (string)" msgid "user_verification (boolean)" msgstr "ldap_user_principal (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 +#: sssd.conf.5.xml:731 msgid "" "Enable or disable the user verification (i.e. PIN, fingerprint) during " "authentication. If enabled, the PIN will always be requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 +#: sssd.conf.5.xml:737 msgid "" "The default is that the key settings decide what to do. In the IPA or " "kerberos pre-authentication case, this value will be overwritten by the " @@ -939,7 +946,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:721 +#: sssd.conf.5.xml:724 msgid "" "With this parameter the passkey verification can be tuned with a comma " "separated list of options. Supported options are: <placeholder " @@ -947,7 +954,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:214 +#: sssd.conf.5.xml:213 msgid "" "Individual pieces of SSSD functionality are provided by special SSSD " "services that are started and stopped together with SSSD. The services are " @@ -958,12 +965,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:753 +#: sssd.conf.5.xml:756 msgid "SERVICES SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:755 +#: sssd.conf.5.xml:758 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -972,22 +979,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:762 +#: sssd.conf.5.xml:765 msgid "General service configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:764 +#: sssd.conf.5.xml:767 msgid "These options can be used to configure any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:768 +#: sssd.conf.5.xml:771 msgid "fd_limit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:771 +#: sssd.conf.5.xml:774 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -997,17 +1004,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:780 +#: sssd.conf.5.xml:783 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:785 +#: sssd.conf.5.xml:788 msgid "client_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:788 +#: sssd.conf.5.xml:791 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " @@ -1017,19 +1024,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:797 +#: sssd.conf.5.xml:800 #, fuzzy #| msgid "Default: 300" msgid "Default: 60, KCM: 300" msgstr "Padrão: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 +#: sssd.conf.5.xml:805 msgid "offline_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 +#: sssd.conf.5.xml:808 msgid "" "When SSSD switches to offline mode the amount of time before it tries to go " "back online will increase based upon the time spent disconnected. By " @@ -1040,14 +1047,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:816 sssd.conf.5.xml:872 +#: sssd.conf.5.xml:819 sssd.conf.5.xml:875 msgid "" "new_delay = Minimum(old_delay * 2, offline_timeout_max) + random[0..." "offline_timeout_random_offset]" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:822 msgid "" "The offline_timeout default value is 60. The offline_timeout_max default " "value is 3600. The offline_timeout_random_offset default value is 30. The " @@ -1055,46 +1062,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:825 +#: sssd.conf.5.xml:828 msgid "" "Note that the maximum length of each interval is defined by " "offline_timeout_max (apart of random part)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:829 sssd.conf.5.xml:1172 sssd.conf.5.xml:1555 -#: sssd.conf.5.xml:1851 sssd-ldap.5.xml:495 +#: sssd.conf.5.xml:832 sssd.conf.5.xml:1175 sssd.conf.5.xml:1558 +#: sssd.conf.5.xml:1854 sssd-ldap.5.xml:506 msgid "Default: 60" msgstr "Padrão: 60" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:834 +#: sssd.conf.5.xml:837 #, fuzzy #| msgid "timeout (integer)" msgid "offline_timeout_max (integer)" msgstr "timeout (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:837 +#: sssd.conf.5.xml:840 msgid "" "Controls by how much the time between attempts to go online can be " "incremented following unsuccessful attempts to go online." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:842 +#: sssd.conf.5.xml:845 msgid "A value of 0 disables the incrementing behaviour." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:845 +#: sssd.conf.5.xml:848 msgid "" "The value of this parameter should be set in correlation to offline_timeout " "parameter value." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:849 +#: sssd.conf.5.xml:852 msgid "" "With offline_timeout set to 60 (default value) there is no point in setting " "offlinet_timeout_max to less than 120 as it will saturate instantly. General " @@ -1103,64 +1110,64 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:858 msgid "" "Although a value between 0 and offline_timeout may be specified, it has the " "effect of overriding the offline_timeout value so is of little use." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:863 #, fuzzy #| msgid "Default: 300" msgid "Default: 3600" msgstr "Padrão: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:865 +#: sssd.conf.5.xml:868 #, fuzzy #| msgid "dns_resolver_timeout (integer)" msgid "offline_timeout_random_offset (integer)" msgstr "dns_resolver_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:868 +#: sssd.conf.5.xml:871 msgid "" "When SSSD is in offline mode it keeps probing backend servers in specified " "time intervals:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:875 +#: sssd.conf.5.xml:878 msgid "" "This parameter controls the value of the random offset used for the above " "equation. Final random_offset value will be random number in range:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:880 +#: sssd.conf.5.xml:883 msgid "[0 - offline_timeout_random_offset]" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:883 +#: sssd.conf.5.xml:886 msgid "A value of 0 disables the random offset addition." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:886 +#: sssd.conf.5.xml:889 #, fuzzy #| msgid "Default: 300" msgid "Default: 30" msgstr "Padrão: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:894 msgid "responder_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:894 +#: sssd.conf.5.xml:897 msgid "" "This option specifies the number of seconds that an SSSD responder process " "can be up without being used. This value is limited in order to avoid " @@ -1172,58 +1179,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:908 sssd.conf.5.xml:1185 sssd.conf.5.xml:2304 -#: sssd-ldap.5.xml:332 +#: sssd.conf.5.xml:911 sssd.conf.5.xml:1188 sssd.conf.5.xml:2307 +#: sssd-ldap.5.xml:343 msgid "Default: 300" msgstr "Padrão: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:913 +#: sssd.conf.5.xml:916 msgid "cache_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:916 +#: sssd.conf.5.xml:919 msgid "" "This option specifies whether the responder should query all caches before " "querying the Data Providers." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:934 msgid "NSS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:933 +#: sssd.conf.5.xml:936 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:938 +#: sssd.conf.5.xml:941 msgid "enum_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:941 +#: sssd.conf.5.xml:944 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:945 +#: sssd.conf.5.xml:948 msgid "Default: 120" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:950 +#: sssd.conf.5.xml:953 msgid "entry_cache_nowait_percentage (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:956 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -1231,7 +1238,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:959 +#: sssd.conf.5.xml:962 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -1241,7 +1248,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:969 +#: sssd.conf.5.xml:972 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -1250,17 +1257,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:977 sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:980 sssd.conf.5.xml:2096 msgid "Default: 50" msgstr "Padrão: 50" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:985 msgid "entry_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:985 +#: sssd.conf.5.xml:988 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -1268,17 +1275,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:991 sssd.conf.5.xml:1750 sssd.conf.5.xml:2117 +#: sssd.conf.5.xml:994 sssd.conf.5.xml:1753 sssd.conf.5.xml:2120 msgid "Default: 15" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:996 +#: sssd.conf.5.xml:999 msgid "local_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:999 +#: sssd.conf.5.xml:1002 msgid "" "Specifies for how many seconds nss_sss should keep local users and groups in " "negative cache before trying to look it up in the back end again. Setting " @@ -1286,17 +1293,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1005 +#: sssd.conf.5.xml:1008 msgid "Default: 14400 (4 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1013 msgid "filter_users, filter_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1013 +#: sssd.conf.5.xml:1016 msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " @@ -1305,7 +1312,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1024 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1314,41 +1321,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1029 +#: sssd.conf.5.xml:1032 msgid "Default: root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1037 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1037 +#: sssd.conf.5.xml:1040 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1048 +#: sssd.conf.5.xml:1051 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 +#: sssd.conf.5.xml:1054 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1056 +#: sssd.conf.5.xml:1059 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1062 +#: sssd.conf.5.xml:1065 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1356,23 +1363,23 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 sssd.conf.5.xml:1622 sssd.conf.5.xml:1641 -#: sssd.conf.5.xml:1718 sssd-krb5.5.xml:451 include/override_homedir.xml:66 +#: sssd.conf.5.xml:1063 sssd.conf.5.xml:1625 sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1721 sssd-krb5.5.xml:451 include/override_homedir.xml:66 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1069 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1072 +#: sssd.conf.5.xml:1075 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 +#: sssd.conf.5.xml:1078 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1380,47 +1387,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1084 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1090 msgid "allowed_shells (string)" msgstr "allowed_shells (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1093 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:1096 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1097 +#: sssd.conf.5.xml:1100 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1105 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 +#: sssd.conf.5.xml:1110 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1110 +#: sssd.conf.5.xml:1113 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1428,117 +1435,117 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1117 +#: sssd.conf.5.xml:1120 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1123 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1127 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1132 msgid "vetoed_shells (string)" msgstr "vetoed_shells (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1132 +#: sssd.conf.5.xml:1135 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1140 msgid "shell_fallback (string)" msgstr "shell_fallback (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1143 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1147 msgid "Default: /bin/sh" msgstr "Padrão: /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1152 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1155 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1161 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 sssd.conf.5.xml:1548 +#: sssd.conf.5.xml:1168 sssd.conf.5.xml:1551 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 sssd.conf.5.xml:1551 +#: sssd.conf.5.xml:1171 sssd.conf.5.xml:1554 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1180 #, fuzzy #| msgid "entry_cache_timeout (integer)" msgid "memcache_timeout (integer)" msgstr "entry_cache_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1180 +#: sssd.conf.5.xml:1183 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1191 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 sssd.conf.5.xml:1219 sssd.conf.5.xml:1244 -#: sssd.conf.5.xml:1269 sssd.conf.5.xml:1296 +#: sssd.conf.5.xml:1197 sssd.conf.5.xml:1222 sssd.conf.5.xml:1247 +#: sssd.conf.5.xml:1272 sssd.conf.5.xml:1299 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1202 +#: sssd.conf.5.xml:1205 #, fuzzy #| msgid "entry_cache_timeout (integer)" msgid "memcache_size_passwd (integer)" msgstr "entry_cache_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1205 +#: sssd.conf.5.xml:1208 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for passwd requests. Setting the size to 0 will disable the passwd in-" @@ -1546,27 +1553,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:2963 sssd-ldap.5.xml:549 +#: sssd.conf.5.xml:1214 sssd.conf.5.xml:2966 sssd-ldap.5.xml:560 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1214 sssd.conf.5.xml:1239 sssd.conf.5.xml:1264 -#: sssd.conf.5.xml:1291 +#: sssd.conf.5.xml:1217 sssd.conf.5.xml:1242 sssd.conf.5.xml:1267 +#: sssd.conf.5.xml:1294 msgid "" "WARNING: Disabled or too small in-memory cache can have significant negative " "impact on SSSD's performance." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1230 #, fuzzy #| msgid "entry_cache_timeout (integer)" msgid "memcache_size_group (integer)" msgstr "entry_cache_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1233 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for group requests. Setting the size to 0 will disable the group in-memory " @@ -1574,21 +1581,21 @@ msgid "" msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1236 sssd.conf.5.xml:1288 sssd.conf.5.xml:3724 -#: sssd-ldap.5.xml:474 sssd-ldap.5.xml:526 include/failover.xml:116 +#: sssd.conf.5.xml:1239 sssd.conf.5.xml:1291 sssd.conf.5.xml:3727 +#: sssd-ldap.5.xml:485 sssd-ldap.5.xml:537 include/failover.xml:116 #: include/krb5_options.xml:11 msgid "Default: 6" msgstr "Padrão: 6" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1252 +#: sssd.conf.5.xml:1255 #, fuzzy #| msgid "entry_cache_timeout (integer)" msgid "memcache_size_initgroups (integer)" msgstr "entry_cache_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1255 +#: sssd.conf.5.xml:1258 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for initgroups requests. Setting the size to 0 will disable the initgroups " @@ -1596,14 +1603,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 +#: sssd.conf.5.xml:1280 #, fuzzy #| msgid "entry_cache_timeout (integer)" msgid "memcache_size_sid (integer)" msgstr "entry_cache_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 +#: sssd.conf.5.xml:1283 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for SID related requests. Only SID-by-ID and ID-by-SID requests are " @@ -1612,12 +1619,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1304 sssd-ifp.5.xml:90 +#: sssd.conf.5.xml:1307 sssd-ifp.5.xml:90 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1307 +#: sssd.conf.5.xml:1310 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1628,45 +1635,45 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1320 +#: sssd.conf.5.xml:1323 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1325 +#: sssd.conf.5.xml:1328 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1330 +#: sssd.conf.5.xml:1333 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1336 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1341 #, fuzzy #| msgid "Default: <quote>%1$s@%2$s</quote>." msgid "Default: <quote>*</quote>" msgstr "Default: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1341 +#: sssd.conf.5.xml:1344 msgid "" "Note: This option can also be set per-domain which overwrites the value in " "[nss] section." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1348 msgid "" "Default: <quote>not set</quote> (remote domains), <phrase " "condition=\"with_files_provider\"> <quote>x</quote> (the files domain), </" @@ -1675,60 +1682,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1360 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1359 +#: sssd.conf.5.xml:1362 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1364 +#: sssd.conf.5.xml:1367 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1367 +#: sssd.conf.5.xml:1370 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1372 sssd.conf.5.xml:1385 +#: sssd.conf.5.xml:1375 sssd.conf.5.xml:1388 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1381 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1384 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1391 +#: sssd.conf.5.xml:1394 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1394 +#: sssd.conf.5.xml:1397 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1399 +#: sssd.conf.5.xml:1402 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1736,61 +1743,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1405 sssd.conf.5.xml:1515 +#: sssd.conf.5.xml:1408 sssd.conf.5.xml:1518 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1411 +#: sssd.conf.5.xml:1414 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1414 +#: sssd.conf.5.xml:1417 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1422 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1422 +#: sssd.conf.5.xml:1425 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1425 +#: sssd.conf.5.xml:1428 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1432 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1435 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1436 sssd.8.xml:63 +#: sssd.conf.5.xml:1439 sssd.8.xml:63 msgid "Default: 1" msgstr "Padrão: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1442 +#: sssd.conf.5.xml:1445 #, fuzzy #| msgid "access_provider (string)" msgid "pam_response_filter (string)" msgstr "access_provider (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:1448 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1799,51 +1806,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1453 +#: sssd.conf.5.xml:1456 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1463 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1461 +#: sssd.conf.5.xml:1464 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1464 +#: sssd.conf.5.xml:1467 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1465 +#: sssd.conf.5.xml:1468 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:1472 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1470 +#: sssd.conf.5.xml:1473 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1458 +#: sssd.conf.5.xml:1461 msgid "" "Currently the following filters are supported: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1477 +#: sssd.conf.5.xml:1480 msgid "" "The list of strings can either be the list of filters which would set this " "list of filters and overwrite the defaults. Or each element of the list can " @@ -1854,23 +1861,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1488 +#: sssd.conf.5.xml:1491 msgid "Default: ENV:KRB5CCNAME:sudo, ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1491 +#: sssd.conf.5.xml:1494 msgid "" "Example: -ENV:KRB5CCNAME:sudo-i will remove the filter from the default list" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1498 +#: sssd.conf.5.xml:1501 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1501 +#: sssd.conf.5.xml:1504 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1878,7 +1885,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1507 +#: sssd.conf.5.xml:1510 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1887,17 +1894,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1521 +#: sssd.conf.5.xml:1524 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1524 sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:1527 sssd.conf.5.xml:2990 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1527 +#: sssd.conf.5.xml:1530 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1905,32 +1912,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1533 sssd.conf.5.xml:2990 +#: sssd.conf.5.xml:1536 sssd.conf.5.xml:2993 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1541 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1543 sssd.conf.5.xml:3990 sssd-ldap.5.xml:607 -#: sssd-ldap.5.xml:1673 sssd.8.xml:79 +#: sssd.conf.5.xml:1546 sssd.conf.5.xml:3993 sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:1684 sssd.8.xml:79 msgid "Default: 0" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1560 +#: sssd.conf.5.xml:1563 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1563 +#: sssd.conf.5.xml:1566 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1940,75 +1947,75 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1573 +#: sssd.conf.5.xml:1576 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1577 +#: sssd.conf.5.xml:1580 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1584 +#: sssd.conf.5.xml:1587 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1587 +#: sssd.conf.5.xml:1590 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1591 +#: sssd.conf.5.xml:1594 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1595 +#: sssd.conf.5.xml:1598 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1602 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1603 sssd.conf.5.xml:1628 sssd.conf.5.xml:1647 -#: sssd.conf.5.xml:1884 sssd.conf.5.xml:2725 sssd.conf.5.xml:3919 -#: sssd-ldap.5.xml:1210 +#: sssd.conf.5.xml:1606 sssd.conf.5.xml:1631 sssd.conf.5.xml:1650 +#: sssd.conf.5.xml:1887 sssd.conf.5.xml:2728 sssd.conf.5.xml:3922 +#: sssd-ldap.5.xml:1221 msgid "Default: none" msgstr "Padrão: none" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1611 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1611 +#: sssd.conf.5.xml:1614 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1616 +#: sssd.conf.5.xml:1619 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1627 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -2016,19 +2023,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1633 +#: sssd.conf.5.xml:1636 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1639 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1643 +#: sssd.conf.5.xml:1646 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -2036,46 +2043,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1652 +#: sssd.conf.5.xml:1655 msgid "pam_passkey_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1655 +#: sssd.conf.5.xml:1658 msgid "Enable passkey device based authentication." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1658 sssd.conf.5.xml:1970 sssd-ad.5.xml:1272 +#: sssd.conf.5.xml:1661 sssd.conf.5.xml:1973 sssd-ad.5.xml:1275 #: sss_rpcidmapd.5.xml:76 sssd-files.5.xml:145 msgid "Default: True" msgstr "Padrão: TRUE" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1663 +#: sssd.conf.5.xml:1666 msgid "passkey_debug_libfido2 (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1666 +#: sssd.conf.5.xml:1669 msgid "Enable libfido2 library debug messages." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1669 sssd.conf.5.xml:1683 sssd-ldap.5.xml:672 -#: sssd-ldap.5.xml:693 sssd-ldap.5.xml:789 sssd-ldap.5.xml:1296 -#: sssd-ad.5.xml:506 sssd-ad.5.xml:582 sssd-ad.5.xml:1127 sssd-ad.5.xml:1176 +#: sssd.conf.5.xml:1672 sssd.conf.5.xml:1686 sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:704 sssd-ldap.5.xml:800 sssd-ldap.5.xml:1307 +#: sssd-ad.5.xml:506 sssd-ad.5.xml:582 sssd-ad.5.xml:1127 sssd-ad.5.xml:1179 #: include/ldap_id_mapping.xml:250 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1674 +#: sssd.conf.5.xml:1677 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1677 +#: sssd.conf.5.xml:1680 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -2083,36 +2090,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1688 +#: sssd.conf.5.xml:1691 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1691 +#: sssd.conf.5.xml:1694 msgid "The path to the certificate database." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1694 sssd.conf.5.xml:2219 sssd.conf.5.xml:4411 +#: sssd.conf.5.xml:1697 sssd.conf.5.xml:2222 sssd.conf.5.xml:4414 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1696 sssd.conf.5.xml:2221 +#: sssd.conf.5.xml:1699 sssd.conf.5.xml:2224 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (path to a file with trusted CA " "certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:1709 #, fuzzy #| msgid "ldap_user_principal (string)" msgid "pam_cert_verification (string)" msgstr "ldap_user_principal (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:1712 msgid "" "With this parameter the PAM certificate verification can be tuned with a " "comma separated list of options that override the " @@ -2122,7 +2129,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:1723 #, no-wrap msgid "" "pam_cert_verification = partial_chain\n" @@ -2130,63 +2137,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:1727 msgid "" "Default: not set, i.e. use default <quote>certificate_verification</quote> " "option defined in <quote>[sssd]</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1731 +#: sssd.conf.5.xml:1734 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1734 +#: sssd.conf.5.xml:1737 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1743 +#: sssd.conf.5.xml:1746 #, fuzzy #| msgid "pam_id_timeout (integer)" msgid "passkey_child_timeout (integer)" msgstr "pam_id_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 +#: sssd.conf.5.xml:1749 msgid "" "How many seconds will the PAM responder wait for passkey_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1758 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1761 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1767 +#: sssd.conf.5.xml:1770 #, fuzzy #| msgid "allowed_shells (string)" msgid "pam_p11_allowed_services (string)" msgstr "allowed_shells (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1770 +#: sssd.conf.5.xml:1773 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1785 +#: sssd.conf.5.xml:1788 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -2194,7 +2201,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1774 +#: sssd.conf.5.xml:1777 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -2206,63 +2213,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1789 sssd-ad.5.xml:645 sssd-ad.5.xml:754 sssd-ad.5.xml:812 +#: sssd.conf.5.xml:1792 sssd-ad.5.xml:645 sssd-ad.5.xml:754 sssd-ad.5.xml:812 #: sssd-ad.5.xml:870 sssd-ad.5.xml:948 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1794 sssd-ad.5.xml:649 +#: sssd.conf.5.xml:1797 sssd-ad.5.xml:649 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1799 sssd-ad.5.xml:654 +#: sssd.conf.5.xml:1802 sssd-ad.5.xml:654 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1804 sssd-ad.5.xml:659 +#: sssd.conf.5.xml:1807 sssd-ad.5.xml:659 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1809 sssd-ad.5.xml:674 +#: sssd.conf.5.xml:1812 sssd-ad.5.xml:674 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1814 sssd-ad.5.xml:669 +#: sssd.conf.5.xml:1817 sssd-ad.5.xml:669 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1819 sssd-ad.5.xml:679 +#: sssd.conf.5.xml:1822 sssd-ad.5.xml:679 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1824 sssd-ad.5.xml:957 +#: sssd.conf.5.xml:1827 sssd-ad.5.xml:957 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1829 sssd-ad.5.xml:962 +#: sssd.conf.5.xml:1832 sssd-ad.5.xml:962 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1837 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1845 msgid "p11_wait_for_card_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1845 +#: sssd.conf.5.xml:1848 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2270,12 +2277,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1856 +#: sssd.conf.5.xml:1859 msgid "p11_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1859 +#: sssd.conf.5.xml:1862 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " @@ -2286,7 +2293,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1872 +#: sssd.conf.5.xml:1875 #, no-wrap msgid "" "p11_uri = pkcs11:slot-description=My%20Smartcard%20Reader\n" @@ -2294,7 +2301,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1876 +#: sssd.conf.5.xml:1879 #, no-wrap msgid "" "p11_uri = pkcs11:library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2302,7 +2309,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1870 +#: sssd.conf.5.xml:1873 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2311,47 +2318,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1892 msgid "pam_initgroups_scheme" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1897 +#: sssd.conf.5.xml:1900 msgid "always" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1898 +#: sssd.conf.5.xml:1901 msgid "" "Always do an online lookup, please note that pam_id_timeout still applies" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1902 +#: sssd.conf.5.xml:1905 msgid "no_session" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1903 +#: sssd.conf.5.xml:1906 msgid "" "Only do an online lookup if there is no active session of the user, i.e. if " "the user is currently not logged in" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1908 +#: sssd.conf.5.xml:1911 msgid "never" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1909 +#: sssd.conf.5.xml:1912 msgid "" "Never force an online lookup, use the data from the cache as long as they " "are not expired" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1892 +#: sssd.conf.5.xml:1895 msgid "" "The PAM responder can force an online lookup to get the current group " "memberships of the user trying to log in. This option controls when this " @@ -2360,30 +2367,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1916 +#: sssd.conf.5.xml:1919 msgid "Default: no_session" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1921 sssd.conf.5.xml:4350 +#: sssd.conf.5.xml:1924 sssd.conf.5.xml:4353 msgid "pam_gssapi_services" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1924 +#: sssd.conf.5.xml:1927 msgid "" "Comma separated list of PAM services that are allowed to try GSSAPI " "authentication using pam_sss_gss.so module." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:1932 msgid "" "To disable GSSAPI authentication, set this option to <quote>-</quote> (dash)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1933 sssd.conf.5.xml:1964 sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:1936 sssd.conf.5.xml:1967 sssd.conf.5.xml:2005 msgid "" "Note: This option can also be set per-domain which overwrites the value in " "[pam] section. It can also be set for trusted domain which overwrites the " @@ -2391,7 +2398,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1941 +#: sssd.conf.5.xml:1944 #, no-wrap msgid "" "pam_gssapi_services = sudo, sudo-i\n" @@ -2399,22 +2406,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1939 sssd.conf.5.xml:3913 +#: sssd.conf.5.xml:1942 sssd.conf.5.xml:3916 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1945 +#: sssd.conf.5.xml:1948 msgid "Default: - (GSSAPI authentication is disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1950 sssd.conf.5.xml:4351 +#: sssd.conf.5.xml:1953 sssd.conf.5.xml:4354 msgid "pam_gssapi_check_upn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1953 +#: sssd.conf.5.xml:1956 msgid "" "If True, SSSD will require that the Kerberos user principal that " "successfully authenticated through GSSAPI can be associated with the user " @@ -2422,19 +2429,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1960 +#: sssd.conf.5.xml:1963 msgid "" "If False, every user that is able to obtained required service ticket will " "be authenticated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:1978 msgid "pam_gssapi_indicators_map" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1978 +#: sssd.conf.5.xml:1981 msgid "" "Comma separated list of authentication indicators required to be present in " "a Kerberos ticket to access a PAM service that is allowed to try GSSAPI " @@ -2442,7 +2449,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1984 +#: sssd.conf.5.xml:1987 msgid "" "Each element of the list can be either an authentication indicator name or a " "pair <quote>service:indicator</quote>. Indicators not prefixed with the PAM " @@ -2457,7 +2464,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1997 +#: sssd.conf.5.xml:2000 msgid "" "To disable GSSAPI authentication indicator check, set this option to <quote>-" "</quote> (dash). To disable the check for a specific PAM service, add " @@ -2465,45 +2472,45 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2008 +#: sssd.conf.5.xml:2011 msgid "" "Following authentication indicators are supported by IPA Kerberos " "deployments:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2011 +#: sssd.conf.5.xml:2014 msgid "" "pkinit -- pre-authentication using X.509 certificates -- whether stored in " "files or on smart cards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2014 +#: sssd.conf.5.xml:2017 msgid "" "hardened -- SPAKE pre-authentication or any pre-authentication wrapped in a " "FAST channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2017 +#: sssd.conf.5.xml:2020 msgid "radius -- pre-authentication with the help of a RADIUS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2020 +#: sssd.conf.5.xml:2023 msgid "" "otp -- pre-authentication using integrated two-factor authentication (2FA or " "one-time password, OTP) in IPA." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2023 +#: sssd.conf.5.xml:2026 msgid "idp -- pre-authentication using external identity provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2033 +#: sssd.conf.5.xml:2036 #, no-wrap msgid "" "pam_gssapi_indicators_map = sudo:pkinit, sudo-i:pkinit\n" @@ -2511,7 +2518,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2028 +#: sssd.conf.5.xml:2031 msgid "" "Example: to require access to SUDO services only for users which obtained " "their Kerberos tickets with a X.509 certificate pre-authentication (PKINIT), " @@ -2519,17 +2526,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2037 +#: sssd.conf.5.xml:2040 msgid "Default: not set (use of authentication indicators is not required)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2048 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2047 +#: sssd.conf.5.xml:2050 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2540,24 +2547,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2064 +#: sssd.conf.5.xml:2067 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2067 +#: sssd.conf.5.xml:2070 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2079 +#: sssd.conf.5.xml:2082 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2082 +#: sssd.conf.5.xml:2085 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2567,22 +2574,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2101 +#: sssd.conf.5.xml:2104 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2103 +#: sssd.conf.5.xml:2106 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2107 +#: sssd.conf.5.xml:2110 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2110 +#: sssd.conf.5.xml:2113 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2590,51 +2597,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2126 +#: sssd.conf.5.xml:2129 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2128 +#: sssd.conf.5.xml:2131 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:2135 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2135 +#: sssd.conf.5.xml:2138 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2144 +#: sssd.conf.5.xml:2147 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2147 +#: sssd.conf.5.xml:2150 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2154 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2156 +#: sssd.conf.5.xml:2159 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2159 +#: sssd.conf.5.xml:2162 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2643,12 +2650,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2174 +#: sssd.conf.5.xml:2177 msgid "ssh_use_certificate_matching_rules (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2177 +#: sssd.conf.5.xml:2180 msgid "" "By default the ssh responder will use all available certificate matching " "rules to filter the certificates so that ssh keys are only derived from the " @@ -2658,7 +2665,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2186 +#: sssd.conf.5.xml:2189 msgid "" "There are two special key words 'all_rules' and 'no_rules' which will enable " "all or no rules, respectively. The latter means that no certificates will be " @@ -2666,7 +2673,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2193 +#: sssd.conf.5.xml:2196 msgid "" "If no rules are configured using 'all_rules' will enable a default rule " "which enables all certificates suitable for client authentication. This is " @@ -2675,38 +2682,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2200 +#: sssd.conf.5.xml:2203 msgid "" "A non-existing rule name is considered an error. If as a result no rule is " "selected all certificates will be ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2205 +#: sssd.conf.5.xml:2208 msgid "" "Default: not set, equivalent to 'all_rules', all found rules or the default " "rule are used" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2211 +#: sssd.conf.5.xml:2214 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2214 +#: sssd.conf.5.xml:2217 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2234 +#: sssd.conf.5.xml:2237 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2239 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2717,7 +2724,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2245 +#: sssd.conf.5.xml:2248 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2728,24 +2735,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2253 +#: sssd.conf.5.xml:2256 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2259 +#: sssd.conf.5.xml:2262 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2263 sssd-ifp.5.xml:66 +#: sssd.conf.5.xml:2266 sssd-ifp.5.xml:66 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2266 +#: sssd.conf.5.xml:2269 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2753,19 +2760,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2272 +#: sssd.conf.5.xml:2275 msgid "" "Default: 0, &sssd_user_name; (only root and SSSD service users are allowed " "to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2279 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2280 +#: sssd.conf.5.xml:2283 msgid "" "Please note that defaults will be overwritten with this option. If you still " "want to allow the root and/or '&sssd_user_name;' user to access the PAC " @@ -2774,7 +2781,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2287 +#: sssd.conf.5.xml:2290 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2783,26 +2790,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2296 +#: sssd.conf.5.xml:2299 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2299 +#: sssd.conf.5.xml:2302 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2309 +#: sssd.conf.5.xml:2312 #, fuzzy #| msgid "ipa_hostname (string)" msgid "pac_check (string)" msgstr "ipa_hostname (string)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2312 +#: sssd.conf.5.xml:2315 msgid "" "Apply additional checks on the PAC of the Kerberos ticket which is available " "in Active Directory and FreeIPA domains, if configured. Please note that " @@ -2813,24 +2820,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2326 +#: sssd.conf.5.xml:2329 msgid "no_check" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2328 +#: sssd.conf.5.xml:2331 msgid "" "The PAC must not be present and even if it is present no additional checks " "will be done." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2334 +#: sssd.conf.5.xml:2337 msgid "pac_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:2339 msgid "" "The PAC must be present in the service ticket which SSSD will request with " "the help of the user's TGT. If the PAC is not available the authentication " @@ -2838,24 +2845,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2344 +#: sssd.conf.5.xml:2347 msgid "check_upn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2346 +#: sssd.conf.5.xml:2349 msgid "" "If the PAC is present check if the user principal name (UPN) information is " "consistent." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2352 +#: sssd.conf.5.xml:2355 msgid "check_upn_allow_missing" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2357 msgid "" "This option should be used together with 'check_upn' and handles the case " "where a UPN is set on the server-side but is not read by SSSD. The typical " @@ -2867,7 +2874,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2366 +#: sssd.conf.5.xml:2369 msgid "" "Currently this option is set by default to avoid regressions in such " "environments. A log message will be added to the system log and SSSD's debug " @@ -2878,60 +2885,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2380 +#: sssd.conf.5.xml:2383 msgid "upn_dns_info_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2382 +#: sssd.conf.5.xml:2385 msgid "The PAC must contain the UPN-DNS-INFO buffer, implies 'check_upn'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2387 +#: sssd.conf.5.xml:2390 msgid "check_upn_dns_info_ex" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2389 +#: sssd.conf.5.xml:2392 msgid "" "If the PAC is present and the extension to the UPN-DNS-INFO buffer is " "available check if the information in the extension is consistent." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2396 +#: sssd.conf.5.xml:2399 msgid "upn_dns_info_ex_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2401 msgid "" "The PAC must contain the extension of the UPN-DNS-INFO buffer, implies " "'check_upn_dns_info_ex', 'upn_dns_info_present' and 'check_upn'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2325 msgid "" "The following options can be used alone or in a comma-separated list: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2408 +#: sssd.conf.5.xml:2411 msgid "" "Default: no_check (AD and IPA provider 'check_upn, check_upn_allow_missing, " "check_upn_dns_info_ex')" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2417 +#: sssd.conf.5.xml:2420 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2419 +#: sssd.conf.5.xml:2422 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2941,66 +2948,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2432 +#: sssd.conf.5.xml:2435 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2436 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:2439 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2443 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:2446 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2446 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:2449 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2451 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:2454 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2454 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:2457 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2463 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:2466 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2466 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:2469 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2439 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:2442 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:2476 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2478 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:2481 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2481 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:2484 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -3008,17 +3015,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2487 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:2490 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2492 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:2495 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2495 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:2498 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -3026,7 +3033,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2501 sssd.conf.5.xml:2533 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:2504 sssd.conf.5.xml:2536 sssd-session-recording.5.xml:129 #: sssd-session-recording.5.xml:161 msgid "" "NOTE: using this option (having it set to anything) has a considerable " @@ -3035,65 +3042,65 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2508 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:2511 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2513 sssd-session-recording.5.xml:141 +#: sssd.conf.5.xml:2516 sssd-session-recording.5.xml:141 #, fuzzy #| msgid "ldap_user_shell (string)" msgid "exclude_users (string)" msgstr "ldap_user_shell (string)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2516 sssd-session-recording.5.xml:144 +#: sssd.conf.5.xml:2519 sssd-session-recording.5.xml:144 msgid "" "A comma-separated list of users to be excluded from recording, only " "applicable with 'scope=all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2520 sssd-session-recording.5.xml:148 +#: sssd.conf.5.xml:2523 sssd-session-recording.5.xml:148 #, fuzzy #| msgid "Default: empty, i.e. ldap_uri is used." msgid "Default: Empty. No users excluded." msgstr "Padrão: empty, ou seja, ldap_uri é usado." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2525 sssd-session-recording.5.xml:153 +#: sssd.conf.5.xml:2528 sssd-session-recording.5.xml:153 #, fuzzy #| msgid "ldap_group_search_base (string)" msgid "exclude_groups (string)" msgstr "ldap_group_search_base (string)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2528 sssd-session-recording.5.xml:156 +#: sssd.conf.5.xml:2531 sssd-session-recording.5.xml:156 msgid "" "A comma-separated list of groups, members of which should be excluded from " "recording. Only applicable with 'scope=all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2540 sssd-session-recording.5.xml:168 +#: sssd.conf.5.xml:2543 sssd-session-recording.5.xml:168 #, fuzzy #| msgid "Default: empty, i.e. ldap_uri is used." msgid "Default: Empty. No groups excluded." msgstr "Padrão: empty, ou seja, ldap_uri é usado." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:2550 +#: sssd.conf.5.xml:2553 msgid "DOMAIN SECTIONS" msgstr "SECÇÕES DE DOMÍNIO" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para> -#: sssd.conf.5.xml:2557 sssd.conf.5.xml:4041 sssd.conf.5.xml:4042 -#: sssd.conf.5.xml:4045 +#: sssd.conf.5.xml:2560 sssd.conf.5.xml:4044 sssd.conf.5.xml:4045 +#: sssd.conf.5.xml:4048 msgid "enabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2560 +#: sssd.conf.5.xml:2563 msgid "" "Explicitly enable or disable the domain. If <quote>true</quote>, the domain " "is always <quote>enabled</quote>. If <quote>false</quote>, the domain is " @@ -3103,12 +3110,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2572 +#: sssd.conf.5.xml:2575 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2578 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -3117,14 +3124,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2583 +#: sssd.conf.5.xml:2586 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2587 +#: sssd.conf.5.xml:2590 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -3133,38 +3140,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2595 +#: sssd.conf.5.xml:2598 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2602 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2603 +#: sssd.conf.5.xml:2606 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2609 +#: sssd.conf.5.xml:2612 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2615 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2617 +#: sssd.conf.5.xml:2620 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -3173,24 +3180,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2627 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2631 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Padrão: 1 para min_id, 0 (sem limite) para max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2637 msgid "enumerate (bool)" msgstr "enumerate (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2637 +#: sssd.conf.5.xml:2640 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -3199,36 +3206,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:2648 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:2651 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2651 sssd.conf.5.xml:2942 sssd.conf.5.xml:3119 +#: sssd.conf.5.xml:2654 sssd.conf.5.xml:2945 sssd.conf.5.xml:3122 msgid "Default: FALSE" msgstr "Padrão: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2654 +#: sssd.conf.5.xml:2657 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2659 +#: sssd.conf.5.xml:2662 msgid "" "Feature is only supported for domains with id_provider = ldap or id_provider " "= proxy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2663 +#: sssd.conf.5.xml:2666 msgid "" "Note: Enabling enumeration has a severe performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -3242,14 +3249,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2678 +#: sssd.conf.5.xml:2681 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2683 +#: sssd.conf.5.xml:2686 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -3258,14 +3265,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2694 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2696 +#: sssd.conf.5.xml:2699 msgid "" "Note: the proxy provider is tested with open source modules like " "'libnss_files' and 'libnss_ldap'. 3rd party modules must follow the " @@ -3273,32 +3280,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2705 +#: sssd.conf.5.xml:2708 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2712 +#: sssd.conf.5.xml:2715 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2716 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2716 +#: sssd.conf.5.xml:2719 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2717 +#: sssd.conf.5.xml:2720 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2708 +#: sssd.conf.5.xml:2711 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -3307,19 +3314,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2731 +#: sssd.conf.5.xml:2734 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2734 +#: sssd.conf.5.xml:2737 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2738 +#: sssd.conf.5.xml:2741 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -3330,139 +3337,139 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2751 +#: sssd.conf.5.xml:2754 msgid "Default: 5400" msgstr "Padrão: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2757 +#: sssd.conf.5.xml:2760 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2760 +#: sssd.conf.5.xml:2763 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2764 sssd.conf.5.xml:2777 sssd.conf.5.xml:2790 -#: sssd.conf.5.xml:2803 sssd.conf.5.xml:2817 sssd.conf.5.xml:2830 -#: sssd.conf.5.xml:2844 sssd.conf.5.xml:2858 sssd.conf.5.xml:2871 +#: sssd.conf.5.xml:2767 sssd.conf.5.xml:2780 sssd.conf.5.xml:2793 +#: sssd.conf.5.xml:2806 sssd.conf.5.xml:2820 sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2847 sssd.conf.5.xml:2861 sssd.conf.5.xml:2874 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2773 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2776 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2783 +#: sssd.conf.5.xml:2786 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2786 +#: sssd.conf.5.xml:2789 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2796 +#: sssd.conf.5.xml:2799 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2799 +#: sssd.conf.5.xml:2802 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2812 msgid "entry_cache_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2812 +#: sssd.conf.5.xml:2815 msgid "" "How many seconds should nss_sss consider hosts and networks entries valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:2826 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2826 +#: sssd.conf.5.xml:2829 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2836 +#: sssd.conf.5.xml:2839 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2839 +#: sssd.conf.5.xml:2842 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2850 +#: sssd.conf.5.xml:2853 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2853 +#: sssd.conf.5.xml:2856 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2867 msgid "entry_cache_computer_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2867 +#: sssd.conf.5.xml:2870 msgid "" "How many seconds to keep the local computer entry before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2877 +#: sssd.conf.5.xml:2880 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2880 +#: sssd.conf.5.xml:2883 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2885 +#: sssd.conf.5.xml:2888 msgid "" "The background refresh will process users, groups and netgroups in the " "cache. For users who have performed the initgroups (get group membership for " @@ -3471,17 +3478,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2893 +#: sssd.conf.5.xml:2896 msgid "This option is automatically inherited for all trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2897 +#: sssd.conf.5.xml:2900 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2901 +#: sssd.conf.5.xml:2904 msgid "" "Cache entry will be refreshed by background task when 2/3 of cache timeout " "has already passed. If there are existing cached entries, the background " @@ -3493,18 +3500,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2914 sssd-ldap.5.xml:361 sssd-ldap.5.xml:1774 +#: sssd.conf.5.xml:2917 sssd-ldap.5.xml:372 sssd-ldap.5.xml:1785 #: sssd-ipa.5.xml:270 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2920 +#: sssd.conf.5.xml:2923 msgid "cache_credentials (bool)" msgstr "cache_credentials (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:2926 msgid "" "Determines if user credentials are also cached in the local LDB cache. The " "cached credentials refer to passwords, which includes the first (long term) " @@ -3515,7 +3522,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2934 +#: sssd.conf.5.xml:2937 msgid "" "Take a note that while credentials are stored as a salted SHA512 hash, this " "still potentially poses some security risk in case an attacker manages to " @@ -3524,12 +3531,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:2951 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2951 +#: sssd.conf.5.xml:2954 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -3537,19 +3544,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2958 +#: sssd.conf.5.xml:2961 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:2972 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:2975 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -3558,17 +3565,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2979 +#: sssd.conf.5.xml:2982 msgid "Default: 0 (unlimited)" msgstr "Padrão: 0 (ilimitado)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:2987 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2995 +#: sssd.conf.5.xml:2998 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -3577,28 +3584,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3002 +#: sssd.conf.5.xml:3005 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3008 +#: sssd.conf.5.xml:3011 msgid "id_provider (string)" msgstr "id_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3011 +#: sssd.conf.5.xml:3014 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3015 +#: sssd.conf.5.xml:3018 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3018 +#: sssd.conf.5.xml:3021 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3606,7 +3613,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3026 +#: sssd.conf.5.xml:3029 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3614,8 +3621,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3034 sssd.conf.5.xml:3145 sssd.conf.5.xml:3196 -#: sssd.conf.5.xml:3259 +#: sssd.conf.5.xml:3037 sssd.conf.5.xml:3148 sssd.conf.5.xml:3199 +#: sssd.conf.5.xml:3262 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Identity Management provider. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3623,8 +3630,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3043 sssd.conf.5.xml:3154 sssd.conf.5.xml:3205 -#: sssd.conf.5.xml:3268 +#: sssd.conf.5.xml:3046 sssd.conf.5.xml:3157 sssd.conf.5.xml:3208 +#: sssd.conf.5.xml:3271 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3632,19 +3639,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3054 +#: sssd.conf.5.xml:3057 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3057 +#: sssd.conf.5.xml:3060 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3062 +#: sssd.conf.5.xml:3065 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -3653,7 +3660,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3070 +#: sssd.conf.5.xml:3073 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -3661,24 +3668,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3077 +#: sssd.conf.5.xml:3080 msgid "" "Default: FALSE (TRUE for trusted domain/sub-domains or if " "default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3084 +#: sssd.conf.5.xml:3087 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3087 +#: sssd.conf.5.xml:3090 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3090 +#: sssd.conf.5.xml:3093 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -3690,7 +3697,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3111 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -3698,30 +3705,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3114 sssd.conf.5.xml:3835 sssd-ldap.5.xml:327 -#: sssd-ldap.5.xml:356 sssd-ldap.5.xml:409 sssd-ldap.5.xml:469 -#: sssd-ldap.5.xml:490 sssd-ldap.5.xml:521 sssd-ldap.5.xml:544 -#: sssd-ldap.5.xml:583 sssd-ldap.5.xml:602 sssd-ldap.5.xml:626 -#: sssd-ldap.5.xml:1054 sssd-ldap.5.xml:1087 +#: sssd.conf.5.xml:3117 sssd.conf.5.xml:3838 sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:367 sssd-ldap.5.xml:420 sssd-ldap.5.xml:480 +#: sssd-ldap.5.xml:501 sssd-ldap.5.xml:532 sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:594 sssd-ldap.5.xml:613 sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:1065 sssd-ldap.5.xml:1098 msgid "" "This option can be also set per subdomain or inherited via " "<emphasis>subdomain_inherit</emphasis>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3124 +#: sssd.conf.5.xml:3127 msgid "auth_provider (string)" msgstr "auth_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3127 +#: sssd.conf.5.xml:3130 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3131 sssd.conf.5.xml:3189 +#: sssd.conf.5.xml:3134 sssd.conf.5.xml:3192 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3729,7 +3736,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3138 +#: sssd.conf.5.xml:3141 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3737,30 +3744,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3162 +#: sssd.conf.5.xml:3165 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3168 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3168 +#: sssd.conf.5.xml:3171 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3174 +#: sssd.conf.5.xml:3177 msgid "access_provider (string)" msgstr "access_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3177 +#: sssd.conf.5.xml:3180 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3768,19 +3775,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3183 +#: sssd.conf.5.xml:3186 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3186 +#: sssd.conf.5.xml:3189 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3213 +#: sssd.conf.5.xml:3216 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3789,7 +3796,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3223 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3797,29 +3804,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3227 +#: sssd.conf.5.xml:3230 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3230 +#: sssd.conf.5.xml:3233 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3235 +#: sssd.conf.5.xml:3238 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3238 +#: sssd.conf.5.xml:3241 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3243 +#: sssd.conf.5.xml:3246 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3827,7 +3834,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3251 +#: sssd.conf.5.xml:3254 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3835,35 +3842,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3276 +#: sssd.conf.5.xml:3279 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3280 +#: sssd.conf.5.xml:3283 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3283 +#: sssd.conf.5.xml:3286 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3290 +#: sssd.conf.5.xml:3293 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3293 +#: sssd.conf.5.xml:3296 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3297 +#: sssd.conf.5.xml:3300 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3871,32 +3878,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3305 +#: sssd.conf.5.xml:3308 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3309 +#: sssd.conf.5.xml:3312 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3313 +#: sssd.conf.5.xml:3316 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3316 sssd.conf.5.xml:3402 sssd.conf.5.xml:3467 -#: sssd.conf.5.xml:3492 sssd.conf.5.xml:3528 +#: sssd.conf.5.xml:3319 sssd.conf.5.xml:3405 sssd.conf.5.xml:3470 +#: sssd.conf.5.xml:3495 sssd.conf.5.xml:3531 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3320 +#: sssd.conf.5.xml:3323 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3907,7 +3914,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3335 +#: sssd.conf.5.xml:3338 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3916,12 +3923,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3345 +#: sssd.conf.5.xml:3348 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3348 +#: sssd.conf.5.xml:3351 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3929,7 +3936,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3354 +#: sssd.conf.5.xml:3357 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3937,31 +3944,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3362 +#: sssd.conf.5.xml:3365 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3365 +#: sssd.conf.5.xml:3368 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3371 +#: sssd.conf.5.xml:3374 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3374 +#: sssd.conf.5.xml:3377 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3380 +#: sssd.conf.5.xml:3383 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3969,7 +3976,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3389 +#: sssd.conf.5.xml:3392 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3978,17 +3985,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3398 +#: sssd.conf.5.xml:3401 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3408 +#: sssd.conf.5.xml:3411 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3411 +#: sssd.conf.5.xml:3414 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3996,36 +4003,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3418 +#: sssd.conf.5.xml:3421 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3422 +#: sssd.conf.5.xml:3425 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3426 +#: sssd.conf.5.xml:3429 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3433 +#: sssd.conf.5.xml:3436 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3436 +#: sssd.conf.5.xml:3439 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3440 +#: sssd.conf.5.xml:3443 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4033,7 +4040,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3447 +#: sssd.conf.5.xml:3450 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4041,7 +4048,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3455 +#: sssd.conf.5.xml:3458 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4049,24 +4056,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3464 +#: sssd.conf.5.xml:3467 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3474 +#: sssd.conf.5.xml:3477 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3477 +#: sssd.conf.5.xml:3480 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3481 +#: sssd.conf.5.xml:3484 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -4074,31 +4081,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3492 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3499 +#: sssd.conf.5.xml:3502 msgid "resolver_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3502 +#: sssd.conf.5.xml:3505 msgid "" "The provider which should handle hosts and networks lookups. Supported " "resolver providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3506 +#: sssd.conf.5.xml:3509 msgid "" "<quote>proxy</quote> to forward lookups to another NSS library. See " "<quote>proxy_resolver_lib_name</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3510 +#: sssd.conf.5.xml:3513 msgid "" "<quote>ldap</quote> to fetch hosts and networks stored in LDAP. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -4106,7 +4113,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3517 +#: sssd.conf.5.xml:3520 msgid "" "<quote>ad</quote> to fetch hosts and networks stored in AD. See " "<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" @@ -4115,12 +4122,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3525 +#: sssd.conf.5.xml:3528 msgid "<quote>none</quote> disallows fetching hosts and networks explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3538 +#: sssd.conf.5.xml:3541 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -4130,24 +4137,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3547 +#: sssd.conf.5.xml:3550 msgid "" "Default: <quote>^((?P<name>.+)@(?P<domain>[^@]*)|(?P<name>" "[^@]+))$</quote> which allows two different styles for user names:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3552 sssd.conf.5.xml:3566 +#: sssd.conf.5.xml:3555 sssd.conf.5.xml:3569 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3555 sssd.conf.5.xml:3569 +#: sssd.conf.5.xml:3558 sssd.conf.5.xml:3572 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3560 +#: sssd.conf.5.xml:3563 msgid "" "Default for the AD and IPA provider: <quote>^(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+))|((?P<name>.+)@(?P<domain>[^@]+))|((?P<" @@ -4156,19 +4163,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3572 +#: sssd.conf.5.xml:3575 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3575 +#: sssd.conf.5.xml:3578 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3580 +#: sssd.conf.5.xml:3583 msgid "" "The default re_expression uses the <quote>@</quote> character as a separator " "between the name and the domain. As a result of this setting the default " @@ -4178,93 +4185,93 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3632 +#: sssd.conf.5.xml:3635 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Default: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3638 +#: sssd.conf.5.xml:3641 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3641 +#: sssd.conf.5.xml:3644 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3645 +#: sssd.conf.5.xml:3648 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3648 +#: sssd.conf.5.xml:3651 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3651 +#: sssd.conf.5.xml:3654 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3654 +#: sssd.conf.5.xml:3657 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3657 +#: sssd.conf.5.xml:3660 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3660 +#: sssd.conf.5.xml:3663 msgid "Default: ipv4_first" msgstr "Default: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3666 +#: sssd.conf.5.xml:3669 #, fuzzy #| msgid "dns_resolver_timeout (integer)" msgid "dns_resolver_server_timeout (integer)" msgstr "dns_resolver_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3669 +#: sssd.conf.5.xml:3672 msgid "" "Defines the amount of time (in milliseconds) SSSD would try to talk to DNS " "server before trying next DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3674 +#: sssd.conf.5.xml:3677 msgid "" "The AD provider will use this option for the CLDAP ping timeouts as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3678 sssd.conf.5.xml:3698 sssd.conf.5.xml:3719 +#: sssd.conf.5.xml:3681 sssd.conf.5.xml:3701 sssd.conf.5.xml:3722 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3683 sssd-ldap.5.xml:645 include/failover.xml:84 +#: sssd.conf.5.xml:3686 sssd-ldap.5.xml:656 include/failover.xml:84 msgid "Default: 1000" msgstr "Padrão: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3689 +#: sssd.conf.5.xml:3692 #, fuzzy #| msgid "dns_resolver_timeout (integer)" msgid "dns_resolver_op_timeout (integer)" msgstr "dns_resolver_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3692 +#: sssd.conf.5.xml:3695 msgid "" "Defines the amount of time (in seconds) to wait to resolve single DNS query " "(e.g. resolution of a hostname or an SRV record) before trying the next " @@ -4272,17 +4279,17 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3703 include/failover.xml:100 +#: sssd.conf.5.xml:3706 include/failover.xml:100 msgid "Default: 3" msgstr "Padrão: 3" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3709 +#: sssd.conf.5.xml:3712 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3712 +#: sssd.conf.5.xml:3715 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -4291,14 +4298,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3730 +#: sssd.conf.5.xml:3733 #, fuzzy #| msgid "dns_resolver_timeout (integer)" msgid "dns_resolver_use_search_list (bool)" msgstr "dns_resolver_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3733 +#: sssd.conf.5.xml:3736 msgid "" "Normally, the DNS resolver searches the domain list defined in the " "\"search\" directive from the resolv.conf file. This can lead to delays in " @@ -4306,7 +4313,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3739 +#: sssd.conf.5.xml:3742 msgid "" "If fully qualified domain names (or _srv_) are used in the SSSD " "configuration, setting this option to FALSE can prevent unnecessary DNS " @@ -4314,36 +4321,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3745 +#: sssd.conf.5.xml:3748 msgid "Default: TRUE" msgstr "Padrão: TRUE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3751 +#: sssd.conf.5.xml:3754 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3754 +#: sssd.conf.5.xml:3757 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3758 +#: sssd.conf.5.xml:3761 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3764 +#: sssd.conf.5.xml:3767 #, fuzzy #| msgid "pam_id_timeout (integer)" msgid "failover_primary_timeout (integer)" msgstr "pam_id_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3767 +#: sssd.conf.5.xml:3770 msgid "" "When no primary server is available, SSSD fails over to a backup server. " "This option defines the number of seconds SSSD waits before attempting to " @@ -4351,59 +4358,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3774 +#: sssd.conf.5.xml:3777 msgid "Note: The minimum value is 31." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3777 +#: sssd.conf.5.xml:3780 #, fuzzy #| msgid "Default: 3" msgid "Default: 31" msgstr "Padrão: 3" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3783 +#: sssd.conf.5.xml:3786 msgid "override_gid (integer)" msgstr "override_gid (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3786 +#: sssd.conf.5.xml:3789 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3792 +#: sssd.conf.5.xml:3795 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3799 +#: sssd.conf.5.xml:3802 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3802 +#: sssd.conf.5.xml:3805 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3808 +#: sssd.conf.5.xml:3811 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3810 +#: sssd.conf.5.xml:3813 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3814 +#: sssd.conf.5.xml:3817 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3817 +#: sssd.conf.5.xml:3820 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -4411,31 +4418,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3825 +#: sssd.conf.5.xml:3828 msgid "" "If you want to set this value for trusted domain with IPA provider, you need " "to set it on both the client and SSSD on the server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3795 +#: sssd.conf.5.xml:3798 msgid "" "Treat user and group names as case sensitive. Possible option values are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3840 +#: sssd.conf.5.xml:3843 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3846 +#: sssd.conf.5.xml:3849 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3849 +#: sssd.conf.5.xml:3852 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -4443,126 +4450,126 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3855 +#: sssd.conf.5.xml:3858 #, fuzzy #| msgid "ldap_search_timeout (integer)" msgid "ldap_search_timeout" msgstr "ldap_search_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3858 +#: sssd.conf.5.xml:3861 #, fuzzy #| msgid "ldap_network_timeout (integer)" msgid "ldap_network_timeout" msgstr "ldap_network_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3861 +#: sssd.conf.5.xml:3864 #, fuzzy #| msgid "ldap_opt_timeout (integer)" msgid "ldap_opt_timeout" msgstr "ldap_opt_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3864 +#: sssd.conf.5.xml:3867 #, fuzzy #| msgid "ldap_enumeration_refresh_timeout (integer)" msgid "ldap_offline_timeout" msgstr "ldap_enumeration_refresh_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3867 +#: sssd.conf.5.xml:3870 #, fuzzy #| msgid "ldap_enumeration_refresh_timeout (integer)" msgid "ldap_enumeration_refresh_timeout" msgstr "ldap_enumeration_refresh_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3870 +#: sssd.conf.5.xml:3873 #, fuzzy #| msgid "ldap_enumeration_refresh_timeout (integer)" msgid "ldap_enumeration_refresh_offset" msgstr "ldap_enumeration_refresh_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3873 +#: sssd.conf.5.xml:3876 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3876 +#: sssd.conf.5.xml:3879 msgid "ldap_purge_cache_offset" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3879 +#: sssd.conf.5.xml:3882 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3883 +#: sssd.conf.5.xml:3886 #, fuzzy #| msgid "ldap_krb5_ticket_lifetime (integer)" msgid "ldap_krb5_ticket_lifetime" msgstr "ldap_krb5_ticket_lifetime (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3886 +#: sssd.conf.5.xml:3889 #, fuzzy #| msgid "ldap_enumeration_refresh_timeout (integer)" msgid "ldap_enumeration_search_timeout" msgstr "ldap_enumeration_refresh_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3889 +#: sssd.conf.5.xml:3892 #, fuzzy #| msgid "ldap_enumeration_refresh_timeout (integer)" msgid "ldap_connection_expire_timeout" msgstr "ldap_enumeration_refresh_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3892 +#: sssd.conf.5.xml:3895 #, fuzzy #| msgid "ldap_enumeration_refresh_timeout (integer)" msgid "ldap_connection_expire_offset" msgstr "ldap_enumeration_refresh_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3895 +#: sssd.conf.5.xml:3898 #, fuzzy #| msgid "ldap_enumeration_refresh_timeout (integer)" msgid "ldap_connection_idle_timeout" msgstr "ldap_enumeration_refresh_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3898 sssd-ldap.5.xml:401 +#: sssd.conf.5.xml:3901 sssd-ldap.5.xml:412 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3901 +#: sssd.conf.5.xml:3904 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3904 +#: sssd.conf.5.xml:3907 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3907 +#: sssd.conf.5.xml:3910 msgid "auto_private_groups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3910 +#: sssd.conf.5.xml:3913 msgid "case_sensitive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3915 +#: sssd.conf.5.xml:3918 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -4570,27 +4577,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3922 +#: sssd.conf.5.xml:3925 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3929 +#: sssd.conf.5.xml:3932 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3940 +#: sssd.conf.5.xml:3943 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3941 +#: sssd.conf.5.xml:3944 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3932 +#: sssd.conf.5.xml:3935 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -4600,34 +4607,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3946 +#: sssd.conf.5.xml:3949 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3950 +#: sssd.conf.5.xml:3953 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3955 +#: sssd.conf.5.xml:3958 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3958 +#: sssd.conf.5.xml:3961 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3964 +#: sssd.conf.5.xml:3967 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3967 +#: sssd.conf.5.xml:3970 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -4636,19 +4643,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3975 +#: sssd.conf.5.xml:3978 msgid "" "This option's value is inherited by all trusted domains. At the moment it is " "not possible to set a different value per trusted domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3980 +#: sssd.conf.5.xml:3983 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3984 +#: sssd.conf.5.xml:3987 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -4656,14 +4663,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3995 +#: sssd.conf.5.xml:3998 #, fuzzy #| msgid "ldap_pwd_policy (string)" msgid "local_auth_policy (string)" msgstr "ldap_pwd_policy (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3998 +#: sssd.conf.5.xml:4001 msgid "" "Local authentication methods policy. Some backends (i.e. LDAP, proxy " "provider) only support a password based authentication, while others can " @@ -4675,7 +4682,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4010 +#: sssd.conf.5.xml:4013 msgid "" "There are three possible values for this option: match, only, enable. " "<quote>match</quote> is used to match offline and online states for Kerberos " @@ -4687,7 +4694,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4023 +#: sssd.conf.5.xml:4026 msgid "" "The following table shows which authentication methods, if configured " "properly, are currently enabled or disabled for each backend, with the " @@ -4695,44 +4702,44 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4036 +#: sssd.conf.5.xml:4039 #, fuzzy #| msgid "ldap_pwd_policy (string)" msgid "local_auth_policy = match (default)" msgstr "ldap_pwd_policy (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4037 +#: sssd.conf.5.xml:4040 msgid "Passkey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4038 +#: sssd.conf.5.xml:4041 msgid "Smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4041 sssd-ldap.5.xml:189 +#: sssd.conf.5.xml:4044 sssd-ldap.5.xml:189 msgid "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4044 sssd-ldap.5.xml:194 +#: sssd.conf.5.xml:4047 sssd-ldap.5.xml:194 msgid "AD" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para> -#: sssd.conf.5.xml:4044 sssd.conf.5.xml:4047 sssd.conf.5.xml:4048 +#: sssd.conf.5.xml:4047 sssd.conf.5.xml:4050 sssd.conf.5.xml:4051 msgid "disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry> -#: sssd.conf.5.xml:4047 +#: sssd.conf.5.xml:4050 msgid "LDAP" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4052 +#: sssd.conf.5.xml:4055 msgid "" "Please note that if local Smartcard authentication is enabled and a " "Smartcard is present, Smartcard authentication will be preferred over the " @@ -4741,7 +4748,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4064 +#: sssd.conf.5.xml:4067 #, no-wrap msgid "" "[domain/shadowutils]\n" @@ -4752,7 +4759,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4060 +#: sssd.conf.5.xml:4063 msgid "" "The following configuration example allows local users to authenticate " "locally using any enabled method (i.e. smartcard, passkey). <placeholder " @@ -4760,38 +4767,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4072 +#: sssd.conf.5.xml:4075 msgid "" "It is expected that the <quote>files</quote> provider ignores the " "local_auth_policy option and supports Smartcard authentication by default." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4077 +#: sssd.conf.5.xml:4080 #, fuzzy #| msgid "Default: cn" msgid "Default: match" msgstr "Padrão: NC" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4082 +#: sssd.conf.5.xml:4085 msgid "auto_private_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4088 +#: sssd.conf.5.xml:4091 msgid "true" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4091 +#: sssd.conf.5.xml:4094 msgid "" "Create user's private group unconditionally from user's UID number. The GID " "number is ignored in this case." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4095 +#: sssd.conf.5.xml:4098 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -4800,24 +4807,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4104 +#: sssd.conf.5.xml:4107 msgid "false" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4107 +#: sssd.conf.5.xml:4110 msgid "" "Always use the user's primary GID number. The GID number must refer to a " "group object in the LDAP database." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4113 +#: sssd.conf.5.xml:4116 msgid "hybrid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4116 +#: sssd.conf.5.xml:4119 msgid "" "A primary group is autogenerated for user entries whose UID and GID numbers " "have the same value and at the same time the GID number does not correspond " @@ -4827,14 +4834,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4129 +#: sssd.conf.5.xml:4132 msgid "" "If the UID and GID of a user are different, then the GID must correspond to " "a group entry, otherwise the GID is simply not resolvable." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4136 +#: sssd.conf.5.xml:4139 msgid "" "This feature is useful for environments that wish to stop maintaining a " "separate group objects for the user private groups, but also wish to retain " @@ -4842,21 +4849,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4085 +#: sssd.conf.5.xml:4088 msgid "" "This option takes any of three available values: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4148 +#: sssd.conf.5.xml:4151 msgid "" "For subdomains, the default value is False for subdomains that use assigned " "POSIX IDs and True for subdomains that use automatic ID-mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4156 +#: sssd.conf.5.xml:4159 #, no-wrap msgid "" "[domain/forest.domain/sub.domain]\n" @@ -4864,7 +4871,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4162 +#: sssd.conf.5.xml:4165 #, no-wrap msgid "" "[domain/forest.domain]\n" @@ -4873,7 +4880,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4153 +#: sssd.conf.5.xml:4156 msgid "" "The value of auto_private_groups can either be set per subdomains in a " "subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " @@ -4882,7 +4889,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2552 +#: sssd.conf.5.xml:2555 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -4890,17 +4897,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4177 +#: sssd.conf.5.xml:4180 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4180 +#: sssd.conf.5.xml:4183 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4183 +#: sssd.conf.5.xml:4186 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here. As an alternative you can " @@ -4908,12 +4915,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4193 +#: sssd.conf.5.xml:4196 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4196 +#: sssd.conf.5.xml:4199 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -4921,12 +4928,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4206 +#: sssd.conf.5.xml:4209 msgid "proxy_resolver_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4209 +#: sssd.conf.5.xml:4212 msgid "" "The name of the NSS library to use for hosts and networks lookups in proxy " "domains. The NSS functions searched for in the library are in the form of " @@ -4934,12 +4941,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4220 +#: sssd.conf.5.xml:4223 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4223 +#: sssd.conf.5.xml:4226 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -4948,12 +4955,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4237 +#: sssd.conf.5.xml:4240 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4240 +#: sssd.conf.5.xml:4243 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -4961,19 +4968,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4173 +#: sssd.conf.5.xml:4176 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" " "id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:4256 +#: sssd.conf.5.xml:4259 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4258 +#: sssd.conf.5.xml:4261 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -4990,7 +4997,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4278 +#: sssd.conf.5.xml:4281 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -4998,17 +5005,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:4284 +#: sssd.conf.5.xml:4287 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4286 +#: sssd.conf.5.xml:4289 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4289 +#: sssd.conf.5.xml:4292 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -5017,7 +5024,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4303 +#: sssd.conf.5.xml:4306 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -5027,7 +5034,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:4311 +#: sssd.conf.5.xml:4314 #, no-wrap msgid "" "[sssd]\n" @@ -5047,12 +5054,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4331 +#: sssd.conf.5.xml:4334 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4333 +#: sssd.conf.5.xml:4336 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -5063,69 +5070,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4340 +#: sssd.conf.5.xml:4343 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4341 +#: sssd.conf.5.xml:4344 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4342 +#: sssd.conf.5.xml:4345 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4343 +#: sssd.conf.5.xml:4346 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4344 +#: sssd.conf.5.xml:4347 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4345 +#: sssd.conf.5.xml:4348 msgid "ldap_sasl_mech," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4346 +#: sssd.conf.5.xml:4349 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4347 +#: sssd.conf.5.xml:4350 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4348 +#: sssd.conf.5.xml:4351 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4349 sssd-ipa.5.xml:884 +#: sssd.conf.5.xml:4352 sssd-ipa.5.xml:948 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4353 +#: sssd.conf.5.xml:4356 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4359 +#: sssd.conf.5.xml:4362 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4361 +#: sssd.conf.5.xml:4364 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -5138,7 +5145,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4375 +#: sssd.conf.5.xml:4378 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -5146,7 +5153,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4384 +#: sssd.conf.5.xml:4387 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -5155,55 +5162,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4391 +#: sssd.conf.5.xml:4394 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4394 +#: sssd.conf.5.xml:4397 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4398 +#: sssd.conf.5.xml:4401 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4405 +#: sssd.conf.5.xml:4408 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4408 +#: sssd.conf.5.xml:4411 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4414 +#: sssd.conf.5.xml:4417 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4420 +#: sssd.conf.5.xml:4423 msgid "" -"The RULE_NAME for the <quote>files</quote> provider which tries to find a " -"user with the same name." +"If maprule is not set and provider is <quote>proxy</quote><phrase " +"condition=\"with_files_provider\">  or <quote>files</quote></phrase>, " +"the RULE_NAME name is assumed to be the name of the matching user." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4429 +#: sssd.conf.5.xml:4434 msgid "domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4432 +#: sssd.conf.5.xml:4437 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -5212,17 +5220,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4439 +#: sssd.conf.5.xml:4444 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4444 +#: sssd.conf.5.xml:4449 msgid "priority (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4447 +#: sssd.conf.5.xml:4452 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -5230,26 +5238,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4453 +#: sssd.conf.5.xml:4458 msgid "Default: the lowest priority" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4459 +#: sssd.conf.5.xml:4464 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4465 +#: sssd.conf.5.xml:4470 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4471 +#: sssd.conf.5.xml:4476 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -5258,17 +5266,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4480 +#: sssd.conf.5.xml:4485 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4488 +#: sssd.conf.5.xml:4493 msgid "PROMPTING CONFIGURATION SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4490 +#: sssd.conf.5.xml:4495 msgid "" "If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" "filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " @@ -5278,7 +5286,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4498 +#: sssd.conf.5.xml:4503 msgid "" "With the growing number of authentication methods and the possibility that " "there are multiple ones for a single user the heuristic used by pam_sss to " @@ -5287,59 +5295,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4510 +#: sssd.conf.5.xml:4515 msgid "[prompting/password]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4513 +#: sssd.conf.5.xml:4518 msgid "password_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4514 +#: sssd.conf.5.xml:4519 msgid "to change the string of the password prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4512 +#: sssd.conf.5.xml:4517 msgid "" "to configure password prompting, allowed options are: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4522 +#: sssd.conf.5.xml:4527 msgid "[prompting/2fa]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4526 +#: sssd.conf.5.xml:4531 msgid "first_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4527 +#: sssd.conf.5.xml:4532 msgid "to change the string of the prompt for the first factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4530 +#: sssd.conf.5.xml:4535 msgid "second_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4531 +#: sssd.conf.5.xml:4536 msgid "to change the string of the prompt for the second factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4534 +#: sssd.conf.5.xml:4539 msgid "single_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4535 +#: sssd.conf.5.xml:4540 msgid "" "boolean value, if True there will be only a single prompt using the value of " "first_prompt where it is expected that both factors are entered as a single " @@ -5348,7 +5356,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4524 +#: sssd.conf.5.xml:4529 msgid "" "to configure two-factor authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/> If the second factor is " @@ -5357,7 +5365,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4548 +#: sssd.conf.5.xml:4553 msgid "" "Some clients, such as SSH with 'PasswordAuthentication yes', generate their " "own prompts and do not use prompts provided by SSSD or other PAM modules. " @@ -5368,17 +5376,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4563 +#: sssd.conf.5.xml:4568 msgid "[prompting/passkey]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4569 sssd-ad.5.xml:1022 +#: sssd.conf.5.xml:4574 sssd-ad.5.xml:1022 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4571 +#: sssd.conf.5.xml:4576 msgid "" "boolean value, if True prompt a message and wait before testing the presence " "of a passkey device. Recommended if your device doesn’t have a tactile " @@ -5386,46 +5394,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4579 +#: sssd.conf.5.xml:4584 msgid "interactive_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4581 +#: sssd.conf.5.xml:4586 msgid "to change the message of the interactive prompt." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4586 +#: sssd.conf.5.xml:4591 msgid "touch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4588 +#: sssd.conf.5.xml:4593 msgid "" "boolean value, if True prompt a message to remind the user to touch the " "device." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4594 +#: sssd.conf.5.xml:4599 msgid "touch_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4596 +#: sssd.conf.5.xml:4601 msgid "to change the message of the touch prompt." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4565 +#: sssd.conf.5.xml:4570 msgid "" "to configure passkey authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4505 +#: sssd.conf.5.xml:4510 msgid "" "Each supported authentication method has its own configuration subsection " "under <quote>[prompting/...]</quote>. Currently there are: <placeholder " @@ -5434,7 +5442,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4607 +#: sssd.conf.5.xml:4612 msgid "" "It is possible to add a subsection for specific PAM services, e.g. " "<quote>[prompting/password/sshd]</quote> to individual change the prompting " @@ -5442,12 +5450,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4614 pam_sss_gss.8.xml:157 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:4619 pam_sss_gss.8.xml:157 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4620 +#: sssd.conf.5.xml:4625 #, fuzzy, no-wrap #| msgid "" #| "[sssd]\n" @@ -5525,7 +5533,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4616 +#: sssd.conf.5.xml:4621 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -5534,7 +5542,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4652 +#: sssd.conf.5.xml:4657 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -5542,7 +5550,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4646 +#: sssd.conf.5.xml:4651 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -5553,7 +5561,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4663 +#: sssd.conf.5.xml:4668 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -5564,7 +5572,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4657 +#: sssd.conf.5.xml:4662 msgid "" "3. The following example shows the configuration of a certificate mapping " "rule. It is valid for the configured domain <quote>my.domain</quote> and " @@ -5838,8 +5846,17 @@ msgstr "" msgid "ldap_modify - Direct modification of userPassword (not recommended)." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:239 +msgid "" +"exop_force - Try Password Modify Extended Operation (RFC 3062) even if there " +"are no grace logins left. Depending on the type and configuration of the " +"LDAP server the password change might fail because an authenticated bind is " +"not possible." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:240 +#: sssd-ldap.5.xml:251 msgid "" "Note: First, a new connection is established to verify current password by " "binding as the user that requested password change. If successful, this " @@ -5848,74 +5865,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:248 +#: sssd-ldap.5.xml:259 msgid "Default: exop" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:265 msgid "ldap_default_bind_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:268 msgid "The default bind DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:264 +#: sssd-ldap.5.xml:275 msgid "ldap_default_authtok_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:267 +#: sssd-ldap.5.xml:278 msgid "The type of the authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:271 +#: sssd-ldap.5.xml:282 msgid "The two mechanisms currently supported are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:274 +#: sssd-ldap.5.xml:285 msgid "password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:288 msgid "obfuscated_password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:291 msgid "Default: password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:283 +#: sssd-ldap.5.xml:294 msgid "" "See the <citerefentry> <refentrytitle>sss_obfuscate</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> manual page for more information." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:294 +#: sssd-ldap.5.xml:305 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 +#: sssd-ldap.5.xml:308 msgid "The authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:314 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:317 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -5924,24 +5941,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:319 +#: sssd-ldap.5.xml:330 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:322 +#: sssd-ldap.5.xml:333 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:349 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:341 +#: sssd-ldap.5.xml:352 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -5949,7 +5966,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:358 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -5958,12 +5975,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:367 +#: sssd-ldap.5.xml:378 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:370 +#: sssd-ldap.5.xml:381 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5971,7 +5988,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:377 +#: sssd-ldap.5.xml:388 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5981,7 +5998,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:397 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5991,67 +6008,67 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:395 +#: sssd-ldap.5.xml:406 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 +#: sssd-ldap.5.xml:415 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:414 +#: sssd-ldap.5.xml:425 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:420 +#: sssd-ldap.5.xml:431 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:423 +#: sssd-ldap.5.xml:434 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:427 sssd-ipa.5.xml:462 sssd-ipa.5.xml:481 sssd-ipa.5.xml:500 -#: sssd-ipa.5.xml:519 +#: sssd-ldap.5.xml:438 sssd-ipa.5.xml:526 sssd-ipa.5.xml:545 sssd-ipa.5.xml:564 +#: sssd-ipa.5.xml:583 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " "multiple search bases." msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:432 sssd-ipa.5.xml:467 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:443 sssd-ipa.5.xml:531 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:450 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:444 +#: sssd-ldap.5.xml:455 msgid "ldap_iphost_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:449 +#: sssd-ldap.5.xml:460 msgid "ldap_ipnetwork_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:465 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:468 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -6059,7 +6076,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:463 +#: sssd-ldap.5.xml:474 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -6067,12 +6084,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:480 +#: sssd-ldap.5.xml:491 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:483 +#: sssd-ldap.5.xml:494 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -6080,12 +6097,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:501 +#: sssd-ldap.5.xml:512 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:504 +#: sssd-ldap.5.xml:515 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -6096,12 +6113,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:532 +#: sssd-ldap.5.xml:543 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:546 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -6110,12 +6127,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:566 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:569 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -6124,7 +6141,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:577 msgid "" "If the connection is idle (not actively running an operation) within " "<emphasis>ldap_opt_timeout</emphasis> seconds of expiration, then it will be " @@ -6135,38 +6152,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:578 +#: sssd-ldap.5.xml:589 msgid "" "This timeout can be extended of a random value specified by " "<emphasis>ldap_connection_expire_offset</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:588 sssd-ldap.5.xml:631 sssd-ldap.5.xml:1749 +#: sssd-ldap.5.xml:599 sssd-ldap.5.xml:642 sssd-ldap.5.xml:1760 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:594 +#: sssd-ldap.5.xml:605 msgid "ldap_connection_expire_offset (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:597 +#: sssd-ldap.5.xml:608 msgid "" "Random offset between 0 and configured value is added to " "<emphasis>ldap_connection_expire_timeout</emphasis>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:624 #, fuzzy #| msgid "ldap_network_timeout (integer)" msgid "ldap_connection_idle_timeout (integer)" msgstr "ldap_network_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 +#: sssd-ldap.5.xml:627 msgid "" "Specifies a timeout (in seconds) that an idle connection to an LDAP server " "will be maintained. If the connection is idle for more than this time then " @@ -6174,29 +6191,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:622 +#: sssd-ldap.5.xml:633 msgid "You can disable this timeout by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:648 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:651 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:662 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:654 +#: sssd-ldap.5.xml:665 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -6204,14 +6221,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:660 +#: sssd-ldap.5.xml:671 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:666 +#: sssd-ldap.5.xml:677 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -6219,17 +6236,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:678 +#: sssd-ldap.5.xml:689 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:681 +#: sssd-ldap.5.xml:692 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:684 +#: sssd-ldap.5.xml:695 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -6239,12 +6256,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:699 +#: sssd-ldap.5.xml:710 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 +#: sssd-ldap.5.xml:713 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -6252,17 +6269,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:708 sssd-ldap.5.xml:724 +#: sssd-ldap.5.xml:719 sssd-ldap.5.xml:735 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:715 +#: sssd-ldap.5.xml:726 msgid "ldap_sasl_maxssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:718 +#: sssd-ldap.5.xml:729 msgid "" "When communicating with an LDAP server using SASL, specify the maximal " "security level necessary to establish the connection. The values of this " @@ -6270,12 +6287,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:742 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:734 +#: sssd-ldap.5.xml:745 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -6283,7 +6300,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:740 +#: sssd-ldap.5.xml:751 msgid "" "You can turn off dereference lookups completely by setting the value to 0. " "Please note that there are some codepaths in SSSD, like the IPA HBAC " @@ -6294,7 +6311,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:751 +#: sssd-ldap.5.xml:762 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -6303,7 +6320,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 +#: sssd-ldap.5.xml:770 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -6311,12 +6328,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:783 msgid "ldap_ignore_unreadable_references (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 +#: sssd-ldap.5.xml:786 msgid "" "Ignore unreadable LDAP entries referenced in group's member attribute. If " "this parameter is set to false an error will be returned and the operation " @@ -6324,7 +6341,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:782 +#: sssd-ldap.5.xml:793 msgid "" "This parameter may be useful when using the AD provider and the computer " "account that sssd uses to connect to AD does not have access to a particular " @@ -6332,19 +6349,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:795 +#: sssd-ldap.5.xml:806 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:798 +#: sssd-ldap.5.xml:809 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 +#: sssd-ldap.5.xml:815 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -6353,7 +6370,7 @@ msgstr "" "qualquer certificado de servidor." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:808 +#: sssd-ldap.5.xml:819 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6361,7 +6378,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:826 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6369,7 +6386,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:821 +#: sssd-ldap.5.xml:832 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -6377,41 +6394,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:838 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:831 +#: sssd-ldap.5.xml:842 msgid "Default: hard" msgstr "Padrão: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:837 +#: sssd-ldap.5.xml:848 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:840 +#: sssd-ldap.5.xml:851 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 sssd-ldap.5.xml:864 sssd-ldap.5.xml:905 +#: sssd-ldap.5.xml:856 sssd-ldap.5.xml:875 sssd-ldap.5.xml:916 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:852 +#: sssd-ldap.5.xml:863 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:866 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -6421,32 +6438,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:871 +#: sssd-ldap.5.xml:882 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:885 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 +#: sssd-ldap.5.xml:895 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:898 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:907 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:910 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -6454,12 +6471,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 +#: sssd-ldap.5.xml:923 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:926 msgid "" "Specifies that the id_provider connection must also use <systemitem " "class=\"protocol\">tls</systemitem> to protect the channel. <emphasis>true</" @@ -6467,12 +6484,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:937 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:940 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -6480,17 +6497,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:946 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:945 +#: sssd-ldap.5.xml:956 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:959 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -6501,24 +6518,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:960 +#: sssd-ldap.5.xml:971 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:966 +#: sssd-ldap.5.xml:977 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:969 +#: sssd-ldap.5.xml:980 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " "tested and supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 +#: sssd-ldap.5.xml:984 msgid "" "If the backend supports sub-domains the value of ldap_sasl_mech is " "automatically inherited to the sub-domains. If a different value is needed " @@ -6529,12 +6546,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:989 +#: sssd-ldap.5.xml:1000 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1001 +#: sssd-ldap.5.xml:1012 #, no-wrap msgid "" "hostname@REALM\n" @@ -6547,7 +6564,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:992 +#: sssd-ldap.5.xml:1003 msgid "" "Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " "this represents the Kerberos principal used for authentication to the " @@ -6559,17 +6576,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1012 +#: sssd-ldap.5.xml:1023 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1018 +#: sssd-ldap.5.xml:1029 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1032 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6577,50 +6594,50 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1038 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 +#: sssd-ldap.5.xml:1044 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 +#: sssd-ldap.5.xml:1047 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1041 +#: sssd-ldap.5.xml:1052 msgid "Default: false;" msgstr "Padrão: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1047 +#: sssd-ldap.5.xml:1058 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1050 +#: sssd-ldap.5.xml:1061 msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 sssd-krb5.5.xml:247 +#: sssd-ldap.5.xml:1070 sssd-krb5.5.xml:247 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Padrão: Sistema keytab, normalmente <filename>/etc/krb5.keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 +#: sssd-ldap.5.xml:1076 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 +#: sssd-ldap.5.xml:1079 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -6628,28 +6645,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1080 +#: sssd-ldap.5.xml:1091 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1094 msgid "" "Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1092 sssd-ad.5.xml:1253 +#: sssd-ldap.5.xml:1103 sssd-ad.5.xml:1256 msgid "Default: 86400 (24 hours)" msgstr "Padrão: 86400 (24 horas)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1098 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1109 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1101 +#: sssd-ldap.5.xml:1112 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6661,7 +6678,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1113 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1124 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6669,7 +6686,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1118 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1129 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -6677,39 +6694,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1127 sssd-ipa.5.xml:531 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1138 sssd-ipa.5.xml:595 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1130 +#: sssd-ldap.5.xml:1141 msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1134 +#: sssd-ldap.5.xml:1145 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1140 include/krb5_options.xml:154 +#: sssd-ldap.5.xml:1151 include/krb5_options.xml:154 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1143 +#: sssd-ldap.5.xml:1154 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1155 sssd-krb5.5.xml:336 +#: sssd-ldap.5.xml:1166 sssd-krb5.5.xml:336 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1158 sssd-krb5.5.xml:339 +#: sssd-ldap.5.xml:1169 sssd-krb5.5.xml:339 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -6719,7 +6736,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 sssd-krb5.5.xml:350 +#: sssd-ldap.5.xml:1180 sssd-krb5.5.xml:350 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -6727,26 +6744,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1183 +#: sssd-ldap.5.xml:1194 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1186 +#: sssd-ldap.5.xml:1197 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1202 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1196 +#: sssd-ldap.5.xml:1207 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -6755,7 +6772,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1204 +#: sssd-ldap.5.xml:1215 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -6763,31 +6780,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1213 +#: sssd-ldap.5.xml:1224 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1232 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1235 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 +#: sssd-ldap.5.xml:1239 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1233 +#: sssd-ldap.5.xml:1244 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6800,51 +6817,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1263 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1255 +#: sssd-ldap.5.xml:1266 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1259 +#: sssd-ldap.5.xml:1270 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1265 +#: sssd-ldap.5.xml:1276 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1279 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 +#: sssd-ldap.5.xml:1284 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1290 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 +#: sssd-ldap.5.xml:1293 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1288 +#: sssd-ldap.5.xml:1299 msgid "" "It is recommend to set this option explicitly if \"ldap_pwd_policy = " "shadow\" is used to let SSSD know if the LDAP server will update " @@ -6853,12 +6870,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1313 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1305 +#: sssd-ldap.5.xml:1316 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6874,12 +6891,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1336 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1328 +#: sssd-ldap.5.xml:1339 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6888,14 +6905,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1332 +#: sssd-ldap.5.xml:1343 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 +#: sssd-ldap.5.xml:1348 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6904,24 +6921,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1345 sssd-ldap.5.xml:1401 +#: sssd-ldap.5.xml:1356 sssd-ldap.5.xml:1412 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1351 +#: sssd-ldap.5.xml:1362 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1354 +#: sssd-ldap.5.xml:1365 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1358 +#: sssd-ldap.5.xml:1369 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6929,19 +6946,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1365 +#: sssd-ldap.5.xml:1376 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1368 +#: sssd-ldap.5.xml:1379 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1373 +#: sssd-ldap.5.xml:1384 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6950,7 +6967,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1380 +#: sssd-ldap.5.xml:1391 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6958,7 +6975,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1386 +#: sssd-ldap.5.xml:1397 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6967,7 +6984,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1394 +#: sssd-ldap.5.xml:1405 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6975,22 +6992,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1407 +#: sssd-ldap.5.xml:1418 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1410 sssd-ipa.5.xml:356 +#: sssd-ldap.5.xml:1421 sssd-ipa.5.xml:420 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 +#: sssd-ldap.5.xml:1425 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1417 +#: sssd-ldap.5.xml:1428 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -7000,14 +7017,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1427 +#: sssd-ldap.5.xml:1438 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1434 +#: sssd-ldap.5.xml:1445 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -7020,12 +7037,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1451 +#: sssd-ldap.5.xml:1462 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 sssd-ipa.5.xml:364 +#: sssd-ldap.5.xml:1466 sssd-ipa.5.xml:428 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -7035,31 +7052,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1465 sssd-ipa.5.xml:374 +#: sssd-ldap.5.xml:1476 sssd-ipa.5.xml:438 msgid "" "The difference between these options is the action taken if user password is " "expired:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1470 sssd-ipa.5.xml:379 +#: sssd-ldap.5.xml:1481 sssd-ipa.5.xml:443 msgid "pwd_expire_policy_reject - user is denied to log in," msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1476 sssd-ipa.5.xml:385 +#: sssd-ldap.5.xml:1487 sssd-ipa.5.xml:449 msgid "pwd_expire_policy_warn - user is still able to log in," msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1482 sssd-ipa.5.xml:391 +#: sssd-ldap.5.xml:1493 sssd-ipa.5.xml:455 msgid "" "pwd_expire_policy_renew - user is prompted to change their password " "immediately." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1490 +#: sssd-ldap.5.xml:1501 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to shadow or mit_kerberos, these " @@ -7067,50 +7084,50 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1507 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1501 +#: sssd-ldap.5.xml:1512 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1505 +#: sssd-ldap.5.xml:1516 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1520 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1514 +#: sssd-ldap.5.xml:1525 msgid "Default: filter" msgstr "Padrão: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1528 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1524 +#: sssd-ldap.5.xml:1535 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 +#: sssd-ldap.5.xml:1538 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -7119,74 +7136,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:1546 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1538 +#: sssd-ldap.5.xml:1549 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1555 msgid "ldap_deref (string)" msgstr "ldap_deref (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1558 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1563 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1556 +#: sssd-ldap.5.xml:1567 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1561 +#: sssd-ldap.5.xml:1572 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1566 +#: sssd-ldap.5.xml:1577 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 +#: sssd-ldap.5.xml:1582 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1579 +#: sssd-ldap.5.xml:1590 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1593 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1586 +#: sssd-ldap.5.xml:1597 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -7197,7 +7214,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1597 +#: sssd-ldap.5.xml:1608 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -7205,62 +7222,62 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1609 sssd-ifp.5.xml:152 +#: sssd-ldap.5.xml:1620 sssd-ifp.5.xml:152 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1612 +#: sssd-ldap.5.xml:1623 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1616 +#: sssd-ldap.5.xml:1627 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1631 msgid "Default: 1000 (often the size of one page)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1626 +#: sssd-ldap.5.xml:1637 #, fuzzy #| msgid "ldap_page_size (integer)" msgid "ldap_library_debug_level (integer)" msgstr "ldap_page_size (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1629 +#: sssd-ldap.5.xml:1640 msgid "" "Switches on libldap debugging with the given level. The libldap debug " "messages will be written independent of the general debug_level." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1634 +#: sssd-ldap.5.xml:1645 msgid "" "OpenLDAP uses a bitmap to enable debugging for specific components, -1 will " "enable full debug output." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1639 +#: sssd-ldap.5.xml:1650 msgid "Default: 0 (libldap debugging disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1645 +#: sssd-ldap.5.xml:1656 #, fuzzy #| msgid "ldap_id_use_start_tls (boolean)" msgid "ldap_use_ppolicy (boolean)" msgstr "ldap_id_use_start_tls (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1659 msgid "" "Turns on requesting and relying on the server-side password policy controls. " "Disabling this allows interacting with services which send back invalid " @@ -7268,14 +7285,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1671 #, fuzzy #| msgid "ldap_page_size (integer)" msgid "ldap_ppolicy_pwd_change_threshold (integer)" msgstr "ldap_page_size (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1663 +#: sssd-ldap.5.xml:1674 msgid "" "Forces a password change when server side password policy controls are " "enabled and remaining grace logins returned by the server after the " @@ -7298,12 +7315,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1683 +#: sssd-ldap.5.xml:1694 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1685 +#: sssd-ldap.5.xml:1696 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -7311,43 +7328,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 +#: sssd-ldap.5.xml:1707 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 +#: sssd-ldap.5.xml:1710 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1715 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1709 +#: sssd-ldap.5.xml:1720 msgid "" "You can disable full refresh by setting this option to 0. However, either " "smart or full refresh must be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1725 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1720 +#: sssd-ldap.5.xml:1731 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1734 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest " @@ -7355,14 +7372,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1740 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1733 +#: sssd-ldap.5.xml:1744 msgid "" "<emphasis>Note:</emphasis> the highest USN value can be updated by three " "tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " @@ -7372,21 +7389,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1744 +#: sssd-ldap.5.xml:1755 msgid "" "You can disable smart refresh by setting this option to 0. However, either " "smart or full refresh must be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1755 +#: sssd-ldap.5.xml:1766 #, fuzzy #| msgid "ldap_opt_timeout (integer)" msgid "ldap_sudo_random_offset (integer)" msgstr "ldap_opt_timeout (integer)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1758 +#: sssd-ldap.5.xml:1769 msgid "" "Random offset between 0 and configured value is added to smart and full " "refresh periods each time the periodic task is scheduled. The value is in " @@ -7394,7 +7411,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 +#: sssd-ldap.5.xml:1775 msgid "" "Note that this random offset is also applied on the first SSSD start which " "delays the first sudo rules refresh. This prolongs the time when the sudo " @@ -7402,106 +7419,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1770 +#: sssd-ldap.5.xml:1781 msgid "You can disable this offset by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1780 +#: sssd-ldap.5.xml:1791 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1794 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1794 +#: sssd-ldap.5.xml:1805 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1797 +#: sssd-ldap.5.xml:1808 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1813 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1807 sssd-ldap.5.xml:1830 sssd-ldap.5.xml:1848 -#: sssd-ldap.5.xml:1866 +#: sssd-ldap.5.xml:1818 sssd-ldap.5.xml:1841 sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1877 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1812 sssd-ldap.5.xml:1835 +#: sssd-ldap.5.xml:1823 sssd-ldap.5.xml:1846 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1818 +#: sssd-ldap.5.xml:1829 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1821 +#: sssd-ldap.5.xml:1832 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1826 +#: sssd-ldap.5.xml:1837 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1841 +#: sssd-ldap.5.xml:1852 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1855 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1870 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1862 +#: sssd-ldap.5.xml:1873 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:1872 +#: sssd-ldap.5.xml:1883 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1884 +#: sssd-ldap.5.xml:1895 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7510,59 +7527,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1894 +#: sssd-ldap.5.xml:1905 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1896 +#: sssd-ldap.5.xml:1907 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1913 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1905 +#: sssd-ldap.5.xml:1916 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1919 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1919 +#: sssd-ldap.5.xml:1930 msgid "ADVANCED OPTIONS" msgstr "OPÇÕES AVANÇADAS" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1926 +#: sssd-ldap.5.xml:1937 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1931 +#: sssd-ldap.5.xml:1942 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1936 +#: sssd-ldap.5.xml:1947 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:1941 +#: sssd-ldap.5.xml:1952 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:1943 +#: sssd-ldap.5.xml:1954 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -7571,22 +7588,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:1950 +#: sssd-ldap.5.xml:1961 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:1963 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1968 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1921 +#: sssd-ldap.5.xml:1932 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -7595,14 +7612,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1972 sssd-simple.5.xml:131 sssd-ipa.5.xml:930 -#: sssd-ad.5.xml:1392 sssd-krb5.5.xml:483 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:1983 sssd-simple.5.xml:131 sssd-ipa.5.xml:994 +#: sssd-ad.5.xml:1459 sssd-krb5.5.xml:483 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:155 sssd-session-recording.5.xml:176 msgid "EXAMPLE" msgstr "EXEMPLO" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1974 +#: sssd-ldap.5.xml:1985 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -7610,7 +7627,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1980 +#: sssd-ldap.5.xml:1991 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7623,27 +7640,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:1979 sssd-ldap.5.xml:1997 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:938 sssd-ad.5.xml:1400 sssd-sudo.5.xml:56 sssd-krb5.5.xml:492 -#: sssd-files.5.xml:162 sssd-files.5.xml:173 sssd-session-recording.5.xml:182 -#: include/ldap_id_mapping.xml:105 +#: sssd-ldap.5.xml:1990 sssd-ldap.5.xml:2008 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:1002 sssd-ad.5.xml:1467 sssd-sudo.5.xml:56 +#: sssd-krb5.5.xml:492 sssd-files.5.xml:162 sssd-files.5.xml:173 +#: sssd-session-recording.5.xml:182 include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1991 +#: sssd-ldap.5.xml:2002 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1993 +#: sssd-ldap.5.xml:2004 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1998 +#: sssd-ldap.5.xml:2009 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7659,13 +7676,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2013 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1415 sssd.8.xml:270 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2024 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1482 sssd.8.xml:270 sss_seed.8.xml:163 msgid "NOTES" msgstr "NOTAS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2015 +#: sssd-ldap.5.xml:2026 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -9916,7 +9933,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 sssd-ad.5.xml:1182 +#: sssd-ipa.5.xml:129 sssd-ad.5.xml:1185 msgid "dyndns_update (boolean)" msgstr "" @@ -9931,7 +9948,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:141 sssd-ad.5.xml:1196 +#: sssd-ipa.5.xml:141 sssd-ad.5.xml:1199 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -9946,12 +9963,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:158 sssd-ad.5.xml:1207 +#: sssd-ipa.5.xml:158 sssd-ad.5.xml:1210 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:161 sssd-ad.5.xml:1210 +#: sssd-ipa.5.xml:161 sssd-ad.5.xml:1213 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -9972,12 +9989,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:178 sssd-ad.5.xml:1221 +#: sssd-ipa.5.xml:178 sssd-ad.5.xml:1224 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:181 sssd-ad.5.xml:1224 +#: sssd-ipa.5.xml:181 sssd-ad.5.xml:1227 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -10001,17 +10018,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:198 sssd-ad.5.xml:1235 +#: sssd-ipa.5.xml:198 sssd-ad.5.xml:1238 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:204 sssd-ad.5.xml:1291 +#: sssd-ipa.5.xml:204 sssd-ad.5.xml:1294 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:207 sssd-ad.5.xml:1294 +#: sssd-ipa.5.xml:207 sssd-ad.5.xml:1297 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -10019,19 +10036,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:213 sssd-ad.5.xml:1300 +#: sssd-ipa.5.xml:213 sssd-ad.5.xml:1303 msgid "Default: GSS-TSIG" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:219 sssd-ad.5.xml:1306 +#: sssd-ipa.5.xml:219 sssd-ad.5.xml:1309 #, fuzzy #| msgid "auth_provider (string)" msgid "dyndns_auth_ptr (string)" msgstr "auth_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:222 sssd-ad.5.xml:1309 +#: sssd-ipa.5.xml:222 sssd-ad.5.xml:1312 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "PTR updates with the DNS server, insecure updates can be sent by setting " @@ -10039,7 +10056,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:228 sssd-ad.5.xml:1315 +#: sssd-ipa.5.xml:228 sssd-ad.5.xml:1318 msgid "Default: Same as dyndns_auth" msgstr "" @@ -10066,7 +10083,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1241 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1244 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -10079,12 +10096,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:276 sssd-ad.5.xml:1259 +#: sssd-ipa.5.xml:276 sssd-ad.5.xml:1262 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 sssd-ad.5.xml:1262 +#: sssd-ipa.5.xml:279 sssd-ad.5.xml:1265 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -10098,7 +10115,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:290 sssd-ad.5.xml:1267 +#: sssd-ipa.5.xml:290 sssd-ad.5.xml:1270 msgid "" "Note that <emphasis>dyndns_update_per_family</emphasis> parameter does not " "apply for PTR record updates. Those updates are always sent separately." @@ -10110,60 +10127,77 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1278 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1281 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:304 sssd-ad.5.xml:1281 +#: sssd-ipa.5.xml:304 sssd-ad.5.xml:1284 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:308 sssd-ad.5.xml:1285 +#: sssd-ipa.5.xml:308 sssd-ad.5.xml:1288 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:314 sssd-ad.5.xml:1321 +#: sssd-ipa.5.xml:314 sssd-ad.5.xml:1324 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1324 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1327 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 sssd-ad.5.xml:1329 +#: sssd-ipa.5.xml:322 sssd-ad.5.xml:1332 msgid "" "Setting this option makes sense for environments where the DNS server is " -"different from the identity server." +"different from the identity server or when we use encrypted DNS." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:327 sssd-ad.5.xml:1337 +msgid "" +"The parameter can be a simple string containing DNS name or IP address. It " +"can also be an URI. The URI can look like <emphasis>dns://servername/</" +"emphasis> or <emphasis>dns+tls://1.2.3.4:853#servername/</emphasis>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:327 sssd-ad.5.xml:1334 +#: sssd-ipa.5.xml:334 sssd-ad.5.xml:1344 +msgid "" +"The second example enables DNS-over-TLS protocol for DNS updates. The " +"nsupdate utility must support DoT - check the <emphasis>man nsupdate</" +"emphasis> before enabling it in SSSD." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:340 sssd-ad.5.xml:1350 msgid "" "Please note that this option will be only used in fallback attempt when " -"previous attempt using autodetected settings failed." +"previous attempt using autodetected settings failed or when DNS-over-TLS is " +"enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:332 sssd-ad.5.xml:1339 +#: sssd-ipa.5.xml:346 sssd-ad.5.xml:1356 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:338 sssd-ad.5.xml:1345 +#: sssd-ipa.5.xml:352 sssd-ad.5.xml:1362 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:341 sssd-ad.5.xml:1348 +#: sssd-ipa.5.xml:355 sssd-ad.5.xml:1365 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -10171,181 +10205,243 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:353 +#: sssd-ipa.5.xml:367 sssd-ad.5.xml:1377 +#, fuzzy +#| msgid "ldap_tls_cacert (string)" +msgid "dyndns_dot_cacert (string)" +msgstr "ldap_tls_cacert (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:370 sssd-ad.5.xml:1380 +msgid "" +"This option specifies the file of the certificate authorities certificates " +"(in PEM format) in order to verify the remote server TLS certificate when " +"using DoT." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:376 sssd-ad.5.xml:1386 +msgid "Default: None (use global certificate store)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:382 sssd-ad.5.xml:1392 +#, fuzzy +#| msgid "auth_provider (string)" +msgid "dyndns_dot_cert (string)" +msgstr "auth_provider (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:385 sssd-ad.5.xml:1395 +msgid "" +"This option sets the certificate(s) file for authentication for the DoT " +"transport to the remote server. The certificate chain file is expected to be " +"in PEM format." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:391 sssd-ad.5.xml:1401 +msgid "" +"The <emphasis>dyndns_dot_cert</emphasis> and <emphasis>dyndns_dot_key</" +"emphasis> options must be both set to achieve mutual TLS authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:396 sssd-ipa.5.xml:411 sssd-ad.5.xml:1406 sssd-ad.5.xml:1421 +msgid "Default: None (Do not use TLS authentication)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:402 sssd-ad.5.xml:1412 +#, fuzzy +#| msgid "auth_provider (string)" +msgid "dyndns_dot_key (string)" +msgstr "auth_provider (string)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:405 sssd-ad.5.xml:1415 +msgid "" +"This option sets the key file for authenticated encryption for the DoT " +"transport to the remote server. The private key file is expected to be in " +"PEM format." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:417 #, fuzzy #| msgid "access_provider (string)" msgid "ipa_access_order (string)" msgstr "access_provider (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:360 +#: sssd-ipa.5.xml:424 msgid "<emphasis>expire</emphasis>: use IPA's account expiration policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:399 +#: sssd-ipa.5.xml:463 msgid "" "Please note that 'access_provider = ipa' must be set for this feature to " "work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:406 +#: sssd-ipa.5.xml:470 msgid "ipa_deskprofile_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:409 +#: sssd-ipa.5.xml:473 msgid "" "Optional. Use the given string as search base for Desktop Profile related " "objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:413 sssd-ipa.5.xml:440 +#: sssd-ipa.5.xml:477 sssd-ipa.5.xml:504 msgid "Default: Use base DN" msgstr "Default: Use base DN" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:419 +#: sssd-ipa.5.xml:483 #, fuzzy #| msgid "ipa_hbac_search_base (string)" msgid "ipa_subid_ranges_search_base (string)" msgstr "ipa_hbac_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:422 +#: sssd-ipa.5.xml:486 msgid "" "Optional. Use the given string as search base for subordinate ranges related " "objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:426 +#: sssd-ipa.5.xml:490 msgid "Default: the value of <emphasis>cn=subids,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:433 +#: sssd-ipa.5.xml:497 msgid "ipa_hbac_search_base (string)" msgstr "ipa_hbac_search_base (string)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:436 +#: sssd-ipa.5.xml:500 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:446 +#: sssd-ipa.5.xml:510 msgid "ipa_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:449 +#: sssd-ipa.5.xml:513 msgid "Deprecated. Use ldap_host_search_base instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:455 +#: sssd-ipa.5.xml:519 msgid "ipa_selinux_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:458 +#: sssd-ipa.5.xml:522 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:474 +#: sssd-ipa.5.xml:538 msgid "ipa_subdomains_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:477 +#: sssd-ipa.5.xml:541 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 +#: sssd-ipa.5.xml:550 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:493 +#: sssd-ipa.5.xml:557 msgid "ipa_master_domain_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:496 +#: sssd-ipa.5.xml:560 msgid "Optional. Use the given string as search base for master domain object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:505 +#: sssd-ipa.5.xml:569 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 +#: sssd-ipa.5.xml:576 msgid "ipa_views_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 +#: sssd-ipa.5.xml:579 msgid "Optional. Use the given string as search base for views containers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:524 +#: sssd-ipa.5.xml:588 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:534 +#: sssd-ipa.5.xml:598 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:538 +#: sssd-ipa.5.xml:602 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:546 sssd-ad.5.xml:1363 +#: sssd-ipa.5.xml:610 sssd-ad.5.xml:1430 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:549 sssd-ad.5.xml:1366 +#: sssd-ipa.5.xml:613 sssd-ad.5.xml:1433 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:553 sssd-ad.5.xml:1370 +#: sssd-ipa.5.xml:617 sssd-ad.5.xml:1437 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:557 sssd-ad.5.xml:1374 +#: sssd-ipa.5.xml:621 sssd-ad.5.xml:1441 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:564 +#: sssd-ipa.5.xml:628 msgid "ipa_deskprofile_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:567 +#: sssd-ipa.5.xml:631 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server. This will reduce the latency and load on the IPA server if there " @@ -10353,34 +10449,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:574 sssd-ipa.5.xml:604 sssd-ipa.5.xml:620 sssd-ad.5.xml:600 +#: sssd-ipa.5.xml:638 sssd-ipa.5.xml:668 sssd-ipa.5.xml:684 sssd-ad.5.xml:600 msgid "Default: 5 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:580 +#: sssd-ipa.5.xml:644 msgid "ipa_deskprofile_request_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:583 +#: sssd-ipa.5.xml:647 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server in case the last request did not return any rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:588 +#: sssd-ipa.5.xml:652 msgid "Default: 60 (minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:594 +#: sssd-ipa.5.xml:658 msgid "ipa_hbac_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:597 +#: sssd-ipa.5.xml:661 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -10388,12 +10484,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:610 +#: sssd-ipa.5.xml:674 msgid "ipa_hbac_selinux (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:613 +#: sssd-ipa.5.xml:677 msgid "" "The amount of time between lookups of the SELinux maps against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -10401,33 +10497,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:626 +#: sssd-ipa.5.xml:690 msgid "ipa_server_mode (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:629 +#: sssd-ipa.5.xml:693 msgid "" "This option will be set by the IPA installer (ipa-server-install) " "automatically and denotes if SSSD is running on an IPA server or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:634 +#: sssd-ipa.5.xml:698 msgid "" "On an IPA server SSSD will lookup users and groups from trusted domains " "directly while on a client it will ask an IPA server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:639 +#: sssd-ipa.5.xml:703 msgid "" "NOTE: There are currently some assumptions that must be met when SSSD is " "running on an IPA server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:644 +#: sssd-ipa.5.xml:708 msgid "" "The <quote>ipa_server</quote> option must be configured to point to the IPA " "server itself. This is already the default set by the IPA installer, so no " @@ -10435,59 +10531,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:653 +#: sssd-ipa.5.xml:717 msgid "" "The <quote>full_name_format</quote> option must not be tweaked to only print " "short names for users from trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:668 +#: sssd-ipa.5.xml:732 msgid "ipa_automount_location (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:671 +#: sssd-ipa.5.xml:735 msgid "The automounter location this IPA client will be using" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:674 +#: sssd-ipa.5.xml:738 msgid "Default: The location named \"default\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:682 +#: sssd-ipa.5.xml:746 msgid "VIEWS AND OVERRIDES" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:691 +#: sssd-ipa.5.xml:755 msgid "ipa_view_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:694 +#: sssd-ipa.5.xml:758 msgid "Objectclass of the view container." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:697 +#: sssd-ipa.5.xml:761 msgid "Default: nsContainer" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:703 +#: sssd-ipa.5.xml:767 msgid "ipa_view_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:706 +#: sssd-ipa.5.xml:770 msgid "Name of the attribute holding the name of the view." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:710 sssd-ldap-attributes.5.xml:496 +#: sssd-ipa.5.xml:774 sssd-ldap-attributes.5.xml:496 #: sssd-ldap-attributes.5.xml:832 sssd-ldap-attributes.5.xml:913 #: sssd-ldap-attributes.5.xml:1010 sssd-ldap-attributes.5.xml:1068 #: sssd-ldap-attributes.5.xml:1226 sssd-ldap-attributes.5.xml:1271 @@ -10495,128 +10591,128 @@ msgid "Default: cn" msgstr "Padrão: NC" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:716 +#: sssd-ipa.5.xml:780 msgid "ipa_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:719 +#: sssd-ipa.5.xml:783 msgid "Objectclass of the override objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:722 +#: sssd-ipa.5.xml:786 msgid "Default: ipaOverrideAnchor" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:728 +#: sssd-ipa.5.xml:792 msgid "ipa_anchor_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:731 +#: sssd-ipa.5.xml:795 msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:735 +#: sssd-ipa.5.xml:799 msgid "Default: ipaAnchorUUID" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:741 +#: sssd-ipa.5.xml:805 msgid "ipa_user_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:744 +#: sssd-ipa.5.xml:808 msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:749 +#: sssd-ipa.5.xml:813 msgid "User overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:752 +#: sssd-ipa.5.xml:816 msgid "ldap_user_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:755 +#: sssd-ipa.5.xml:819 msgid "ldap_user_uid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:758 +#: sssd-ipa.5.xml:822 msgid "ldap_user_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:761 +#: sssd-ipa.5.xml:825 msgid "ldap_user_gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:764 +#: sssd-ipa.5.xml:828 msgid "ldap_user_home_directory" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:767 +#: sssd-ipa.5.xml:831 msgid "ldap_user_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:770 +#: sssd-ipa.5.xml:834 msgid "ldap_user_ssh_public_key" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:775 +#: sssd-ipa.5.xml:839 msgid "Default: ipaUserOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:781 +#: sssd-ipa.5.xml:845 msgid "ipa_group_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:784 +#: sssd-ipa.5.xml:848 msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:789 +#: sssd-ipa.5.xml:853 msgid "Group overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:792 +#: sssd-ipa.5.xml:856 msgid "ldap_group_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:795 +#: sssd-ipa.5.xml:859 msgid "ldap_group_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:800 +#: sssd-ipa.5.xml:864 msgid "Default: ipaGroupOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:684 +#: sssd-ipa.5.xml:748 msgid "" "SSSD can handle views and overrides which are offered by FreeIPA 4.1 and " "later version. Since all paths and objectclasses are fixed on the server " @@ -10626,19 +10722,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:812 +#: sssd-ipa.5.xml:876 msgid "SUBDOMAINS PROVIDER" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:814 +#: sssd-ipa.5.xml:878 msgid "" "The IPA subdomains provider behaves slightly differently if it is configured " "explicitly or implicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:818 +#: sssd-ipa.5.xml:882 msgid "" "If the option 'subdomains_provider = ipa' is found in the domain section of " "sssd.conf, the IPA subdomains provider is configured explicitly, and all " @@ -10646,7 +10742,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:824 +#: sssd-ipa.5.xml:888 msgid "" "If the option 'subdomains_provider' is not set in the domain section of sssd." "conf but there is the option 'id_provider = ipa', the IPA subdomains " @@ -10658,12 +10754,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:835 +#: sssd-ipa.5.xml:899 msgid "TRUSTED DOMAINS CONFIGURATION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:843 +#: sssd-ipa.5.xml:907 #, no-wrap msgid "" "[domain/ipa.domain.com/ad.domain.com]\n" @@ -10671,7 +10767,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:837 +#: sssd-ipa.5.xml:901 msgid "" "Some configuration options can also be set for a trusted domain. A trusted " "domain configuration can be set using the trusted domain subsection as shown " @@ -10681,80 +10777,80 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:848 +#: sssd-ipa.5.xml:912 msgid "" "For more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:855 +#: sssd-ipa.5.xml:919 msgid "" "Different configuration options are tunable for a trusted domain depending " "on whether you are configuring SSSD on an IPA server or an IPA client." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:860 +#: sssd-ipa.5.xml:924 msgid "OPTIONS TUNABLE ON IPA MASTERS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:862 +#: sssd-ipa.5.xml:926 msgid "" "The following options can be set in a subdomain section on an IPA master:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:866 sssd-ipa.5.xml:896 +#: sssd-ipa.5.xml:930 sssd-ipa.5.xml:960 msgid "ad_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:869 +#: sssd-ipa.5.xml:933 msgid "ad_backup_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:872 sssd-ipa.5.xml:899 +#: sssd-ipa.5.xml:936 sssd-ipa.5.xml:963 msgid "ad_site" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:875 +#: sssd-ipa.5.xml:939 msgid "ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:878 +#: sssd-ipa.5.xml:942 msgid "ldap_user_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:881 +#: sssd-ipa.5.xml:945 msgid "ldap_group_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:890 +#: sssd-ipa.5.xml:954 msgid "OPTIONS TUNABLE ON IPA CLIENTS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:892 +#: sssd-ipa.5.xml:956 msgid "" "The following options can be set in a subdomain section on an IPA client:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:904 +#: sssd-ipa.5.xml:968 msgid "" "Note that if both options are set, only <quote>ad_server</quote> is " "evaluated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:908 +#: sssd-ipa.5.xml:972 msgid "" "Since any request for a user or a group identity from a trusted domain " "triggered from an IPA client is resolved by the IPA server, the " @@ -10768,7 +10864,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:932 +#: sssd-ipa.5.xml:996 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10776,7 +10872,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:939 +#: sssd-ipa.5.xml:1003 #, no-wrap msgid "" "[domain/example.com]\n" @@ -11902,6 +11998,11 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:1136 +msgid "This option is deprecated." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1139 msgid "" "If this option is set to <quote>true</quote> SSSD will not filter out Domain " "Local groups from remote domains in the AD forest. By default they are " @@ -11912,7 +12013,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1146 +#: sssd-ad.5.xml:1149 msgid "" "Please note that setting this option to <quote>true</quote> will be against " "the intention of Domain Local group in Active Directory and <emphasis>SHOULD " @@ -11927,7 +12028,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1162 +#: sssd-ad.5.xml:1165 msgid "" "Given the comments above, if this option is set to <quote>true</quote> the " "tokenGroups request must be disabled by setting <quote>ldap_use_tokengroups</" @@ -11939,7 +12040,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1185 +#: sssd-ad.5.xml:1188 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -11950,19 +12051,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1215 +#: sssd-ad.5.xml:1218 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1231 +#: sssd-ad.5.xml:1234 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1244 +#: sssd-ad.5.xml:1247 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -11972,7 +12073,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1394 +#: sssd-ad.5.xml:1461 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -11980,7 +12081,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1401 +#: sssd-ad.5.xml:1468 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -11995,7 +12096,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1421 +#: sssd-ad.5.xml:1488 #, no-wrap msgid "" "access_provider = ldap\n" @@ -12004,7 +12105,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1417 +#: sssd-ad.5.xml:1484 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -12012,7 +12113,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1427 +#: sssd-ad.5.xml:1494 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -12022,7 +12123,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1435 +#: sssd-ad.5.xml:1502 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -17619,7 +17720,7 @@ msgstr "" #: include/ldap_id_mapping.xml:67 msgid "" "The SSSD ID-mapping algorithm takes a range of available UIDs and divides it " -"into equally-sized component sections - called \"slices\"-. Each slice " +"into equally-sized component sections - called \"slices\". Each slice " "represents the space available to an Active Directory domain." msgstr "" @@ -17764,7 +17865,7 @@ msgid "" "For example, if your most recently-added Active Directory user has " "objectSid=S-1-5-21-2153326666-2176343378-3404031434-1107, " "<quote>ldap_idmap_range_size</quote> must be at least 1108 as range size is " -"equal to maximal SID minus minimal SID plus one (e.g. 1108 = 1107 - 0 + 1)." +"equal to maximal RID minus minimal RID plus one (e.g. 1108 = 1107 - 0 + 1)." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> diff --git a/src/man/po/pt_BR.po b/src/man/po/pt_BR.po index 1bf219a83d3..5fefead5972 100644 --- a/src/man/po/pt_BR.po +++ b/src/man/po/pt_BR.po @@ -4,7 +4,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 2.3.0\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2024-10-15 11:44+0200\n" +"POT-Creation-Date: 2024-12-10 14:33+0100\n" "PO-Revision-Date: 2017-01-29 10:11-0500\n" "Last-Translator: Rodrigo de Araujo Sousa Fonseca " "<rodrigodearaujo@fedoraproject.org>\n" @@ -113,17 +113,17 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:60 msgid "" -"<filename>sssd.conf</filename> must be a regular file that is owned, " -"readable, and writeable by the same user as configured to run SSSD service." +"<filename>sssd.conf</filename> must be a regular file that is accessible " +"only by the user used to run SSSD service or root." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:67 +#: sssd.conf.5.xml:66 msgid "CONFIGURATION SNIPPETS FROM INCLUDE DIRECTORY" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:70 +#: sssd.conf.5.xml:69 msgid "" "The configuration file <filename>sssd.conf</filename> will include " "configuration snippets using the include directory <filename>conf.d</" @@ -131,7 +131,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:76 +#: sssd.conf.5.xml:75 msgid "" "Any file placed in <filename>conf.d</filename> that ends in " "<quote><filename>.conf</filename></quote> and does not begin with a dot " @@ -140,7 +140,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:84 +#: sssd.conf.5.xml:83 msgid "" "The configuration snippets from <filename>conf.d</filename> have higher " "priority than <filename>sssd.conf</filename> and will override " @@ -153,39 +153,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:98 +#: sssd.conf.5.xml:97 msgid "" "The snippet files require the same owner and permissions as <filename>sssd." "conf</filename>." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:104 +#: sssd.conf.5.xml:103 msgid "GENERAL OPTIONS" msgstr "OPÇÕES GERAIS " #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:106 +#: sssd.conf.5.xml:105 msgid "Following options are usable in more than one configuration sections." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:110 +#: sssd.conf.5.xml:109 msgid "Options usable in all sections" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:114 +#: sssd.conf.5.xml:113 msgid "debug_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:118 +#: sssd.conf.5.xml:117 msgid "debug (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:121 +#: sssd.conf.5.xml:120 msgid "" "SSSD 1.14 and later also includes the <replaceable>debug</replaceable> alias " "for <replaceable>debug_level</replaceable> as a convenience feature. If both " @@ -194,62 +194,62 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:131 +#: sssd.conf.5.xml:130 msgid "debug_timestamps (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:134 +#: sssd.conf.5.xml:133 msgid "" "Add a timestamp to the debug messages. If journald is enabled for SSSD " "debug logging this option is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 sssd.conf.5.xml:176 sssd.conf.5.xml:338 -#: sssd.conf.5.xml:698 sssd.conf.5.xml:713 sssd.conf.5.xml:923 -#: sssd.conf.5.xml:1041 sssd.conf.5.xml:2169 sssd-ldap.5.xml:920 -#: sssd-ldap.5.xml:1074 sssd-ldap.5.xml:1177 sssd-ldap.5.xml:1246 -#: sssd-ldap.5.xml:1654 sssd-ldap.5.xml:1788 sssd-ldap.5.xml:1853 -#: sssd-ipa.5.xml:347 sssd-ad.5.xml:252 sssd-ad.5.xml:367 sssd-ad.5.xml:1201 -#: sssd-ad.5.xml:1354 sssd-krb5.5.xml:358 +#: sssd.conf.5.xml:138 sssd.conf.5.xml:175 sssd.conf.5.xml:337 +#: sssd.conf.5.xml:701 sssd.conf.5.xml:716 sssd.conf.5.xml:926 +#: sssd.conf.5.xml:1044 sssd.conf.5.xml:2172 sssd-ldap.5.xml:931 +#: sssd-ldap.5.xml:1085 sssd-ldap.5.xml:1188 sssd-ldap.5.xml:1257 +#: sssd-ldap.5.xml:1665 sssd-ldap.5.xml:1799 sssd-ldap.5.xml:1864 +#: sssd-ipa.5.xml:361 sssd-ad.5.xml:252 sssd-ad.5.xml:367 sssd-ad.5.xml:1204 +#: sssd-ad.5.xml:1371 sssd-krb5.5.xml:358 msgid "Default: true" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:144 +#: sssd.conf.5.xml:143 msgid "debug_microseconds (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:147 +#: sssd.conf.5.xml:146 msgid "" "Add microseconds to the timestamp in debug messages. If journald is enabled " "for SSSD debug logging this option is ignored." msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:152 sssd.conf.5.xml:636 sssd.conf.5.xml:920 -#: sssd.conf.5.xml:2072 sssd.conf.5.xml:2139 sssd.conf.5.xml:4231 -#: sssd-ldap.5.xml:313 sssd-ldap.5.xml:939 sssd-ldap.5.xml:1149 -#: sssd-ldap.5.xml:1603 sssd-ldap.5.xml:1877 sssd-ipa.5.xml:152 -#: sssd-ipa.5.xml:254 sssd-ipa.5.xml:662 sssd-ad.5.xml:1107 sssd-krb5.5.xml:268 +#: sssd.conf.5.xml:151 sssd.conf.5.xml:639 sssd.conf.5.xml:923 +#: sssd.conf.5.xml:2075 sssd.conf.5.xml:2142 sssd.conf.5.xml:4234 +#: sssd-ldap.5.xml:324 sssd-ldap.5.xml:950 sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1888 sssd-ipa.5.xml:152 +#: sssd-ipa.5.xml:254 sssd-ipa.5.xml:726 sssd-ad.5.xml:1107 sssd-krb5.5.xml:268 #: sssd-krb5.5.xml:330 sssd-krb5.5.xml:432 include/krb5_options.xml:163 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:157 +#: sssd.conf.5.xml:156 msgid "debug_backtrace_enabled (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:160 +#: sssd.conf.5.xml:159 msgid "Enable debug backtrace." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:163 +#: sssd.conf.5.xml:162 msgid "" "In case SSSD is run with debug_level less than 9, everything is logged to a " "ring buffer in memory and flushed to a log file on any error up to and " @@ -259,15 +259,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:172 +#: sssd.conf.5.xml:171 msgid "" "Feature is only supported for `logger == files` (i.e. setting doesn't have " "effect for other logger types)." msgstr "" #. type: Content of: outside any tag (error?) -#: sssd.conf.5.xml:112 sssd.conf.5.xml:187 sssd-ldap.5.xml:1694 -#: sssd-ldap.5.xml:1900 sss-certmap.5.xml:645 sssd-systemtap.5.xml:82 +#: sssd.conf.5.xml:111 sssd.conf.5.xml:186 sssd-ldap.5.xml:1705 +#: sssd-ldap.5.xml:1911 sss-certmap.5.xml:645 sssd-systemtap.5.xml:82 #: sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 #: sssd-systemtap.5.xml:330 sssd-ldap-attributes.5.xml:40 #: sssd-ldap-attributes.5.xml:661 sssd-ldap-attributes.5.xml:803 @@ -279,17 +279,17 @@ msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:185 +#: sssd.conf.5.xml:184 msgid "Options usable in SERVICE and DOMAIN sections" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:189 +#: sssd.conf.5.xml:188 msgid "timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:192 +#: sssd.conf.5.xml:191 msgid "" "Timeout in seconds between heartbeats for this service. This is used to " "ensure that the process is alive and capable of answering requests. Note " @@ -297,33 +297,33 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:199 sssd.conf.5.xml:1261 sssd.conf.5.xml:1738 -#: sssd.conf.5.xml:4247 sssd-ldap.5.xml:766 include/ldap_id_mapping.xml:270 +#: sssd.conf.5.xml:198 sssd.conf.5.xml:1264 sssd.conf.5.xml:1741 +#: sssd.conf.5.xml:4250 sssd-ldap.5.xml:777 include/ldap_id_mapping.xml:270 msgid "Default: 10" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:209 +#: sssd.conf.5.xml:208 msgid "SPECIAL SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:212 +#: sssd.conf.5.xml:211 msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><title> -#: sssd.conf.5.xml:221 +#: sssd.conf.5.xml:220 msgid "Section parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:223 +#: sssd.conf.5.xml:222 msgid "services" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:226 +#: sssd.conf.5.xml:225 msgid "" "Comma separated list of services that are started when sssd itself starts. " "<phrase condition=\"have_systemd\"> The services' list is optional on " @@ -332,7 +332,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:235 +#: sssd.conf.5.xml:234 msgid "" "Supported services: nss, pam, ifp <phrase condition=\"with_sudo\">, sudo</" "phrase> <phrase condition=\"with_autofs\">, autofs</phrase> <phrase " @@ -341,7 +341,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:242 +#: sssd.conf.5.xml:241 msgid "" "<phrase condition=\"have_systemd\"> By default, all services are disabled " "and the administrator must enable the ones allowed to be used by executing: " @@ -349,12 +349,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:251 +#: sssd.conf.5.xml:250 msgid "domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:254 +#: sssd.conf.5.xml:253 msgid "" "A domain is a database containing user information. SSSD can use more " "domains at the same time, but at least one must be configured or SSSD won't " @@ -365,19 +365,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:267 sssd.conf.5.xml:3535 +#: sssd.conf.5.xml:266 sssd.conf.5.xml:3538 msgid "re_expression (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:270 +#: sssd.conf.5.xml:269 msgid "" "Default regular expression that describes how to parse the string containing " "user name and domain into these components." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:275 +#: sssd.conf.5.xml:274 msgid "" "Each domain can have an individual regular expression configured. For some " "ID providers there are also default regular expressions. See DOMAIN SECTIONS " @@ -385,12 +385,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:284 sssd.conf.5.xml:3592 +#: sssd.conf.5.xml:283 sssd.conf.5.xml:3595 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:3595 +#: sssd.conf.5.xml:286 sssd.conf.5.xml:3598 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -398,70 +398,70 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:298 sssd.conf.5.xml:3606 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:3609 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 sssd.conf.5.xml:3607 +#: sssd.conf.5.xml:298 sssd.conf.5.xml:3610 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:302 sssd.conf.5.xml:3610 +#: sssd.conf.5.xml:301 sssd.conf.5.xml:3613 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:305 sssd.conf.5.xml:3613 +#: sssd.conf.5.xml:304 sssd.conf.5.xml:3616 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:311 sssd.conf.5.xml:3619 +#: sssd.conf.5.xml:310 sssd.conf.5.xml:3622 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:314 sssd.conf.5.xml:3622 +#: sssd.conf.5.xml:313 sssd.conf.5.xml:3625 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:295 sssd.conf.5.xml:3603 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:3606 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:324 +#: sssd.conf.5.xml:323 msgid "" "Each domain can have an individual format string configured. See DOMAIN " "SECTIONS for more info on this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:330 +#: sssd.conf.5.xml:329 msgid "monitor_resolv_conf (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:333 +#: sssd.conf.5.xml:332 msgid "" "Controls if SSSD should monitor the state of resolv.conf to identify when it " "needs to update its internal DNS resolver." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:343 +#: sssd.conf.5.xml:342 msgid "try_inotify (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:346 +#: sssd.conf.5.xml:345 msgid "" "By default, SSSD will attempt to use inotify to monitor configuration files " "changes and will fall back to polling every five seconds if inotify cannot " @@ -469,7 +469,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:352 +#: sssd.conf.5.xml:351 msgid "" "There are some limited situations where it is preferred that we should skip " "even trying to use inotify. In these rare cases, this option should be set " @@ -477,52 +477,52 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:358 +#: sssd.conf.5.xml:357 msgid "" "Default: true on platforms where inotify is supported. False on other " "platforms." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:362 +#: sssd.conf.5.xml:361 msgid "" "Note: this option will have no effect on platforms where inotify is " "unavailable. On these platforms, polling will always be used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 +#: sssd.conf.5.xml:368 msgid "krb5_rcache_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 +#: sssd.conf.5.xml:371 msgid "" "Directory on the filesystem where SSSD should store Kerberos replay cache " "files." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:376 +#: sssd.conf.5.xml:375 msgid "" "This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " "SSSD to let libkrb5 decide the appropriate location for the replay cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:382 +#: sssd.conf.5.xml:381 msgid "" "Default: Distribution-specific and specified at build-time. " "(__LIBKRB5_DEFAULTS__ if not configured)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:389 +#: sssd.conf.5.xml:388 msgid "user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:392 +#: sssd.conf.5.xml:391 msgid "" "A legacy (deprecated) method to configure the user to drop the privileges to " "where appropriate to avoid running as the root user. The only supported " @@ -530,14 +530,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 +#: sssd.conf.5.xml:398 msgid "" "This option is ignored if main SSSD process is started under non-root user " "initially (preferred method)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:404 +#: sssd.conf.5.xml:403 msgid "" "This option doesn't apply to socket activated services, as in this case the " "user to run the processes is configured in systemd service files. Keep in " @@ -547,17 +547,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:415 +#: sssd.conf.5.xml:414 msgid "Default: not set, process will run as root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:420 +#: sssd.conf.5.xml:419 msgid "default_domain_suffix (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:423 +#: sssd.conf.5.xml:422 +msgid "" +"Please note that this option is deprecated and domain_resolution_order " +"should be used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:426 msgid "" "This string will be used as a default domain name for all names without a " "domain name component. The main use case is environments where the primary " @@ -567,7 +574,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 +#: sssd.conf.5.xml:436 msgid "" "Please note that if this option is set all users from the primary domain " "have to use their fully qualified name, e.g. user@domain.name, to log in. " @@ -580,8 +587,8 @@ msgid "" msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:450 sssd-ldap.5.xml:878 sssd-ldap.5.xml:890 -#: sssd-ldap.5.xml:983 sssd-ad.5.xml:921 sssd-ad.5.xml:996 sssd-krb5.5.xml:468 +#: sssd.conf.5.xml:453 sssd-ldap.5.xml:889 sssd-ldap.5.xml:901 +#: sssd-ldap.5.xml:994 sssd-ad.5.xml:921 sssd-ad.5.xml:996 sssd-krb5.5.xml:468 #: sssd-ldap-attributes.5.xml:470 sssd-ldap-attributes.5.xml:978 #: include/ldap_id_mapping.xml:211 include/ldap_id_mapping.xml:222 #: include/krb5_options.xml:148 @@ -589,12 +596,12 @@ msgid "Default: not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:455 +#: sssd.conf.5.xml:458 msgid "override_space (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:458 +#: sssd.conf.5.xml:461 msgid "" "This parameter will replace spaces (space bar) with the given character for " "user and group names. e.g. (_). User name "john doe" will be " @@ -604,7 +611,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:467 +#: sssd.conf.5.xml:470 msgid "" "Please note it is a configuration error to use a replacement character that " "might be used in user or group names. If a name contains the replacement " @@ -613,22 +620,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:475 +#: sssd.conf.5.xml:478 msgid "Default: not set (spaces will not be replaced)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:480 +#: sssd.conf.5.xml:483 msgid "certificate_verification (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:488 +#: sssd.conf.5.xml:491 msgid "no_ocsp" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:490 +#: sssd.conf.5.xml:493 msgid "" "Disables Online Certificate Status Protocol (OCSP) checks. This might be " "needed if the OCSP servers defined in the certificate are not reachable from " @@ -636,12 +643,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:498 +#: sssd.conf.5.xml:501 msgid "soft_ocsp" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:500 +#: sssd.conf.5.xml:503 msgid "" "If a connection cannot be established to an OCSP responder the OCSP check is " "skipped. This option should be used to allow authentication when the system " @@ -649,61 +656,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:510 +#: sssd.conf.5.xml:513 msgid "ocsp_dgst" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:512 +#: sssd.conf.5.xml:515 msgid "" "Digest (hash) function used to create the certificate ID for the OCSP " "request. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:516 +#: sssd.conf.5.xml:519 msgid "sha1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:517 +#: sssd.conf.5.xml:520 msgid "sha256" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:518 +#: sssd.conf.5.xml:521 msgid "sha384" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:519 +#: sssd.conf.5.xml:522 msgid "sha512" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:522 +#: sssd.conf.5.xml:525 msgid "Default: sha1 (to allow compatibility with RFC5019-compliant responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:528 +#: sssd.conf.5.xml:531 msgid "no_verification" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:530 +#: sssd.conf.5.xml:533 msgid "" "Disables verification completely. This option should only be used for " "testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:536 +#: sssd.conf.5.xml:539 msgid "partial_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:538 +#: sssd.conf.5.xml:541 msgid "" "Allow verification to succeed even if a <replaceable>complete</replaceable> " "chain cannot be built to a self-signed trust-anchor, provided it is possible " @@ -711,12 +718,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:547 +#: sssd.conf.5.xml:550 msgid "ocsp_default_responder=URL" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:549 +#: sssd.conf.5.xml:552 msgid "" "Sets the OCSP default responder which should be used instead of the one " "mentioned in the certificate. URL must be replaced with the URL of the OCSP " @@ -724,24 +731,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:559 +#: sssd.conf.5.xml:562 msgid "ocsp_default_responder_signing_cert=NAME" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:561 +#: sssd.conf.5.xml:564 msgid "" "This option is currently ignored. All needed certificates must be available " "in the PEM file given by pam_cert_db_path." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:569 +#: sssd.conf.5.xml:572 msgid "crl_file=/PATH/TO/CRL/FILE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:571 +#: sssd.conf.5.xml:574 msgid "" "Use the Certificate Revocation List (CRL) from the given file during the " "verification of the certificate. The CRL must be given in PEM format, see " @@ -750,12 +757,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:584 +#: sssd.conf.5.xml:587 msgid "soft_crl" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:587 +#: sssd.conf.5.xml:590 msgid "" "If a Certificate Revocation List (CRL) is expired ignore the expiration " "time of the CRL and check the related certificates with the expired CRL. " @@ -764,7 +771,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:483 +#: sssd.conf.5.xml:486 msgid "" "With this parameter the certificate verification can be tuned with a comma " "separated list of options. Supported options are: <placeholder " @@ -772,58 +779,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 +#: sssd.conf.5.xml:603 msgid "Unknown options are reported but ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:603 +#: sssd.conf.5.xml:606 msgid "Default: not set, i.e. do not restrict certificate verification" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:609 +#: sssd.conf.5.xml:612 msgid "disable_netlink (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:612 +#: sssd.conf.5.xml:615 msgid "" "SSSD hooks into the netlink interface to monitor changes to routes, " "addresses, links and trigger certain actions." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 +#: sssd.conf.5.xml:620 msgid "" "The SSSD state changes caused by netlink events may be undesirable and can " "be disabled by setting this option to 'true'" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:622 +#: sssd.conf.5.xml:625 msgid "Default: false (netlink changes are detected)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:627 +#: sssd.conf.5.xml:630 msgid "enable_files_domain (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:630 +#: sssd.conf.5.xml:633 msgid "" "When this option is enabled, SSSD prepends an implicit domain with " "<quote>id_provider=files</quote> before any explicitly configured domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:641 +#: sssd.conf.5.xml:644 msgid "domain_resolution_order" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:644 +#: sssd.conf.5.xml:647 msgid "" "Comma separated list of domains and subdomains representing the lookup order " "that will be followed. The list doesn't have to include all possible " @@ -834,7 +841,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:656 +#: sssd.conf.5.xml:659 msgid "" "Please, note that when this option is set the output format of all commands " "is always fully-qualified even when using short names for input <phrase " @@ -852,18 +859,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:684 sssd.conf.5.xml:1762 sssd.conf.5.xml:4297 +#: sssd.conf.5.xml:687 sssd.conf.5.xml:1765 sssd.conf.5.xml:4300 #: sssd-ad.5.xml:187 sssd-ad.5.xml:328 sssd-ad.5.xml:342 msgid "Default: Not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:692 msgid "implicit_pac_responder (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 +#: sssd.conf.5.xml:695 msgid "" "The PAC responder is enabled automatically for the IPA and AD provider to " "evaluate and check the PAC. If it has to be disabled set this option to " @@ -871,12 +878,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:703 +#: sssd.conf.5.xml:706 msgid "core_dumpable (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:706 +#: sssd.conf.5.xml:709 msgid "" "This option can be used for general system hardening: setting it to 'false' " "forbids core dumps for all SSSD processes to avoid leaking plain text " @@ -884,24 +891,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:718 +#: sssd.conf.5.xml:721 msgid "passkey_verification (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:726 +#: sssd.conf.5.xml:729 msgid "user_verification (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 +#: sssd.conf.5.xml:731 msgid "" "Enable or disable the user verification (i.e. PIN, fingerprint) during " "authentication. If enabled, the PIN will always be requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 +#: sssd.conf.5.xml:737 msgid "" "The default is that the key settings decide what to do. In the IPA or " "kerberos pre-authentication case, this value will be overwritten by the " @@ -909,7 +916,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:721 +#: sssd.conf.5.xml:724 msgid "" "With this parameter the passkey verification can be tuned with a comma " "separated list of options. Supported options are: <placeholder " @@ -917,7 +924,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:214 +#: sssd.conf.5.xml:213 msgid "" "Individual pieces of SSSD functionality are provided by special SSSD " "services that are started and stopped together with SSSD. The services are " @@ -928,12 +935,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:753 +#: sssd.conf.5.xml:756 msgid "SERVICES SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:755 +#: sssd.conf.5.xml:758 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -942,22 +949,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:762 +#: sssd.conf.5.xml:765 msgid "General service configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:764 +#: sssd.conf.5.xml:767 msgid "These options can be used to configure any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:768 +#: sssd.conf.5.xml:771 msgid "fd_limit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:771 +#: sssd.conf.5.xml:774 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -967,17 +974,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:780 +#: sssd.conf.5.xml:783 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:785 +#: sssd.conf.5.xml:788 msgid "client_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:788 +#: sssd.conf.5.xml:791 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " @@ -987,17 +994,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:797 +#: sssd.conf.5.xml:800 msgid "Default: 60, KCM: 300" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 +#: sssd.conf.5.xml:805 msgid "offline_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 +#: sssd.conf.5.xml:808 msgid "" "When SSSD switches to offline mode the amount of time before it tries to go " "back online will increase based upon the time spent disconnected. By " @@ -1008,14 +1015,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:816 sssd.conf.5.xml:872 +#: sssd.conf.5.xml:819 sssd.conf.5.xml:875 msgid "" "new_delay = Minimum(old_delay * 2, offline_timeout_max) + random[0..." "offline_timeout_random_offset]" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:822 msgid "" "The offline_timeout default value is 60. The offline_timeout_max default " "value is 3600. The offline_timeout_random_offset default value is 30. The " @@ -1023,44 +1030,44 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:825 +#: sssd.conf.5.xml:828 msgid "" "Note that the maximum length of each interval is defined by " "offline_timeout_max (apart of random part)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:829 sssd.conf.5.xml:1172 sssd.conf.5.xml:1555 -#: sssd.conf.5.xml:1851 sssd-ldap.5.xml:495 +#: sssd.conf.5.xml:832 sssd.conf.5.xml:1175 sssd.conf.5.xml:1558 +#: sssd.conf.5.xml:1854 sssd-ldap.5.xml:506 msgid "Default: 60" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:834 +#: sssd.conf.5.xml:837 msgid "offline_timeout_max (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:837 +#: sssd.conf.5.xml:840 msgid "" "Controls by how much the time between attempts to go online can be " "incremented following unsuccessful attempts to go online." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:842 +#: sssd.conf.5.xml:845 msgid "A value of 0 disables the incrementing behaviour." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:845 +#: sssd.conf.5.xml:848 msgid "" "The value of this parameter should be set in correlation to offline_timeout " "parameter value." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:849 +#: sssd.conf.5.xml:852 msgid "" "With offline_timeout set to 60 (default value) there is no point in setting " "offlinet_timeout_max to less than 120 as it will saturate instantly. General " @@ -1069,58 +1076,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:858 msgid "" "Although a value between 0 and offline_timeout may be specified, it has the " "effect of overriding the offline_timeout value so is of little use." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:863 msgid "Default: 3600" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:865 +#: sssd.conf.5.xml:868 msgid "offline_timeout_random_offset (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:868 +#: sssd.conf.5.xml:871 msgid "" "When SSSD is in offline mode it keeps probing backend servers in specified " "time intervals:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:875 +#: sssd.conf.5.xml:878 msgid "" "This parameter controls the value of the random offset used for the above " "equation. Final random_offset value will be random number in range:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:880 +#: sssd.conf.5.xml:883 msgid "[0 - offline_timeout_random_offset]" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:883 +#: sssd.conf.5.xml:886 msgid "A value of 0 disables the random offset addition." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:886 +#: sssd.conf.5.xml:889 msgid "Default: 30" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:894 msgid "responder_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:894 +#: sssd.conf.5.xml:897 msgid "" "This option specifies the number of seconds that an SSSD responder process " "can be up without being used. This value is limited in order to avoid " @@ -1132,58 +1139,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:908 sssd.conf.5.xml:1185 sssd.conf.5.xml:2304 -#: sssd-ldap.5.xml:332 +#: sssd.conf.5.xml:911 sssd.conf.5.xml:1188 sssd.conf.5.xml:2307 +#: sssd-ldap.5.xml:343 msgid "Default: 300" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:913 +#: sssd.conf.5.xml:916 msgid "cache_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:916 +#: sssd.conf.5.xml:919 msgid "" "This option specifies whether the responder should query all caches before " "querying the Data Providers." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:934 msgid "NSS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:933 +#: sssd.conf.5.xml:936 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:938 +#: sssd.conf.5.xml:941 msgid "enum_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:941 +#: sssd.conf.5.xml:944 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:945 +#: sssd.conf.5.xml:948 msgid "Default: 120" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:950 +#: sssd.conf.5.xml:953 msgid "entry_cache_nowait_percentage (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:956 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -1191,7 +1198,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:959 +#: sssd.conf.5.xml:962 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -1201,7 +1208,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:969 +#: sssd.conf.5.xml:972 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -1210,17 +1217,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:977 sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:980 sssd.conf.5.xml:2096 msgid "Default: 50" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:985 msgid "entry_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:985 +#: sssd.conf.5.xml:988 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -1228,17 +1235,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:991 sssd.conf.5.xml:1750 sssd.conf.5.xml:2117 +#: sssd.conf.5.xml:994 sssd.conf.5.xml:1753 sssd.conf.5.xml:2120 msgid "Default: 15" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:996 +#: sssd.conf.5.xml:999 msgid "local_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:999 +#: sssd.conf.5.xml:1002 msgid "" "Specifies for how many seconds nss_sss should keep local users and groups in " "negative cache before trying to look it up in the back end again. Setting " @@ -1246,17 +1253,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1005 +#: sssd.conf.5.xml:1008 msgid "Default: 14400 (4 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1013 msgid "filter_users, filter_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1013 +#: sssd.conf.5.xml:1016 msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " @@ -1265,7 +1272,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1024 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1274,41 +1281,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1029 +#: sssd.conf.5.xml:1032 msgid "Default: root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1037 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1037 +#: sssd.conf.5.xml:1040 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1048 +#: sssd.conf.5.xml:1051 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 +#: sssd.conf.5.xml:1054 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1056 +#: sssd.conf.5.xml:1059 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1062 +#: sssd.conf.5.xml:1065 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1316,23 +1323,23 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 sssd.conf.5.xml:1622 sssd.conf.5.xml:1641 -#: sssd.conf.5.xml:1718 sssd-krb5.5.xml:451 include/override_homedir.xml:66 +#: sssd.conf.5.xml:1063 sssd.conf.5.xml:1625 sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1721 sssd-krb5.5.xml:451 include/override_homedir.xml:66 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1069 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1072 +#: sssd.conf.5.xml:1075 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 +#: sssd.conf.5.xml:1078 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1340,47 +1347,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1084 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1090 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1093 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:1096 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1097 +#: sssd.conf.5.xml:1100 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1105 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 +#: sssd.conf.5.xml:1110 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1110 +#: sssd.conf.5.xml:1113 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1388,113 +1395,113 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1117 +#: sssd.conf.5.xml:1120 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1123 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1127 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1132 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1132 +#: sssd.conf.5.xml:1135 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1140 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1143 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1147 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1152 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1155 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1161 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 sssd.conf.5.xml:1548 +#: sssd.conf.5.xml:1168 sssd.conf.5.xml:1551 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 sssd.conf.5.xml:1551 +#: sssd.conf.5.xml:1171 sssd.conf.5.xml:1554 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1180 msgid "memcache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1180 +#: sssd.conf.5.xml:1183 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1191 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 sssd.conf.5.xml:1219 sssd.conf.5.xml:1244 -#: sssd.conf.5.xml:1269 sssd.conf.5.xml:1296 +#: sssd.conf.5.xml:1197 sssd.conf.5.xml:1222 sssd.conf.5.xml:1247 +#: sssd.conf.5.xml:1272 sssd.conf.5.xml:1299 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1202 +#: sssd.conf.5.xml:1205 msgid "memcache_size_passwd (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1205 +#: sssd.conf.5.xml:1208 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for passwd requests. Setting the size to 0 will disable the passwd in-" @@ -1502,25 +1509,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:2963 sssd-ldap.5.xml:549 +#: sssd.conf.5.xml:1214 sssd.conf.5.xml:2966 sssd-ldap.5.xml:560 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1214 sssd.conf.5.xml:1239 sssd.conf.5.xml:1264 -#: sssd.conf.5.xml:1291 +#: sssd.conf.5.xml:1217 sssd.conf.5.xml:1242 sssd.conf.5.xml:1267 +#: sssd.conf.5.xml:1294 msgid "" "WARNING: Disabled or too small in-memory cache can have significant negative " "impact on SSSD's performance." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1230 msgid "memcache_size_group (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1233 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for group requests. Setting the size to 0 will disable the group in-memory " @@ -1528,19 +1535,19 @@ msgid "" msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1236 sssd.conf.5.xml:1288 sssd.conf.5.xml:3724 -#: sssd-ldap.5.xml:474 sssd-ldap.5.xml:526 include/failover.xml:116 +#: sssd.conf.5.xml:1239 sssd.conf.5.xml:1291 sssd.conf.5.xml:3727 +#: sssd-ldap.5.xml:485 sssd-ldap.5.xml:537 include/failover.xml:116 #: include/krb5_options.xml:11 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1252 +#: sssd.conf.5.xml:1255 msgid "memcache_size_initgroups (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1255 +#: sssd.conf.5.xml:1258 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for initgroups requests. Setting the size to 0 will disable the initgroups " @@ -1548,12 +1555,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 +#: sssd.conf.5.xml:1280 msgid "memcache_size_sid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 +#: sssd.conf.5.xml:1283 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for SID related requests. Only SID-by-ID and ID-by-SID requests are " @@ -1562,12 +1569,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1304 sssd-ifp.5.xml:90 +#: sssd.conf.5.xml:1307 sssd-ifp.5.xml:90 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1307 +#: sssd.conf.5.xml:1310 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1578,43 +1585,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1320 +#: sssd.conf.5.xml:1323 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1325 +#: sssd.conf.5.xml:1328 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1330 +#: sssd.conf.5.xml:1333 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1336 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1341 msgid "Default: <quote>*</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1341 +#: sssd.conf.5.xml:1344 msgid "" "Note: This option can also be set per-domain which overwrites the value in " "[nss] section." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1348 msgid "" "Default: <quote>not set</quote> (remote domains), <phrase " "condition=\"with_files_provider\"> <quote>x</quote> (the files domain), </" @@ -1623,60 +1630,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1360 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1359 +#: sssd.conf.5.xml:1362 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1364 +#: sssd.conf.5.xml:1367 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1367 +#: sssd.conf.5.xml:1370 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1372 sssd.conf.5.xml:1385 +#: sssd.conf.5.xml:1375 sssd.conf.5.xml:1388 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1381 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1384 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1391 +#: sssd.conf.5.xml:1394 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1394 +#: sssd.conf.5.xml:1397 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1399 +#: sssd.conf.5.xml:1402 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1684,59 +1691,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1405 sssd.conf.5.xml:1515 +#: sssd.conf.5.xml:1408 sssd.conf.5.xml:1518 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1411 +#: sssd.conf.5.xml:1414 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1414 +#: sssd.conf.5.xml:1417 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1422 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1422 +#: sssd.conf.5.xml:1425 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1425 +#: sssd.conf.5.xml:1428 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1432 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1435 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1436 sssd.8.xml:63 +#: sssd.conf.5.xml:1439 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1442 +#: sssd.conf.5.xml:1445 msgid "pam_response_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:1448 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1745,51 +1752,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1453 +#: sssd.conf.5.xml:1456 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1463 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1461 +#: sssd.conf.5.xml:1464 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1464 +#: sssd.conf.5.xml:1467 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1465 +#: sssd.conf.5.xml:1468 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:1472 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1470 +#: sssd.conf.5.xml:1473 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1458 +#: sssd.conf.5.xml:1461 msgid "" "Currently the following filters are supported: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1477 +#: sssd.conf.5.xml:1480 msgid "" "The list of strings can either be the list of filters which would set this " "list of filters and overwrite the defaults. Or each element of the list can " @@ -1800,23 +1807,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1488 +#: sssd.conf.5.xml:1491 msgid "Default: ENV:KRB5CCNAME:sudo, ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1491 +#: sssd.conf.5.xml:1494 msgid "" "Example: -ENV:KRB5CCNAME:sudo-i will remove the filter from the default list" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1498 +#: sssd.conf.5.xml:1501 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1501 +#: sssd.conf.5.xml:1504 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1824,7 +1831,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1507 +#: sssd.conf.5.xml:1510 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1833,17 +1840,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1521 +#: sssd.conf.5.xml:1524 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1524 sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:1527 sssd.conf.5.xml:2990 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1527 +#: sssd.conf.5.xml:1530 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1851,32 +1858,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1533 sssd.conf.5.xml:2990 +#: sssd.conf.5.xml:1536 sssd.conf.5.xml:2993 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1541 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1543 sssd.conf.5.xml:3990 sssd-ldap.5.xml:607 -#: sssd-ldap.5.xml:1673 sssd.8.xml:79 +#: sssd.conf.5.xml:1546 sssd.conf.5.xml:3993 sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:1684 sssd.8.xml:79 msgid "Default: 0" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1560 +#: sssd.conf.5.xml:1563 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1563 +#: sssd.conf.5.xml:1566 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1886,75 +1893,75 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1573 +#: sssd.conf.5.xml:1576 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1577 +#: sssd.conf.5.xml:1580 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1584 +#: sssd.conf.5.xml:1587 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1587 +#: sssd.conf.5.xml:1590 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1591 +#: sssd.conf.5.xml:1594 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1595 +#: sssd.conf.5.xml:1598 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1602 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1603 sssd.conf.5.xml:1628 sssd.conf.5.xml:1647 -#: sssd.conf.5.xml:1884 sssd.conf.5.xml:2725 sssd.conf.5.xml:3919 -#: sssd-ldap.5.xml:1210 +#: sssd.conf.5.xml:1606 sssd.conf.5.xml:1631 sssd.conf.5.xml:1650 +#: sssd.conf.5.xml:1887 sssd.conf.5.xml:2728 sssd.conf.5.xml:3922 +#: sssd-ldap.5.xml:1221 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1611 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1611 +#: sssd.conf.5.xml:1614 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1616 +#: sssd.conf.5.xml:1619 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1627 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1962,19 +1969,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1633 +#: sssd.conf.5.xml:1636 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1639 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1643 +#: sssd.conf.5.xml:1646 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1982,46 +1989,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1652 +#: sssd.conf.5.xml:1655 msgid "pam_passkey_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1655 +#: sssd.conf.5.xml:1658 msgid "Enable passkey device based authentication." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1658 sssd.conf.5.xml:1970 sssd-ad.5.xml:1272 +#: sssd.conf.5.xml:1661 sssd.conf.5.xml:1973 sssd-ad.5.xml:1275 #: sss_rpcidmapd.5.xml:76 sssd-files.5.xml:145 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1663 +#: sssd.conf.5.xml:1666 msgid "passkey_debug_libfido2 (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1666 +#: sssd.conf.5.xml:1669 msgid "Enable libfido2 library debug messages." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1669 sssd.conf.5.xml:1683 sssd-ldap.5.xml:672 -#: sssd-ldap.5.xml:693 sssd-ldap.5.xml:789 sssd-ldap.5.xml:1296 -#: sssd-ad.5.xml:506 sssd-ad.5.xml:582 sssd-ad.5.xml:1127 sssd-ad.5.xml:1176 +#: sssd.conf.5.xml:1672 sssd.conf.5.xml:1686 sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:704 sssd-ldap.5.xml:800 sssd-ldap.5.xml:1307 +#: sssd-ad.5.xml:506 sssd-ad.5.xml:582 sssd-ad.5.xml:1127 sssd-ad.5.xml:1179 #: include/ldap_id_mapping.xml:250 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1674 +#: sssd.conf.5.xml:1677 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1677 +#: sssd.conf.5.xml:1680 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -2029,34 +2036,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1688 +#: sssd.conf.5.xml:1691 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1691 +#: sssd.conf.5.xml:1694 msgid "The path to the certificate database." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1694 sssd.conf.5.xml:2219 sssd.conf.5.xml:4411 +#: sssd.conf.5.xml:1697 sssd.conf.5.xml:2222 sssd.conf.5.xml:4414 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1696 sssd.conf.5.xml:2221 +#: sssd.conf.5.xml:1699 sssd.conf.5.xml:2224 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (path to a file with trusted CA " "certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:1709 msgid "pam_cert_verification (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:1712 msgid "" "With this parameter the PAM certificate verification can be tuned with a " "comma separated list of options that override the " @@ -2066,7 +2073,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:1723 #, no-wrap msgid "" "pam_cert_verification = partial_chain\n" @@ -2074,59 +2081,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:1727 msgid "" "Default: not set, i.e. use default <quote>certificate_verification</quote> " "option defined in <quote>[sssd]</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1731 +#: sssd.conf.5.xml:1734 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1734 +#: sssd.conf.5.xml:1737 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1743 +#: sssd.conf.5.xml:1746 msgid "passkey_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 +#: sssd.conf.5.xml:1749 msgid "" "How many seconds will the PAM responder wait for passkey_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1758 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1761 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1767 +#: sssd.conf.5.xml:1770 msgid "pam_p11_allowed_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1770 +#: sssd.conf.5.xml:1773 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1785 +#: sssd.conf.5.xml:1788 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -2134,7 +2141,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1774 +#: sssd.conf.5.xml:1777 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -2146,63 +2153,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1789 sssd-ad.5.xml:645 sssd-ad.5.xml:754 sssd-ad.5.xml:812 +#: sssd.conf.5.xml:1792 sssd-ad.5.xml:645 sssd-ad.5.xml:754 sssd-ad.5.xml:812 #: sssd-ad.5.xml:870 sssd-ad.5.xml:948 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1794 sssd-ad.5.xml:649 +#: sssd.conf.5.xml:1797 sssd-ad.5.xml:649 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1799 sssd-ad.5.xml:654 +#: sssd.conf.5.xml:1802 sssd-ad.5.xml:654 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1804 sssd-ad.5.xml:659 +#: sssd.conf.5.xml:1807 sssd-ad.5.xml:659 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1809 sssd-ad.5.xml:674 +#: sssd.conf.5.xml:1812 sssd-ad.5.xml:674 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1814 sssd-ad.5.xml:669 +#: sssd.conf.5.xml:1817 sssd-ad.5.xml:669 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1819 sssd-ad.5.xml:679 +#: sssd.conf.5.xml:1822 sssd-ad.5.xml:679 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1824 sssd-ad.5.xml:957 +#: sssd.conf.5.xml:1827 sssd-ad.5.xml:957 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1829 sssd-ad.5.xml:962 +#: sssd.conf.5.xml:1832 sssd-ad.5.xml:962 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1837 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1845 msgid "p11_wait_for_card_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1845 +#: sssd.conf.5.xml:1848 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2210,12 +2217,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1856 +#: sssd.conf.5.xml:1859 msgid "p11_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1859 +#: sssd.conf.5.xml:1862 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " @@ -2226,7 +2233,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1872 +#: sssd.conf.5.xml:1875 #, no-wrap msgid "" "p11_uri = pkcs11:slot-description=My%20Smartcard%20Reader\n" @@ -2234,7 +2241,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1876 +#: sssd.conf.5.xml:1879 #, no-wrap msgid "" "p11_uri = pkcs11:library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2242,7 +2249,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1870 +#: sssd.conf.5.xml:1873 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2251,47 +2258,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1892 msgid "pam_initgroups_scheme" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1897 +#: sssd.conf.5.xml:1900 msgid "always" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1898 +#: sssd.conf.5.xml:1901 msgid "" "Always do an online lookup, please note that pam_id_timeout still applies" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1902 +#: sssd.conf.5.xml:1905 msgid "no_session" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1903 +#: sssd.conf.5.xml:1906 msgid "" "Only do an online lookup if there is no active session of the user, i.e. if " "the user is currently not logged in" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1908 +#: sssd.conf.5.xml:1911 msgid "never" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1909 +#: sssd.conf.5.xml:1912 msgid "" "Never force an online lookup, use the data from the cache as long as they " "are not expired" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1892 +#: sssd.conf.5.xml:1895 msgid "" "The PAM responder can force an online lookup to get the current group " "memberships of the user trying to log in. This option controls when this " @@ -2300,30 +2307,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1916 +#: sssd.conf.5.xml:1919 msgid "Default: no_session" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1921 sssd.conf.5.xml:4350 +#: sssd.conf.5.xml:1924 sssd.conf.5.xml:4353 msgid "pam_gssapi_services" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1924 +#: sssd.conf.5.xml:1927 msgid "" "Comma separated list of PAM services that are allowed to try GSSAPI " "authentication using pam_sss_gss.so module." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:1932 msgid "" "To disable GSSAPI authentication, set this option to <quote>-</quote> (dash)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1933 sssd.conf.5.xml:1964 sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:1936 sssd.conf.5.xml:1967 sssd.conf.5.xml:2005 msgid "" "Note: This option can also be set per-domain which overwrites the value in " "[pam] section. It can also be set for trusted domain which overwrites the " @@ -2331,7 +2338,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1941 +#: sssd.conf.5.xml:1944 #, no-wrap msgid "" "pam_gssapi_services = sudo, sudo-i\n" @@ -2339,22 +2346,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1939 sssd.conf.5.xml:3913 +#: sssd.conf.5.xml:1942 sssd.conf.5.xml:3916 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1945 +#: sssd.conf.5.xml:1948 msgid "Default: - (GSSAPI authentication is disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1950 sssd.conf.5.xml:4351 +#: sssd.conf.5.xml:1953 sssd.conf.5.xml:4354 msgid "pam_gssapi_check_upn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1953 +#: sssd.conf.5.xml:1956 msgid "" "If True, SSSD will require that the Kerberos user principal that " "successfully authenticated through GSSAPI can be associated with the user " @@ -2362,19 +2369,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1960 +#: sssd.conf.5.xml:1963 msgid "" "If False, every user that is able to obtained required service ticket will " "be authenticated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:1978 msgid "pam_gssapi_indicators_map" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1978 +#: sssd.conf.5.xml:1981 msgid "" "Comma separated list of authentication indicators required to be present in " "a Kerberos ticket to access a PAM service that is allowed to try GSSAPI " @@ -2382,7 +2389,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1984 +#: sssd.conf.5.xml:1987 msgid "" "Each element of the list can be either an authentication indicator name or a " "pair <quote>service:indicator</quote>. Indicators not prefixed with the PAM " @@ -2397,7 +2404,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1997 +#: sssd.conf.5.xml:2000 msgid "" "To disable GSSAPI authentication indicator check, set this option to <quote>-" "</quote> (dash). To disable the check for a specific PAM service, add " @@ -2405,45 +2412,45 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2008 +#: sssd.conf.5.xml:2011 msgid "" "Following authentication indicators are supported by IPA Kerberos " "deployments:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2011 +#: sssd.conf.5.xml:2014 msgid "" "pkinit -- pre-authentication using X.509 certificates -- whether stored in " "files or on smart cards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2014 +#: sssd.conf.5.xml:2017 msgid "" "hardened -- SPAKE pre-authentication or any pre-authentication wrapped in a " "FAST channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2017 +#: sssd.conf.5.xml:2020 msgid "radius -- pre-authentication with the help of a RADIUS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2020 +#: sssd.conf.5.xml:2023 msgid "" "otp -- pre-authentication using integrated two-factor authentication (2FA or " "one-time password, OTP) in IPA." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2023 +#: sssd.conf.5.xml:2026 msgid "idp -- pre-authentication using external identity provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2033 +#: sssd.conf.5.xml:2036 #, no-wrap msgid "" "pam_gssapi_indicators_map = sudo:pkinit, sudo-i:pkinit\n" @@ -2451,7 +2458,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2028 +#: sssd.conf.5.xml:2031 msgid "" "Example: to require access to SUDO services only for users which obtained " "their Kerberos tickets with a X.509 certificate pre-authentication (PKINIT), " @@ -2459,17 +2466,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2037 +#: sssd.conf.5.xml:2040 msgid "Default: not set (use of authentication indicators is not required)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2048 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2047 +#: sssd.conf.5.xml:2050 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2480,24 +2487,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2064 +#: sssd.conf.5.xml:2067 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2067 +#: sssd.conf.5.xml:2070 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2079 +#: sssd.conf.5.xml:2082 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2082 +#: sssd.conf.5.xml:2085 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2507,22 +2514,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2101 +#: sssd.conf.5.xml:2104 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2103 +#: sssd.conf.5.xml:2106 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2107 +#: sssd.conf.5.xml:2110 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2110 +#: sssd.conf.5.xml:2113 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2530,51 +2537,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2126 +#: sssd.conf.5.xml:2129 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2128 +#: sssd.conf.5.xml:2131 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:2135 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2135 +#: sssd.conf.5.xml:2138 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2144 +#: sssd.conf.5.xml:2147 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2147 +#: sssd.conf.5.xml:2150 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2154 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2156 +#: sssd.conf.5.xml:2159 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2159 +#: sssd.conf.5.xml:2162 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2583,12 +2590,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2174 +#: sssd.conf.5.xml:2177 msgid "ssh_use_certificate_matching_rules (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2177 +#: sssd.conf.5.xml:2180 msgid "" "By default the ssh responder will use all available certificate matching " "rules to filter the certificates so that ssh keys are only derived from the " @@ -2598,7 +2605,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2186 +#: sssd.conf.5.xml:2189 msgid "" "There are two special key words 'all_rules' and 'no_rules' which will enable " "all or no rules, respectively. The latter means that no certificates will be " @@ -2606,7 +2613,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2193 +#: sssd.conf.5.xml:2196 msgid "" "If no rules are configured using 'all_rules' will enable a default rule " "which enables all certificates suitable for client authentication. This is " @@ -2615,38 +2622,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2200 +#: sssd.conf.5.xml:2203 msgid "" "A non-existing rule name is considered an error. If as a result no rule is " "selected all certificates will be ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2205 +#: sssd.conf.5.xml:2208 msgid "" "Default: not set, equivalent to 'all_rules', all found rules or the default " "rule are used" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2211 +#: sssd.conf.5.xml:2214 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2214 +#: sssd.conf.5.xml:2217 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2234 +#: sssd.conf.5.xml:2237 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2239 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2657,7 +2664,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2245 +#: sssd.conf.5.xml:2248 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2668,24 +2675,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2253 +#: sssd.conf.5.xml:2256 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2259 +#: sssd.conf.5.xml:2262 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2263 sssd-ifp.5.xml:66 +#: sssd.conf.5.xml:2266 sssd-ifp.5.xml:66 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2266 +#: sssd.conf.5.xml:2269 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2693,19 +2700,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2272 +#: sssd.conf.5.xml:2275 msgid "" "Default: 0, &sssd_user_name; (only root and SSSD service users are allowed " "to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2279 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2280 +#: sssd.conf.5.xml:2283 msgid "" "Please note that defaults will be overwritten with this option. If you still " "want to allow the root and/or '&sssd_user_name;' user to access the PAC " @@ -2714,7 +2721,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2287 +#: sssd.conf.5.xml:2290 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2723,24 +2730,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2296 +#: sssd.conf.5.xml:2299 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2299 +#: sssd.conf.5.xml:2302 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2309 +#: sssd.conf.5.xml:2312 msgid "pac_check (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2312 +#: sssd.conf.5.xml:2315 msgid "" "Apply additional checks on the PAC of the Kerberos ticket which is available " "in Active Directory and FreeIPA domains, if configured. Please note that " @@ -2751,24 +2758,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2326 +#: sssd.conf.5.xml:2329 msgid "no_check" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2328 +#: sssd.conf.5.xml:2331 msgid "" "The PAC must not be present and even if it is present no additional checks " "will be done." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2334 +#: sssd.conf.5.xml:2337 msgid "pac_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:2339 msgid "" "The PAC must be present in the service ticket which SSSD will request with " "the help of the user's TGT. If the PAC is not available the authentication " @@ -2776,24 +2783,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2344 +#: sssd.conf.5.xml:2347 msgid "check_upn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2346 +#: sssd.conf.5.xml:2349 msgid "" "If the PAC is present check if the user principal name (UPN) information is " "consistent." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2352 +#: sssd.conf.5.xml:2355 msgid "check_upn_allow_missing" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2357 msgid "" "This option should be used together with 'check_upn' and handles the case " "where a UPN is set on the server-side but is not read by SSSD. The typical " @@ -2805,7 +2812,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2366 +#: sssd.conf.5.xml:2369 msgid "" "Currently this option is set by default to avoid regressions in such " "environments. A log message will be added to the system log and SSSD's debug " @@ -2816,60 +2823,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2380 +#: sssd.conf.5.xml:2383 msgid "upn_dns_info_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2382 +#: sssd.conf.5.xml:2385 msgid "The PAC must contain the UPN-DNS-INFO buffer, implies 'check_upn'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2387 +#: sssd.conf.5.xml:2390 msgid "check_upn_dns_info_ex" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2389 +#: sssd.conf.5.xml:2392 msgid "" "If the PAC is present and the extension to the UPN-DNS-INFO buffer is " "available check if the information in the extension is consistent." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2396 +#: sssd.conf.5.xml:2399 msgid "upn_dns_info_ex_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2401 msgid "" "The PAC must contain the extension of the UPN-DNS-INFO buffer, implies " "'check_upn_dns_info_ex', 'upn_dns_info_present' and 'check_upn'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2325 msgid "" "The following options can be used alone or in a comma-separated list: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2408 +#: sssd.conf.5.xml:2411 msgid "" "Default: no_check (AD and IPA provider 'check_upn, check_upn_allow_missing, " "check_upn_dns_info_ex')" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2417 +#: sssd.conf.5.xml:2420 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2419 +#: sssd.conf.5.xml:2422 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2879,66 +2886,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2432 +#: sssd.conf.5.xml:2435 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2436 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:2439 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2443 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:2446 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2446 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:2449 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2451 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:2454 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2454 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:2457 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2463 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:2466 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2466 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:2469 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2439 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:2442 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:2476 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2478 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:2481 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2481 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:2484 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2946,17 +2953,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2487 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:2490 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2492 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:2495 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2495 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:2498 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2964,7 +2971,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2501 sssd.conf.5.xml:2533 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:2504 sssd.conf.5.xml:2536 sssd-session-recording.5.xml:129 #: sssd-session-recording.5.xml:161 msgid "" "NOTE: using this option (having it set to anything) has a considerable " @@ -2973,57 +2980,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2508 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:2511 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2513 sssd-session-recording.5.xml:141 +#: sssd.conf.5.xml:2516 sssd-session-recording.5.xml:141 msgid "exclude_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2516 sssd-session-recording.5.xml:144 +#: sssd.conf.5.xml:2519 sssd-session-recording.5.xml:144 msgid "" "A comma-separated list of users to be excluded from recording, only " "applicable with 'scope=all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2520 sssd-session-recording.5.xml:148 +#: sssd.conf.5.xml:2523 sssd-session-recording.5.xml:148 msgid "Default: Empty. No users excluded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2525 sssd-session-recording.5.xml:153 +#: sssd.conf.5.xml:2528 sssd-session-recording.5.xml:153 msgid "exclude_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2528 sssd-session-recording.5.xml:156 +#: sssd.conf.5.xml:2531 sssd-session-recording.5.xml:156 msgid "" "A comma-separated list of groups, members of which should be excluded from " "recording. Only applicable with 'scope=all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2540 sssd-session-recording.5.xml:168 +#: sssd.conf.5.xml:2543 sssd-session-recording.5.xml:168 msgid "Default: Empty. No groups excluded." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:2550 +#: sssd.conf.5.xml:2553 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para> -#: sssd.conf.5.xml:2557 sssd.conf.5.xml:4041 sssd.conf.5.xml:4042 -#: sssd.conf.5.xml:4045 +#: sssd.conf.5.xml:2560 sssd.conf.5.xml:4044 sssd.conf.5.xml:4045 +#: sssd.conf.5.xml:4048 msgid "enabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2560 +#: sssd.conf.5.xml:2563 msgid "" "Explicitly enable or disable the domain. If <quote>true</quote>, the domain " "is always <quote>enabled</quote>. If <quote>false</quote>, the domain is " @@ -3033,12 +3040,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2572 +#: sssd.conf.5.xml:2575 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2578 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -3047,14 +3054,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2583 +#: sssd.conf.5.xml:2586 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2587 +#: sssd.conf.5.xml:2590 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -3063,38 +3070,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2595 +#: sssd.conf.5.xml:2598 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2602 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2603 +#: sssd.conf.5.xml:2606 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2609 +#: sssd.conf.5.xml:2612 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2615 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2617 +#: sssd.conf.5.xml:2620 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -3103,24 +3110,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2627 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2631 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2637 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2637 +#: sssd.conf.5.xml:2640 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -3129,36 +3136,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:2648 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:2651 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2651 sssd.conf.5.xml:2942 sssd.conf.5.xml:3119 +#: sssd.conf.5.xml:2654 sssd.conf.5.xml:2945 sssd.conf.5.xml:3122 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2654 +#: sssd.conf.5.xml:2657 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2659 +#: sssd.conf.5.xml:2662 msgid "" "Feature is only supported for domains with id_provider = ldap or id_provider " "= proxy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2663 +#: sssd.conf.5.xml:2666 msgid "" "Note: Enabling enumeration has a severe performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -3172,14 +3179,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2678 +#: sssd.conf.5.xml:2681 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2683 +#: sssd.conf.5.xml:2686 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -3188,14 +3195,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2694 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2696 +#: sssd.conf.5.xml:2699 msgid "" "Note: the proxy provider is tested with open source modules like " "'libnss_files' and 'libnss_ldap'. 3rd party modules must follow the " @@ -3203,32 +3210,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2705 +#: sssd.conf.5.xml:2708 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2712 +#: sssd.conf.5.xml:2715 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2716 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2716 +#: sssd.conf.5.xml:2719 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2717 +#: sssd.conf.5.xml:2720 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2708 +#: sssd.conf.5.xml:2711 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -3237,19 +3244,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2731 +#: sssd.conf.5.xml:2734 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2734 +#: sssd.conf.5.xml:2737 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2738 +#: sssd.conf.5.xml:2741 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -3260,139 +3267,139 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2751 +#: sssd.conf.5.xml:2754 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2757 +#: sssd.conf.5.xml:2760 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2760 +#: sssd.conf.5.xml:2763 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2764 sssd.conf.5.xml:2777 sssd.conf.5.xml:2790 -#: sssd.conf.5.xml:2803 sssd.conf.5.xml:2817 sssd.conf.5.xml:2830 -#: sssd.conf.5.xml:2844 sssd.conf.5.xml:2858 sssd.conf.5.xml:2871 +#: sssd.conf.5.xml:2767 sssd.conf.5.xml:2780 sssd.conf.5.xml:2793 +#: sssd.conf.5.xml:2806 sssd.conf.5.xml:2820 sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2847 sssd.conf.5.xml:2861 sssd.conf.5.xml:2874 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2773 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2776 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2783 +#: sssd.conf.5.xml:2786 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2786 +#: sssd.conf.5.xml:2789 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2796 +#: sssd.conf.5.xml:2799 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2799 +#: sssd.conf.5.xml:2802 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2812 msgid "entry_cache_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2812 +#: sssd.conf.5.xml:2815 msgid "" "How many seconds should nss_sss consider hosts and networks entries valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:2826 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2826 +#: sssd.conf.5.xml:2829 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2836 +#: sssd.conf.5.xml:2839 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2839 +#: sssd.conf.5.xml:2842 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2850 +#: sssd.conf.5.xml:2853 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2853 +#: sssd.conf.5.xml:2856 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2867 msgid "entry_cache_computer_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2867 +#: sssd.conf.5.xml:2870 msgid "" "How many seconds to keep the local computer entry before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2877 +#: sssd.conf.5.xml:2880 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2880 +#: sssd.conf.5.xml:2883 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2885 +#: sssd.conf.5.xml:2888 msgid "" "The background refresh will process users, groups and netgroups in the " "cache. For users who have performed the initgroups (get group membership for " @@ -3401,17 +3408,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2893 +#: sssd.conf.5.xml:2896 msgid "This option is automatically inherited for all trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2897 +#: sssd.conf.5.xml:2900 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2901 +#: sssd.conf.5.xml:2904 msgid "" "Cache entry will be refreshed by background task when 2/3 of cache timeout " "has already passed. If there are existing cached entries, the background " @@ -3423,18 +3430,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2914 sssd-ldap.5.xml:361 sssd-ldap.5.xml:1774 +#: sssd.conf.5.xml:2917 sssd-ldap.5.xml:372 sssd-ldap.5.xml:1785 #: sssd-ipa.5.xml:270 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2920 +#: sssd.conf.5.xml:2923 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:2926 msgid "" "Determines if user credentials are also cached in the local LDB cache. The " "cached credentials refer to passwords, which includes the first (long term) " @@ -3445,7 +3452,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2934 +#: sssd.conf.5.xml:2937 msgid "" "Take a note that while credentials are stored as a salted SHA512 hash, this " "still potentially poses some security risk in case an attacker manages to " @@ -3454,12 +3461,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:2951 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2951 +#: sssd.conf.5.xml:2954 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -3467,19 +3474,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2958 +#: sssd.conf.5.xml:2961 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:2972 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:2975 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -3488,17 +3495,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2979 +#: sssd.conf.5.xml:2982 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:2987 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2995 +#: sssd.conf.5.xml:2998 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -3507,28 +3514,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3002 +#: sssd.conf.5.xml:3005 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3008 +#: sssd.conf.5.xml:3011 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3011 +#: sssd.conf.5.xml:3014 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3015 +#: sssd.conf.5.xml:3018 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3018 +#: sssd.conf.5.xml:3021 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3536,7 +3543,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3026 +#: sssd.conf.5.xml:3029 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3544,8 +3551,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3034 sssd.conf.5.xml:3145 sssd.conf.5.xml:3196 -#: sssd.conf.5.xml:3259 +#: sssd.conf.5.xml:3037 sssd.conf.5.xml:3148 sssd.conf.5.xml:3199 +#: sssd.conf.5.xml:3262 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Identity Management provider. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3553,8 +3560,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3043 sssd.conf.5.xml:3154 sssd.conf.5.xml:3205 -#: sssd.conf.5.xml:3268 +#: sssd.conf.5.xml:3046 sssd.conf.5.xml:3157 sssd.conf.5.xml:3208 +#: sssd.conf.5.xml:3271 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3562,19 +3569,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3054 +#: sssd.conf.5.xml:3057 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3057 +#: sssd.conf.5.xml:3060 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3062 +#: sssd.conf.5.xml:3065 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -3583,7 +3590,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3070 +#: sssd.conf.5.xml:3073 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -3591,24 +3598,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3077 +#: sssd.conf.5.xml:3080 msgid "" "Default: FALSE (TRUE for trusted domain/sub-domains or if " "default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3084 +#: sssd.conf.5.xml:3087 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3087 +#: sssd.conf.5.xml:3090 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3090 +#: sssd.conf.5.xml:3093 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -3620,7 +3627,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3111 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -3628,30 +3635,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3114 sssd.conf.5.xml:3835 sssd-ldap.5.xml:327 -#: sssd-ldap.5.xml:356 sssd-ldap.5.xml:409 sssd-ldap.5.xml:469 -#: sssd-ldap.5.xml:490 sssd-ldap.5.xml:521 sssd-ldap.5.xml:544 -#: sssd-ldap.5.xml:583 sssd-ldap.5.xml:602 sssd-ldap.5.xml:626 -#: sssd-ldap.5.xml:1054 sssd-ldap.5.xml:1087 +#: sssd.conf.5.xml:3117 sssd.conf.5.xml:3838 sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:367 sssd-ldap.5.xml:420 sssd-ldap.5.xml:480 +#: sssd-ldap.5.xml:501 sssd-ldap.5.xml:532 sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:594 sssd-ldap.5.xml:613 sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:1065 sssd-ldap.5.xml:1098 msgid "" "This option can be also set per subdomain or inherited via " "<emphasis>subdomain_inherit</emphasis>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3124 +#: sssd.conf.5.xml:3127 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3127 +#: sssd.conf.5.xml:3130 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3131 sssd.conf.5.xml:3189 +#: sssd.conf.5.xml:3134 sssd.conf.5.xml:3192 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3659,7 +3666,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3138 +#: sssd.conf.5.xml:3141 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3667,30 +3674,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3162 +#: sssd.conf.5.xml:3165 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3168 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3168 +#: sssd.conf.5.xml:3171 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3174 +#: sssd.conf.5.xml:3177 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3177 +#: sssd.conf.5.xml:3180 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3698,19 +3705,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3183 +#: sssd.conf.5.xml:3186 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3186 +#: sssd.conf.5.xml:3189 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3213 +#: sssd.conf.5.xml:3216 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3719,7 +3726,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3223 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3727,29 +3734,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3227 +#: sssd.conf.5.xml:3230 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3230 +#: sssd.conf.5.xml:3233 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3235 +#: sssd.conf.5.xml:3238 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3238 +#: sssd.conf.5.xml:3241 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3243 +#: sssd.conf.5.xml:3246 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3757,7 +3764,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3251 +#: sssd.conf.5.xml:3254 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3765,35 +3772,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3276 +#: sssd.conf.5.xml:3279 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3280 +#: sssd.conf.5.xml:3283 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3283 +#: sssd.conf.5.xml:3286 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3290 +#: sssd.conf.5.xml:3293 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3293 +#: sssd.conf.5.xml:3296 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3297 +#: sssd.conf.5.xml:3300 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3801,32 +3808,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3305 +#: sssd.conf.5.xml:3308 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3309 +#: sssd.conf.5.xml:3312 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3313 +#: sssd.conf.5.xml:3316 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3316 sssd.conf.5.xml:3402 sssd.conf.5.xml:3467 -#: sssd.conf.5.xml:3492 sssd.conf.5.xml:3528 +#: sssd.conf.5.xml:3319 sssd.conf.5.xml:3405 sssd.conf.5.xml:3470 +#: sssd.conf.5.xml:3495 sssd.conf.5.xml:3531 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3320 +#: sssd.conf.5.xml:3323 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3837,7 +3844,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3335 +#: sssd.conf.5.xml:3338 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3846,12 +3853,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3345 +#: sssd.conf.5.xml:3348 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3348 +#: sssd.conf.5.xml:3351 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3859,7 +3866,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3354 +#: sssd.conf.5.xml:3357 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3867,31 +3874,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3362 +#: sssd.conf.5.xml:3365 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3365 +#: sssd.conf.5.xml:3368 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3371 +#: sssd.conf.5.xml:3374 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3374 +#: sssd.conf.5.xml:3377 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3380 +#: sssd.conf.5.xml:3383 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3899,7 +3906,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3389 +#: sssd.conf.5.xml:3392 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3908,17 +3915,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3398 +#: sssd.conf.5.xml:3401 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3408 +#: sssd.conf.5.xml:3411 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3411 +#: sssd.conf.5.xml:3414 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3926,36 +3933,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3418 +#: sssd.conf.5.xml:3421 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3422 +#: sssd.conf.5.xml:3425 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3426 +#: sssd.conf.5.xml:3429 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3433 +#: sssd.conf.5.xml:3436 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3436 +#: sssd.conf.5.xml:3439 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3440 +#: sssd.conf.5.xml:3443 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3963,7 +3970,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3447 +#: sssd.conf.5.xml:3450 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3971,7 +3978,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3455 +#: sssd.conf.5.xml:3458 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3979,24 +3986,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3464 +#: sssd.conf.5.xml:3467 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3474 +#: sssd.conf.5.xml:3477 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3477 +#: sssd.conf.5.xml:3480 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3481 +#: sssd.conf.5.xml:3484 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -4004,31 +4011,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3492 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3499 +#: sssd.conf.5.xml:3502 msgid "resolver_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3502 +#: sssd.conf.5.xml:3505 msgid "" "The provider which should handle hosts and networks lookups. Supported " "resolver providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3506 +#: sssd.conf.5.xml:3509 msgid "" "<quote>proxy</quote> to forward lookups to another NSS library. See " "<quote>proxy_resolver_lib_name</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3510 +#: sssd.conf.5.xml:3513 msgid "" "<quote>ldap</quote> to fetch hosts and networks stored in LDAP. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -4036,7 +4043,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3517 +#: sssd.conf.5.xml:3520 msgid "" "<quote>ad</quote> to fetch hosts and networks stored in AD. See " "<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" @@ -4045,12 +4052,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3525 +#: sssd.conf.5.xml:3528 msgid "<quote>none</quote> disallows fetching hosts and networks explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3538 +#: sssd.conf.5.xml:3541 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -4060,24 +4067,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3547 +#: sssd.conf.5.xml:3550 msgid "" "Default: <quote>^((?P<name>.+)@(?P<domain>[^@]*)|(?P<name>" "[^@]+))$</quote> which allows two different styles for user names:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3552 sssd.conf.5.xml:3566 +#: sssd.conf.5.xml:3555 sssd.conf.5.xml:3569 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3555 sssd.conf.5.xml:3569 +#: sssd.conf.5.xml:3558 sssd.conf.5.xml:3572 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3560 +#: sssd.conf.5.xml:3563 msgid "" "Default for the AD and IPA provider: <quote>^(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+))|((?P<name>.+)@(?P<domain>[^@]+))|((?P<" @@ -4086,19 +4093,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3572 +#: sssd.conf.5.xml:3575 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3575 +#: sssd.conf.5.xml:3578 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3580 +#: sssd.conf.5.xml:3583 msgid "" "The default re_expression uses the <quote>@</quote> character as a separator " "between the name and the domain. As a result of this setting the default " @@ -4108,89 +4115,89 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3632 +#: sssd.conf.5.xml:3635 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3638 +#: sssd.conf.5.xml:3641 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3641 +#: sssd.conf.5.xml:3644 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3645 +#: sssd.conf.5.xml:3648 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3648 +#: sssd.conf.5.xml:3651 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3651 +#: sssd.conf.5.xml:3654 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3654 +#: sssd.conf.5.xml:3657 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3657 +#: sssd.conf.5.xml:3660 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3660 +#: sssd.conf.5.xml:3663 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3666 +#: sssd.conf.5.xml:3669 msgid "dns_resolver_server_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3669 +#: sssd.conf.5.xml:3672 msgid "" "Defines the amount of time (in milliseconds) SSSD would try to talk to DNS " "server before trying next DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3674 +#: sssd.conf.5.xml:3677 msgid "" "The AD provider will use this option for the CLDAP ping timeouts as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3678 sssd.conf.5.xml:3698 sssd.conf.5.xml:3719 +#: sssd.conf.5.xml:3681 sssd.conf.5.xml:3701 sssd.conf.5.xml:3722 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3683 sssd-ldap.5.xml:645 include/failover.xml:84 +#: sssd.conf.5.xml:3686 sssd-ldap.5.xml:656 include/failover.xml:84 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3689 +#: sssd.conf.5.xml:3692 msgid "dns_resolver_op_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3692 +#: sssd.conf.5.xml:3695 msgid "" "Defines the amount of time (in seconds) to wait to resolve single DNS query " "(e.g. resolution of a hostname or an SRV record) before trying the next " @@ -4198,17 +4205,17 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3703 include/failover.xml:100 +#: sssd.conf.5.xml:3706 include/failover.xml:100 msgid "Default: 3" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3709 +#: sssd.conf.5.xml:3712 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3712 +#: sssd.conf.5.xml:3715 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -4217,12 +4224,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3730 +#: sssd.conf.5.xml:3733 msgid "dns_resolver_use_search_list (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3733 +#: sssd.conf.5.xml:3736 msgid "" "Normally, the DNS resolver searches the domain list defined in the " "\"search\" directive from the resolv.conf file. This can lead to delays in " @@ -4230,7 +4237,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3739 +#: sssd.conf.5.xml:3742 msgid "" "If fully qualified domain names (or _srv_) are used in the SSSD " "configuration, setting this option to FALSE can prevent unnecessary DNS " @@ -4238,34 +4245,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3745 +#: sssd.conf.5.xml:3748 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3751 +#: sssd.conf.5.xml:3754 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3754 +#: sssd.conf.5.xml:3757 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3758 +#: sssd.conf.5.xml:3761 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3764 +#: sssd.conf.5.xml:3767 msgid "failover_primary_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3767 +#: sssd.conf.5.xml:3770 msgid "" "When no primary server is available, SSSD fails over to a backup server. " "This option defines the number of seconds SSSD waits before attempting to " @@ -4273,57 +4280,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3774 +#: sssd.conf.5.xml:3777 msgid "Note: The minimum value is 31." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3777 +#: sssd.conf.5.xml:3780 msgid "Default: 31" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3783 +#: sssd.conf.5.xml:3786 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3786 +#: sssd.conf.5.xml:3789 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3792 +#: sssd.conf.5.xml:3795 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3799 +#: sssd.conf.5.xml:3802 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3802 +#: sssd.conf.5.xml:3805 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3808 +#: sssd.conf.5.xml:3811 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3810 +#: sssd.conf.5.xml:3813 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3814 +#: sssd.conf.5.xml:3817 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3817 +#: sssd.conf.5.xml:3820 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -4331,31 +4338,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3825 +#: sssd.conf.5.xml:3828 msgid "" "If you want to set this value for trusted domain with IPA provider, you need " "to set it on both the client and SSSD on the server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3795 +#: sssd.conf.5.xml:3798 msgid "" "Treat user and group names as case sensitive. Possible option values are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3840 +#: sssd.conf.5.xml:3843 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3846 +#: sssd.conf.5.xml:3849 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3849 +#: sssd.conf.5.xml:3852 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -4363,104 +4370,104 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3855 +#: sssd.conf.5.xml:3858 msgid "ldap_search_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3858 +#: sssd.conf.5.xml:3861 msgid "ldap_network_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3861 +#: sssd.conf.5.xml:3864 msgid "ldap_opt_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3864 +#: sssd.conf.5.xml:3867 msgid "ldap_offline_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3867 +#: sssd.conf.5.xml:3870 msgid "ldap_enumeration_refresh_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3870 +#: sssd.conf.5.xml:3873 msgid "ldap_enumeration_refresh_offset" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3873 +#: sssd.conf.5.xml:3876 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3876 +#: sssd.conf.5.xml:3879 msgid "ldap_purge_cache_offset" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3879 +#: sssd.conf.5.xml:3882 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3883 +#: sssd.conf.5.xml:3886 msgid "ldap_krb5_ticket_lifetime" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3886 +#: sssd.conf.5.xml:3889 msgid "ldap_enumeration_search_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3889 +#: sssd.conf.5.xml:3892 msgid "ldap_connection_expire_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3892 +#: sssd.conf.5.xml:3895 msgid "ldap_connection_expire_offset" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3895 +#: sssd.conf.5.xml:3898 msgid "ldap_connection_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3898 sssd-ldap.5.xml:401 +#: sssd.conf.5.xml:3901 sssd-ldap.5.xml:412 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3901 +#: sssd.conf.5.xml:3904 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3904 +#: sssd.conf.5.xml:3907 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3907 +#: sssd.conf.5.xml:3910 msgid "auto_private_groups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3910 +#: sssd.conf.5.xml:3913 msgid "case_sensitive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3915 +#: sssd.conf.5.xml:3918 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -4468,27 +4475,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3922 +#: sssd.conf.5.xml:3925 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3929 +#: sssd.conf.5.xml:3932 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3940 +#: sssd.conf.5.xml:3943 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3941 +#: sssd.conf.5.xml:3944 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3932 +#: sssd.conf.5.xml:3935 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -4498,34 +4505,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3946 +#: sssd.conf.5.xml:3949 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3950 +#: sssd.conf.5.xml:3953 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3955 +#: sssd.conf.5.xml:3958 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3958 +#: sssd.conf.5.xml:3961 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3964 +#: sssd.conf.5.xml:3967 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3967 +#: sssd.conf.5.xml:3970 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -4534,19 +4541,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3975 +#: sssd.conf.5.xml:3978 msgid "" "This option's value is inherited by all trusted domains. At the moment it is " "not possible to set a different value per trusted domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3980 +#: sssd.conf.5.xml:3983 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3984 +#: sssd.conf.5.xml:3987 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -4554,12 +4561,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3995 +#: sssd.conf.5.xml:3998 msgid "local_auth_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3998 +#: sssd.conf.5.xml:4001 msgid "" "Local authentication methods policy. Some backends (i.e. LDAP, proxy " "provider) only support a password based authentication, while others can " @@ -4571,7 +4578,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4010 +#: sssd.conf.5.xml:4013 msgid "" "There are three possible values for this option: match, only, enable. " "<quote>match</quote> is used to match offline and online states for Kerberos " @@ -4583,7 +4590,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4023 +#: sssd.conf.5.xml:4026 msgid "" "The following table shows which authentication methods, if configured " "properly, are currently enabled or disabled for each backend, with the " @@ -4591,42 +4598,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4036 +#: sssd.conf.5.xml:4039 msgid "local_auth_policy = match (default)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4037 +#: sssd.conf.5.xml:4040 msgid "Passkey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4038 +#: sssd.conf.5.xml:4041 msgid "Smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4041 sssd-ldap.5.xml:189 +#: sssd.conf.5.xml:4044 sssd-ldap.5.xml:189 msgid "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4044 sssd-ldap.5.xml:194 +#: sssd.conf.5.xml:4047 sssd-ldap.5.xml:194 msgid "AD" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para> -#: sssd.conf.5.xml:4044 sssd.conf.5.xml:4047 sssd.conf.5.xml:4048 +#: sssd.conf.5.xml:4047 sssd.conf.5.xml:4050 sssd.conf.5.xml:4051 msgid "disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry> -#: sssd.conf.5.xml:4047 +#: sssd.conf.5.xml:4050 msgid "LDAP" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4052 +#: sssd.conf.5.xml:4055 msgid "" "Please note that if local Smartcard authentication is enabled and a " "Smartcard is present, Smartcard authentication will be preferred over the " @@ -4635,7 +4642,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4064 +#: sssd.conf.5.xml:4067 #, no-wrap msgid "" "[domain/shadowutils]\n" @@ -4646,7 +4653,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4060 +#: sssd.conf.5.xml:4063 msgid "" "The following configuration example allows local users to authenticate " "locally using any enabled method (i.e. smartcard, passkey). <placeholder " @@ -4654,36 +4661,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4072 +#: sssd.conf.5.xml:4075 msgid "" "It is expected that the <quote>files</quote> provider ignores the " "local_auth_policy option and supports Smartcard authentication by default." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4077 +#: sssd.conf.5.xml:4080 msgid "Default: match" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4082 +#: sssd.conf.5.xml:4085 msgid "auto_private_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4088 +#: sssd.conf.5.xml:4091 msgid "true" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4091 +#: sssd.conf.5.xml:4094 msgid "" "Create user's private group unconditionally from user's UID number. The GID " "number is ignored in this case." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4095 +#: sssd.conf.5.xml:4098 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -4692,24 +4699,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4104 +#: sssd.conf.5.xml:4107 msgid "false" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4107 +#: sssd.conf.5.xml:4110 msgid "" "Always use the user's primary GID number. The GID number must refer to a " "group object in the LDAP database." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4113 +#: sssd.conf.5.xml:4116 msgid "hybrid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4116 +#: sssd.conf.5.xml:4119 msgid "" "A primary group is autogenerated for user entries whose UID and GID numbers " "have the same value and at the same time the GID number does not correspond " @@ -4719,14 +4726,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4129 +#: sssd.conf.5.xml:4132 msgid "" "If the UID and GID of a user are different, then the GID must correspond to " "a group entry, otherwise the GID is simply not resolvable." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4136 +#: sssd.conf.5.xml:4139 msgid "" "This feature is useful for environments that wish to stop maintaining a " "separate group objects for the user private groups, but also wish to retain " @@ -4734,21 +4741,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4085 +#: sssd.conf.5.xml:4088 msgid "" "This option takes any of three available values: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4148 +#: sssd.conf.5.xml:4151 msgid "" "For subdomains, the default value is False for subdomains that use assigned " "POSIX IDs and True for subdomains that use automatic ID-mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4156 +#: sssd.conf.5.xml:4159 #, no-wrap msgid "" "[domain/forest.domain/sub.domain]\n" @@ -4756,7 +4763,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4162 +#: sssd.conf.5.xml:4165 #, no-wrap msgid "" "[domain/forest.domain]\n" @@ -4765,7 +4772,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4153 +#: sssd.conf.5.xml:4156 msgid "" "The value of auto_private_groups can either be set per subdomains in a " "subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " @@ -4774,7 +4781,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2552 +#: sssd.conf.5.xml:2555 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -4782,17 +4789,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4177 +#: sssd.conf.5.xml:4180 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4180 +#: sssd.conf.5.xml:4183 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4183 +#: sssd.conf.5.xml:4186 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here. As an alternative you can " @@ -4800,12 +4807,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4193 +#: sssd.conf.5.xml:4196 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4196 +#: sssd.conf.5.xml:4199 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -4813,12 +4820,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4206 +#: sssd.conf.5.xml:4209 msgid "proxy_resolver_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4209 +#: sssd.conf.5.xml:4212 msgid "" "The name of the NSS library to use for hosts and networks lookups in proxy " "domains. The NSS functions searched for in the library are in the form of " @@ -4826,12 +4833,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4220 +#: sssd.conf.5.xml:4223 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4223 +#: sssd.conf.5.xml:4226 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -4840,12 +4847,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4237 +#: sssd.conf.5.xml:4240 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4240 +#: sssd.conf.5.xml:4243 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -4853,19 +4860,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4173 +#: sssd.conf.5.xml:4176 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" " "id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:4256 +#: sssd.conf.5.xml:4259 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4258 +#: sssd.conf.5.xml:4261 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -4882,7 +4889,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4278 +#: sssd.conf.5.xml:4281 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -4890,17 +4897,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:4284 +#: sssd.conf.5.xml:4287 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4286 +#: sssd.conf.5.xml:4289 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4289 +#: sssd.conf.5.xml:4292 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -4909,7 +4916,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4303 +#: sssd.conf.5.xml:4306 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -4919,7 +4926,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:4311 +#: sssd.conf.5.xml:4314 #, no-wrap msgid "" "[sssd]\n" @@ -4939,12 +4946,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4331 +#: sssd.conf.5.xml:4334 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4333 +#: sssd.conf.5.xml:4336 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -4955,69 +4962,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4340 +#: sssd.conf.5.xml:4343 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4341 +#: sssd.conf.5.xml:4344 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4342 +#: sssd.conf.5.xml:4345 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4343 +#: sssd.conf.5.xml:4346 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4344 +#: sssd.conf.5.xml:4347 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4345 +#: sssd.conf.5.xml:4348 msgid "ldap_sasl_mech," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4346 +#: sssd.conf.5.xml:4349 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4347 +#: sssd.conf.5.xml:4350 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4348 +#: sssd.conf.5.xml:4351 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4349 sssd-ipa.5.xml:884 +#: sssd.conf.5.xml:4352 sssd-ipa.5.xml:948 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4353 +#: sssd.conf.5.xml:4356 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4359 +#: sssd.conf.5.xml:4362 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4361 +#: sssd.conf.5.xml:4364 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -5030,7 +5037,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4375 +#: sssd.conf.5.xml:4378 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -5038,7 +5045,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4384 +#: sssd.conf.5.xml:4387 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -5047,55 +5054,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4391 +#: sssd.conf.5.xml:4394 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4394 +#: sssd.conf.5.xml:4397 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4398 +#: sssd.conf.5.xml:4401 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4405 +#: sssd.conf.5.xml:4408 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4408 +#: sssd.conf.5.xml:4411 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4414 +#: sssd.conf.5.xml:4417 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4420 +#: sssd.conf.5.xml:4423 msgid "" -"The RULE_NAME for the <quote>files</quote> provider which tries to find a " -"user with the same name." +"If maprule is not set and provider is <quote>proxy</quote><phrase " +"condition=\"with_files_provider\">  or <quote>files</quote></phrase>, " +"the RULE_NAME name is assumed to be the name of the matching user." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4429 +#: sssd.conf.5.xml:4434 msgid "domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4432 +#: sssd.conf.5.xml:4437 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -5104,17 +5112,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4439 +#: sssd.conf.5.xml:4444 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4444 +#: sssd.conf.5.xml:4449 msgid "priority (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4447 +#: sssd.conf.5.xml:4452 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -5122,26 +5130,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4453 +#: sssd.conf.5.xml:4458 msgid "Default: the lowest priority" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4459 +#: sssd.conf.5.xml:4464 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4465 +#: sssd.conf.5.xml:4470 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4471 +#: sssd.conf.5.xml:4476 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -5150,17 +5158,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4480 +#: sssd.conf.5.xml:4485 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4488 +#: sssd.conf.5.xml:4493 msgid "PROMPTING CONFIGURATION SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4490 +#: sssd.conf.5.xml:4495 msgid "" "If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" "filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " @@ -5170,7 +5178,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4498 +#: sssd.conf.5.xml:4503 msgid "" "With the growing number of authentication methods and the possibility that " "there are multiple ones for a single user the heuristic used by pam_sss to " @@ -5179,59 +5187,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4510 +#: sssd.conf.5.xml:4515 msgid "[prompting/password]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4513 +#: sssd.conf.5.xml:4518 msgid "password_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4514 +#: sssd.conf.5.xml:4519 msgid "to change the string of the password prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4512 +#: sssd.conf.5.xml:4517 msgid "" "to configure password prompting, allowed options are: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4522 +#: sssd.conf.5.xml:4527 msgid "[prompting/2fa]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4526 +#: sssd.conf.5.xml:4531 msgid "first_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4527 +#: sssd.conf.5.xml:4532 msgid "to change the string of the prompt for the first factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4530 +#: sssd.conf.5.xml:4535 msgid "second_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4531 +#: sssd.conf.5.xml:4536 msgid "to change the string of the prompt for the second factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4534 +#: sssd.conf.5.xml:4539 msgid "single_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4535 +#: sssd.conf.5.xml:4540 msgid "" "boolean value, if True there will be only a single prompt using the value of " "first_prompt where it is expected that both factors are entered as a single " @@ -5240,7 +5248,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4524 +#: sssd.conf.5.xml:4529 msgid "" "to configure two-factor authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/> If the second factor is " @@ -5249,7 +5257,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4548 +#: sssd.conf.5.xml:4553 msgid "" "Some clients, such as SSH with 'PasswordAuthentication yes', generate their " "own prompts and do not use prompts provided by SSSD or other PAM modules. " @@ -5260,17 +5268,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4563 +#: sssd.conf.5.xml:4568 msgid "[prompting/passkey]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4569 sssd-ad.5.xml:1022 +#: sssd.conf.5.xml:4574 sssd-ad.5.xml:1022 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4571 +#: sssd.conf.5.xml:4576 msgid "" "boolean value, if True prompt a message and wait before testing the presence " "of a passkey device. Recommended if your device doesn’t have a tactile " @@ -5278,46 +5286,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4579 +#: sssd.conf.5.xml:4584 msgid "interactive_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4581 +#: sssd.conf.5.xml:4586 msgid "to change the message of the interactive prompt." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4586 +#: sssd.conf.5.xml:4591 msgid "touch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4588 +#: sssd.conf.5.xml:4593 msgid "" "boolean value, if True prompt a message to remind the user to touch the " "device." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4594 +#: sssd.conf.5.xml:4599 msgid "touch_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4596 +#: sssd.conf.5.xml:4601 msgid "to change the message of the touch prompt." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4565 +#: sssd.conf.5.xml:4570 msgid "" "to configure passkey authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4505 +#: sssd.conf.5.xml:4510 msgid "" "Each supported authentication method has its own configuration subsection " "under <quote>[prompting/...]</quote>. Currently there are: <placeholder " @@ -5326,7 +5334,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4607 +#: sssd.conf.5.xml:4612 msgid "" "It is possible to add a subsection for specific PAM services, e.g. " "<quote>[prompting/password/sshd]</quote> to individual change the prompting " @@ -5334,12 +5342,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4614 pam_sss_gss.8.xml:157 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:4619 pam_sss_gss.8.xml:157 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4620 +#: sssd.conf.5.xml:4625 #, no-wrap msgid "" "[sssd]\n" @@ -5368,7 +5376,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4616 +#: sssd.conf.5.xml:4621 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -5377,7 +5385,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4652 +#: sssd.conf.5.xml:4657 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -5385,7 +5393,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4646 +#: sssd.conf.5.xml:4651 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -5396,7 +5404,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4663 +#: sssd.conf.5.xml:4668 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -5407,7 +5415,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4657 +#: sssd.conf.5.xml:4662 msgid "" "3. The following example shows the configuration of a certificate mapping " "rule. It is valid for the configured domain <quote>my.domain</quote> and " @@ -5677,8 +5685,17 @@ msgstr "" msgid "ldap_modify - Direct modification of userPassword (not recommended)." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:239 +msgid "" +"exop_force - Try Password Modify Extended Operation (RFC 3062) even if there " +"are no grace logins left. Depending on the type and configuration of the " +"LDAP server the password change might fail because an authenticated bind is " +"not possible." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:240 +#: sssd-ldap.5.xml:251 msgid "" "Note: First, a new connection is established to verify current password by " "binding as the user that requested password change. If successful, this " @@ -5687,74 +5704,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:248 +#: sssd-ldap.5.xml:259 msgid "Default: exop" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:265 msgid "ldap_default_bind_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:268 msgid "The default bind DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:264 +#: sssd-ldap.5.xml:275 msgid "ldap_default_authtok_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:267 +#: sssd-ldap.5.xml:278 msgid "The type of the authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:271 +#: sssd-ldap.5.xml:282 msgid "The two mechanisms currently supported are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:274 +#: sssd-ldap.5.xml:285 msgid "password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:288 msgid "obfuscated_password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:291 msgid "Default: password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:283 +#: sssd-ldap.5.xml:294 msgid "" "See the <citerefentry> <refentrytitle>sss_obfuscate</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> manual page for more information." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:294 +#: sssd-ldap.5.xml:305 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 +#: sssd-ldap.5.xml:308 msgid "The authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:314 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:317 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -5763,24 +5780,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:319 +#: sssd-ldap.5.xml:330 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:322 +#: sssd-ldap.5.xml:333 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:349 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:341 +#: sssd-ldap.5.xml:352 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -5788,7 +5805,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:358 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -5797,12 +5814,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:367 +#: sssd-ldap.5.xml:378 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:370 +#: sssd-ldap.5.xml:381 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5810,7 +5827,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:377 +#: sssd-ldap.5.xml:388 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5820,7 +5837,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:397 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5830,67 +5847,67 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:395 +#: sssd-ldap.5.xml:406 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 +#: sssd-ldap.5.xml:415 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:414 +#: sssd-ldap.5.xml:425 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:420 +#: sssd-ldap.5.xml:431 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:423 +#: sssd-ldap.5.xml:434 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:427 sssd-ipa.5.xml:462 sssd-ipa.5.xml:481 sssd-ipa.5.xml:500 -#: sssd-ipa.5.xml:519 +#: sssd-ldap.5.xml:438 sssd-ipa.5.xml:526 sssd-ipa.5.xml:545 sssd-ipa.5.xml:564 +#: sssd-ipa.5.xml:583 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " "multiple search bases." msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:432 sssd-ipa.5.xml:467 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:443 sssd-ipa.5.xml:531 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:450 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:444 +#: sssd-ldap.5.xml:455 msgid "ldap_iphost_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:449 +#: sssd-ldap.5.xml:460 msgid "ldap_ipnetwork_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:465 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:468 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5898,7 +5915,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:463 +#: sssd-ldap.5.xml:474 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5906,12 +5923,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:480 +#: sssd-ldap.5.xml:491 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:483 +#: sssd-ldap.5.xml:494 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5919,12 +5936,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:501 +#: sssd-ldap.5.xml:512 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:504 +#: sssd-ldap.5.xml:515 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5935,12 +5952,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:532 +#: sssd-ldap.5.xml:543 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:546 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5949,12 +5966,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:566 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:569 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5963,7 +5980,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:577 msgid "" "If the connection is idle (not actively running an operation) within " "<emphasis>ldap_opt_timeout</emphasis> seconds of expiration, then it will be " @@ -5974,36 +5991,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:578 +#: sssd-ldap.5.xml:589 msgid "" "This timeout can be extended of a random value specified by " "<emphasis>ldap_connection_expire_offset</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:588 sssd-ldap.5.xml:631 sssd-ldap.5.xml:1749 +#: sssd-ldap.5.xml:599 sssd-ldap.5.xml:642 sssd-ldap.5.xml:1760 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:594 +#: sssd-ldap.5.xml:605 msgid "ldap_connection_expire_offset (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:597 +#: sssd-ldap.5.xml:608 msgid "" "Random offset between 0 and configured value is added to " "<emphasis>ldap_connection_expire_timeout</emphasis>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:624 msgid "ldap_connection_idle_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 +#: sssd-ldap.5.xml:627 msgid "" "Specifies a timeout (in seconds) that an idle connection to an LDAP server " "will be maintained. If the connection is idle for more than this time then " @@ -6011,29 +6028,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:622 +#: sssd-ldap.5.xml:633 msgid "You can disable this timeout by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:648 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:651 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:662 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:654 +#: sssd-ldap.5.xml:665 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -6041,14 +6058,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:660 +#: sssd-ldap.5.xml:671 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:666 +#: sssd-ldap.5.xml:677 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -6056,17 +6073,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:678 +#: sssd-ldap.5.xml:689 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:681 +#: sssd-ldap.5.xml:692 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:684 +#: sssd-ldap.5.xml:695 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -6076,12 +6093,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:699 +#: sssd-ldap.5.xml:710 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 +#: sssd-ldap.5.xml:713 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -6089,17 +6106,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:708 sssd-ldap.5.xml:724 +#: sssd-ldap.5.xml:719 sssd-ldap.5.xml:735 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:715 +#: sssd-ldap.5.xml:726 msgid "ldap_sasl_maxssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:718 +#: sssd-ldap.5.xml:729 msgid "" "When communicating with an LDAP server using SASL, specify the maximal " "security level necessary to establish the connection. The values of this " @@ -6107,12 +6124,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:742 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:734 +#: sssd-ldap.5.xml:745 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -6120,7 +6137,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:740 +#: sssd-ldap.5.xml:751 msgid "" "You can turn off dereference lookups completely by setting the value to 0. " "Please note that there are some codepaths in SSSD, like the IPA HBAC " @@ -6131,7 +6148,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:751 +#: sssd-ldap.5.xml:762 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -6140,7 +6157,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 +#: sssd-ldap.5.xml:770 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -6148,12 +6165,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:783 msgid "ldap_ignore_unreadable_references (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 +#: sssd-ldap.5.xml:786 msgid "" "Ignore unreadable LDAP entries referenced in group's member attribute. If " "this parameter is set to false an error will be returned and the operation " @@ -6161,7 +6178,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:782 +#: sssd-ldap.5.xml:793 msgid "" "This parameter may be useful when using the AD provider and the computer " "account that sssd uses to connect to AD does not have access to a particular " @@ -6169,26 +6186,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:795 +#: sssd-ldap.5.xml:806 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:798 +#: sssd-ldap.5.xml:809 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 +#: sssd-ldap.5.xml:815 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:808 +#: sssd-ldap.5.xml:819 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6196,7 +6213,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:826 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6204,7 +6221,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:821 +#: sssd-ldap.5.xml:832 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -6212,41 +6229,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:838 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:831 +#: sssd-ldap.5.xml:842 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:837 +#: sssd-ldap.5.xml:848 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:840 +#: sssd-ldap.5.xml:851 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 sssd-ldap.5.xml:864 sssd-ldap.5.xml:905 +#: sssd-ldap.5.xml:856 sssd-ldap.5.xml:875 sssd-ldap.5.xml:916 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:852 +#: sssd-ldap.5.xml:863 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:866 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -6256,32 +6273,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:871 +#: sssd-ldap.5.xml:882 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:885 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 +#: sssd-ldap.5.xml:895 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:898 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:907 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:910 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -6289,12 +6306,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 +#: sssd-ldap.5.xml:923 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:926 msgid "" "Specifies that the id_provider connection must also use <systemitem " "class=\"protocol\">tls</systemitem> to protect the channel. <emphasis>true</" @@ -6302,12 +6319,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:937 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:940 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -6315,17 +6332,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:946 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:945 +#: sssd-ldap.5.xml:956 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:959 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -6336,24 +6353,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:960 +#: sssd-ldap.5.xml:971 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:966 +#: sssd-ldap.5.xml:977 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:969 +#: sssd-ldap.5.xml:980 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " "tested and supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 +#: sssd-ldap.5.xml:984 msgid "" "If the backend supports sub-domains the value of ldap_sasl_mech is " "automatically inherited to the sub-domains. If a different value is needed " @@ -6364,12 +6381,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:989 +#: sssd-ldap.5.xml:1000 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1001 +#: sssd-ldap.5.xml:1012 #, no-wrap msgid "" "hostname@REALM\n" @@ -6382,7 +6399,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:992 +#: sssd-ldap.5.xml:1003 msgid "" "Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " "this represents the Kerberos principal used for authentication to the " @@ -6394,17 +6411,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1012 +#: sssd-ldap.5.xml:1023 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1018 +#: sssd-ldap.5.xml:1029 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1032 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6412,49 +6429,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1038 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 +#: sssd-ldap.5.xml:1044 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 +#: sssd-ldap.5.xml:1047 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1041 +#: sssd-ldap.5.xml:1052 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1047 +#: sssd-ldap.5.xml:1058 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1050 +#: sssd-ldap.5.xml:1061 msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 sssd-krb5.5.xml:247 +#: sssd-ldap.5.xml:1070 sssd-krb5.5.xml:247 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 +#: sssd-ldap.5.xml:1076 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 +#: sssd-ldap.5.xml:1079 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -6462,28 +6479,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1080 +#: sssd-ldap.5.xml:1091 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1094 msgid "" "Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1092 sssd-ad.5.xml:1253 +#: sssd-ldap.5.xml:1103 sssd-ad.5.xml:1256 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1098 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1109 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1101 +#: sssd-ldap.5.xml:1112 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6495,7 +6512,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1113 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1124 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6503,7 +6520,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1118 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1129 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -6511,39 +6528,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1127 sssd-ipa.5.xml:531 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1138 sssd-ipa.5.xml:595 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1130 +#: sssd-ldap.5.xml:1141 msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1134 +#: sssd-ldap.5.xml:1145 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1140 include/krb5_options.xml:154 +#: sssd-ldap.5.xml:1151 include/krb5_options.xml:154 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1143 +#: sssd-ldap.5.xml:1154 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1155 sssd-krb5.5.xml:336 +#: sssd-ldap.5.xml:1166 sssd-krb5.5.xml:336 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1158 sssd-krb5.5.xml:339 +#: sssd-ldap.5.xml:1169 sssd-krb5.5.xml:339 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -6553,7 +6570,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 sssd-krb5.5.xml:350 +#: sssd-ldap.5.xml:1180 sssd-krb5.5.xml:350 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -6561,26 +6578,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1183 +#: sssd-ldap.5.xml:1194 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1186 +#: sssd-ldap.5.xml:1197 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1202 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1196 +#: sssd-ldap.5.xml:1207 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -6589,7 +6606,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1204 +#: sssd-ldap.5.xml:1215 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -6597,31 +6614,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1213 +#: sssd-ldap.5.xml:1224 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1232 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1235 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 +#: sssd-ldap.5.xml:1239 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1233 +#: sssd-ldap.5.xml:1244 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6634,51 +6651,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1263 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1255 +#: sssd-ldap.5.xml:1266 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1259 +#: sssd-ldap.5.xml:1270 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1265 +#: sssd-ldap.5.xml:1276 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1279 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 +#: sssd-ldap.5.xml:1284 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1290 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 +#: sssd-ldap.5.xml:1293 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1288 +#: sssd-ldap.5.xml:1299 msgid "" "It is recommend to set this option explicitly if \"ldap_pwd_policy = " "shadow\" is used to let SSSD know if the LDAP server will update " @@ -6687,12 +6704,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1313 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1305 +#: sssd-ldap.5.xml:1316 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6708,12 +6725,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1336 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1328 +#: sssd-ldap.5.xml:1339 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6722,14 +6739,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1332 +#: sssd-ldap.5.xml:1343 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 +#: sssd-ldap.5.xml:1348 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6738,24 +6755,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1345 sssd-ldap.5.xml:1401 +#: sssd-ldap.5.xml:1356 sssd-ldap.5.xml:1412 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1351 +#: sssd-ldap.5.xml:1362 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1354 +#: sssd-ldap.5.xml:1365 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1358 +#: sssd-ldap.5.xml:1369 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6763,19 +6780,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1365 +#: sssd-ldap.5.xml:1376 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1368 +#: sssd-ldap.5.xml:1379 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1373 +#: sssd-ldap.5.xml:1384 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6784,7 +6801,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1380 +#: sssd-ldap.5.xml:1391 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6792,7 +6809,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1386 +#: sssd-ldap.5.xml:1397 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6801,7 +6818,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1394 +#: sssd-ldap.5.xml:1405 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6809,22 +6826,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1407 +#: sssd-ldap.5.xml:1418 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1410 sssd-ipa.5.xml:356 +#: sssd-ldap.5.xml:1421 sssd-ipa.5.xml:420 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 +#: sssd-ldap.5.xml:1425 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1417 +#: sssd-ldap.5.xml:1428 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6834,14 +6851,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1427 +#: sssd-ldap.5.xml:1438 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1434 +#: sssd-ldap.5.xml:1445 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6854,12 +6871,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1451 +#: sssd-ldap.5.xml:1462 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 sssd-ipa.5.xml:364 +#: sssd-ldap.5.xml:1466 sssd-ipa.5.xml:428 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6869,31 +6886,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1465 sssd-ipa.5.xml:374 +#: sssd-ldap.5.xml:1476 sssd-ipa.5.xml:438 msgid "" "The difference between these options is the action taken if user password is " "expired:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1470 sssd-ipa.5.xml:379 +#: sssd-ldap.5.xml:1481 sssd-ipa.5.xml:443 msgid "pwd_expire_policy_reject - user is denied to log in," msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1476 sssd-ipa.5.xml:385 +#: sssd-ldap.5.xml:1487 sssd-ipa.5.xml:449 msgid "pwd_expire_policy_warn - user is still able to log in," msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1482 sssd-ipa.5.xml:391 +#: sssd-ldap.5.xml:1493 sssd-ipa.5.xml:455 msgid "" "pwd_expire_policy_renew - user is prompted to change their password " "immediately." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1490 +#: sssd-ldap.5.xml:1501 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to shadow or mit_kerberos, these " @@ -6901,50 +6918,50 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1507 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1501 +#: sssd-ldap.5.xml:1512 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1505 +#: sssd-ldap.5.xml:1516 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1520 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1514 +#: sssd-ldap.5.xml:1525 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1528 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1524 +#: sssd-ldap.5.xml:1535 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 +#: sssd-ldap.5.xml:1538 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6953,74 +6970,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:1546 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1538 +#: sssd-ldap.5.xml:1549 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1555 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1558 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1563 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1556 +#: sssd-ldap.5.xml:1567 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1561 +#: sssd-ldap.5.xml:1572 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1566 +#: sssd-ldap.5.xml:1577 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 +#: sssd-ldap.5.xml:1582 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1579 +#: sssd-ldap.5.xml:1590 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1593 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1586 +#: sssd-ldap.5.xml:1597 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -7031,7 +7048,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1597 +#: sssd-ldap.5.xml:1608 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -7039,58 +7056,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1609 sssd-ifp.5.xml:152 +#: sssd-ldap.5.xml:1620 sssd-ifp.5.xml:152 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1612 +#: sssd-ldap.5.xml:1623 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1616 +#: sssd-ldap.5.xml:1627 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1631 msgid "Default: 1000 (often the size of one page)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1626 +#: sssd-ldap.5.xml:1637 msgid "ldap_library_debug_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1629 +#: sssd-ldap.5.xml:1640 msgid "" "Switches on libldap debugging with the given level. The libldap debug " "messages will be written independent of the general debug_level." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1634 +#: sssd-ldap.5.xml:1645 msgid "" "OpenLDAP uses a bitmap to enable debugging for specific components, -1 will " "enable full debug output." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1639 +#: sssd-ldap.5.xml:1650 msgid "Default: 0 (libldap debugging disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1645 +#: sssd-ldap.5.xml:1656 msgid "ldap_use_ppolicy (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1659 msgid "" "Turns on requesting and relying on the server-side password policy controls. " "Disabling this allows interacting with services which send back invalid " @@ -7098,12 +7115,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1671 msgid "ldap_ppolicy_pwd_change_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1663 +#: sssd-ldap.5.xml:1674 msgid "" "Forces a password change when server side password policy controls are " "enabled and remaining grace logins returned by the server after the " @@ -7126,12 +7143,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1683 +#: sssd-ldap.5.xml:1694 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1685 +#: sssd-ldap.5.xml:1696 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -7139,43 +7156,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 +#: sssd-ldap.5.xml:1707 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 +#: sssd-ldap.5.xml:1710 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1715 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1709 +#: sssd-ldap.5.xml:1720 msgid "" "You can disable full refresh by setting this option to 0. However, either " "smart or full refresh must be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1725 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1720 +#: sssd-ldap.5.xml:1731 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1734 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest " @@ -7183,14 +7200,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1740 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1733 +#: sssd-ldap.5.xml:1744 msgid "" "<emphasis>Note:</emphasis> the highest USN value can be updated by three " "tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " @@ -7200,19 +7217,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1744 +#: sssd-ldap.5.xml:1755 msgid "" "You can disable smart refresh by setting this option to 0. However, either " "smart or full refresh must be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1755 +#: sssd-ldap.5.xml:1766 msgid "ldap_sudo_random_offset (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1758 +#: sssd-ldap.5.xml:1769 msgid "" "Random offset between 0 and configured value is added to smart and full " "refresh periods each time the periodic task is scheduled. The value is in " @@ -7220,7 +7237,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 +#: sssd-ldap.5.xml:1775 msgid "" "Note that this random offset is also applied on the first SSSD start which " "delays the first sudo rules refresh. This prolongs the time when the sudo " @@ -7228,106 +7245,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1770 +#: sssd-ldap.5.xml:1781 msgid "You can disable this offset by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1780 +#: sssd-ldap.5.xml:1791 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1794 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1794 +#: sssd-ldap.5.xml:1805 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1797 +#: sssd-ldap.5.xml:1808 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1813 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1807 sssd-ldap.5.xml:1830 sssd-ldap.5.xml:1848 -#: sssd-ldap.5.xml:1866 +#: sssd-ldap.5.xml:1818 sssd-ldap.5.xml:1841 sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1877 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1812 sssd-ldap.5.xml:1835 +#: sssd-ldap.5.xml:1823 sssd-ldap.5.xml:1846 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1818 +#: sssd-ldap.5.xml:1829 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1821 +#: sssd-ldap.5.xml:1832 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1826 +#: sssd-ldap.5.xml:1837 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1841 +#: sssd-ldap.5.xml:1852 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1855 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1870 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1862 +#: sssd-ldap.5.xml:1873 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:1872 +#: sssd-ldap.5.xml:1883 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1884 +#: sssd-ldap.5.xml:1895 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7336,59 +7353,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1894 +#: sssd-ldap.5.xml:1905 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1896 +#: sssd-ldap.5.xml:1907 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1913 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1905 +#: sssd-ldap.5.xml:1916 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1919 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1919 +#: sssd-ldap.5.xml:1930 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1926 +#: sssd-ldap.5.xml:1937 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1931 +#: sssd-ldap.5.xml:1942 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1936 +#: sssd-ldap.5.xml:1947 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:1941 +#: sssd-ldap.5.xml:1952 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:1943 +#: sssd-ldap.5.xml:1954 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -7397,22 +7414,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:1950 +#: sssd-ldap.5.xml:1961 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:1963 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1968 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1921 +#: sssd-ldap.5.xml:1932 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -7421,14 +7438,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1972 sssd-simple.5.xml:131 sssd-ipa.5.xml:930 -#: sssd-ad.5.xml:1392 sssd-krb5.5.xml:483 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:1983 sssd-simple.5.xml:131 sssd-ipa.5.xml:994 +#: sssd-ad.5.xml:1459 sssd-krb5.5.xml:483 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:155 sssd-session-recording.5.xml:176 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1974 +#: sssd-ldap.5.xml:1985 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -7436,7 +7453,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1980 +#: sssd-ldap.5.xml:1991 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7449,27 +7466,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:1979 sssd-ldap.5.xml:1997 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:938 sssd-ad.5.xml:1400 sssd-sudo.5.xml:56 sssd-krb5.5.xml:492 -#: sssd-files.5.xml:162 sssd-files.5.xml:173 sssd-session-recording.5.xml:182 -#: include/ldap_id_mapping.xml:105 +#: sssd-ldap.5.xml:1990 sssd-ldap.5.xml:2008 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:1002 sssd-ad.5.xml:1467 sssd-sudo.5.xml:56 +#: sssd-krb5.5.xml:492 sssd-files.5.xml:162 sssd-files.5.xml:173 +#: sssd-session-recording.5.xml:182 include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1991 +#: sssd-ldap.5.xml:2002 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1993 +#: sssd-ldap.5.xml:2004 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1998 +#: sssd-ldap.5.xml:2009 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7485,13 +7502,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2013 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1415 sssd.8.xml:270 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2024 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1482 sssd.8.xml:270 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2015 +#: sssd-ldap.5.xml:2026 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -9730,7 +9747,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 sssd-ad.5.xml:1182 +#: sssd-ipa.5.xml:129 sssd-ad.5.xml:1185 msgid "dyndns_update (boolean)" msgstr "" @@ -9745,7 +9762,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:141 sssd-ad.5.xml:1196 +#: sssd-ipa.5.xml:141 sssd-ad.5.xml:1199 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -9760,12 +9777,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:158 sssd-ad.5.xml:1207 +#: sssd-ipa.5.xml:158 sssd-ad.5.xml:1210 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:161 sssd-ad.5.xml:1210 +#: sssd-ipa.5.xml:161 sssd-ad.5.xml:1213 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -9786,12 +9803,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:178 sssd-ad.5.xml:1221 +#: sssd-ipa.5.xml:178 sssd-ad.5.xml:1224 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:181 sssd-ad.5.xml:1224 +#: sssd-ipa.5.xml:181 sssd-ad.5.xml:1227 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -9815,17 +9832,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:198 sssd-ad.5.xml:1235 +#: sssd-ipa.5.xml:198 sssd-ad.5.xml:1238 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:204 sssd-ad.5.xml:1291 +#: sssd-ipa.5.xml:204 sssd-ad.5.xml:1294 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:207 sssd-ad.5.xml:1294 +#: sssd-ipa.5.xml:207 sssd-ad.5.xml:1297 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -9833,17 +9850,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:213 sssd-ad.5.xml:1300 +#: sssd-ipa.5.xml:213 sssd-ad.5.xml:1303 msgid "Default: GSS-TSIG" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:219 sssd-ad.5.xml:1306 +#: sssd-ipa.5.xml:219 sssd-ad.5.xml:1309 msgid "dyndns_auth_ptr (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:222 sssd-ad.5.xml:1309 +#: sssd-ipa.5.xml:222 sssd-ad.5.xml:1312 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "PTR updates with the DNS server, insecure updates can be sent by setting " @@ -9851,7 +9868,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:228 sssd-ad.5.xml:1315 +#: sssd-ipa.5.xml:228 sssd-ad.5.xml:1318 msgid "Default: Same as dyndns_auth" msgstr "" @@ -9878,7 +9895,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1241 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1244 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -9891,12 +9908,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:276 sssd-ad.5.xml:1259 +#: sssd-ipa.5.xml:276 sssd-ad.5.xml:1262 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 sssd-ad.5.xml:1262 +#: sssd-ipa.5.xml:279 sssd-ad.5.xml:1265 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -9910,7 +9927,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:290 sssd-ad.5.xml:1267 +#: sssd-ipa.5.xml:290 sssd-ad.5.xml:1270 msgid "" "Note that <emphasis>dyndns_update_per_family</emphasis> parameter does not " "apply for PTR record updates. Those updates are always sent separately." @@ -9922,60 +9939,77 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1278 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1281 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:304 sssd-ad.5.xml:1281 +#: sssd-ipa.5.xml:304 sssd-ad.5.xml:1284 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:308 sssd-ad.5.xml:1285 +#: sssd-ipa.5.xml:308 sssd-ad.5.xml:1288 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:314 sssd-ad.5.xml:1321 +#: sssd-ipa.5.xml:314 sssd-ad.5.xml:1324 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1324 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1327 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 sssd-ad.5.xml:1329 +#: sssd-ipa.5.xml:322 sssd-ad.5.xml:1332 msgid "" "Setting this option makes sense for environments where the DNS server is " -"different from the identity server." +"different from the identity server or when we use encrypted DNS." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:327 sssd-ad.5.xml:1337 +msgid "" +"The parameter can be a simple string containing DNS name or IP address. It " +"can also be an URI. The URI can look like <emphasis>dns://servername/</" +"emphasis> or <emphasis>dns+tls://1.2.3.4:853#servername/</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:334 sssd-ad.5.xml:1344 +msgid "" +"The second example enables DNS-over-TLS protocol for DNS updates. The " +"nsupdate utility must support DoT - check the <emphasis>man nsupdate</" +"emphasis> before enabling it in SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:327 sssd-ad.5.xml:1334 +#: sssd-ipa.5.xml:340 sssd-ad.5.xml:1350 msgid "" "Please note that this option will be only used in fallback attempt when " -"previous attempt using autodetected settings failed." +"previous attempt using autodetected settings failed or when DNS-over-TLS is " +"enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:332 sssd-ad.5.xml:1339 +#: sssd-ipa.5.xml:346 sssd-ad.5.xml:1356 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:338 sssd-ad.5.xml:1345 +#: sssd-ipa.5.xml:352 sssd-ad.5.xml:1362 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:341 sssd-ad.5.xml:1348 +#: sssd-ipa.5.xml:355 sssd-ad.5.xml:1365 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -9983,177 +10017,233 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:353 +#: sssd-ipa.5.xml:367 sssd-ad.5.xml:1377 +msgid "dyndns_dot_cacert (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:370 sssd-ad.5.xml:1380 +msgid "" +"This option specifies the file of the certificate authorities certificates " +"(in PEM format) in order to verify the remote server TLS certificate when " +"using DoT." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:376 sssd-ad.5.xml:1386 +msgid "Default: None (use global certificate store)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:382 sssd-ad.5.xml:1392 +msgid "dyndns_dot_cert (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:385 sssd-ad.5.xml:1395 +msgid "" +"This option sets the certificate(s) file for authentication for the DoT " +"transport to the remote server. The certificate chain file is expected to be " +"in PEM format." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:391 sssd-ad.5.xml:1401 +msgid "" +"The <emphasis>dyndns_dot_cert</emphasis> and <emphasis>dyndns_dot_key</" +"emphasis> options must be both set to achieve mutual TLS authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:396 sssd-ipa.5.xml:411 sssd-ad.5.xml:1406 sssd-ad.5.xml:1421 +msgid "Default: None (Do not use TLS authentication)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:402 sssd-ad.5.xml:1412 +msgid "dyndns_dot_key (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:405 sssd-ad.5.xml:1415 +msgid "" +"This option sets the key file for authenticated encryption for the DoT " +"transport to the remote server. The private key file is expected to be in " +"PEM format." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:417 msgid "ipa_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:360 +#: sssd-ipa.5.xml:424 msgid "<emphasis>expire</emphasis>: use IPA's account expiration policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:399 +#: sssd-ipa.5.xml:463 msgid "" "Please note that 'access_provider = ipa' must be set for this feature to " "work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:406 +#: sssd-ipa.5.xml:470 msgid "ipa_deskprofile_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:409 +#: sssd-ipa.5.xml:473 msgid "" "Optional. Use the given string as search base for Desktop Profile related " "objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:413 sssd-ipa.5.xml:440 +#: sssd-ipa.5.xml:477 sssd-ipa.5.xml:504 msgid "Default: Use base DN" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:419 +#: sssd-ipa.5.xml:483 msgid "ipa_subid_ranges_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:422 +#: sssd-ipa.5.xml:486 msgid "" "Optional. Use the given string as search base for subordinate ranges related " "objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:426 +#: sssd-ipa.5.xml:490 msgid "Default: the value of <emphasis>cn=subids,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:433 +#: sssd-ipa.5.xml:497 msgid "ipa_hbac_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:436 +#: sssd-ipa.5.xml:500 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:446 +#: sssd-ipa.5.xml:510 msgid "ipa_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:449 +#: sssd-ipa.5.xml:513 msgid "Deprecated. Use ldap_host_search_base instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:455 +#: sssd-ipa.5.xml:519 msgid "ipa_selinux_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:458 +#: sssd-ipa.5.xml:522 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:474 +#: sssd-ipa.5.xml:538 msgid "ipa_subdomains_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:477 +#: sssd-ipa.5.xml:541 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 +#: sssd-ipa.5.xml:550 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:493 +#: sssd-ipa.5.xml:557 msgid "ipa_master_domain_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:496 +#: sssd-ipa.5.xml:560 msgid "Optional. Use the given string as search base for master domain object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:505 +#: sssd-ipa.5.xml:569 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 +#: sssd-ipa.5.xml:576 msgid "ipa_views_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 +#: sssd-ipa.5.xml:579 msgid "Optional. Use the given string as search base for views containers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:524 +#: sssd-ipa.5.xml:588 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:534 +#: sssd-ipa.5.xml:598 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:538 +#: sssd-ipa.5.xml:602 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:546 sssd-ad.5.xml:1363 +#: sssd-ipa.5.xml:610 sssd-ad.5.xml:1430 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:549 sssd-ad.5.xml:1366 +#: sssd-ipa.5.xml:613 sssd-ad.5.xml:1433 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:553 sssd-ad.5.xml:1370 +#: sssd-ipa.5.xml:617 sssd-ad.5.xml:1437 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:557 sssd-ad.5.xml:1374 +#: sssd-ipa.5.xml:621 sssd-ad.5.xml:1441 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:564 +#: sssd-ipa.5.xml:628 msgid "ipa_deskprofile_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:567 +#: sssd-ipa.5.xml:631 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server. This will reduce the latency and load on the IPA server if there " @@ -10161,34 +10251,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:574 sssd-ipa.5.xml:604 sssd-ipa.5.xml:620 sssd-ad.5.xml:600 +#: sssd-ipa.5.xml:638 sssd-ipa.5.xml:668 sssd-ipa.5.xml:684 sssd-ad.5.xml:600 msgid "Default: 5 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:580 +#: sssd-ipa.5.xml:644 msgid "ipa_deskprofile_request_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:583 +#: sssd-ipa.5.xml:647 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server in case the last request did not return any rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:588 +#: sssd-ipa.5.xml:652 msgid "Default: 60 (minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:594 +#: sssd-ipa.5.xml:658 msgid "ipa_hbac_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:597 +#: sssd-ipa.5.xml:661 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -10196,12 +10286,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:610 +#: sssd-ipa.5.xml:674 msgid "ipa_hbac_selinux (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:613 +#: sssd-ipa.5.xml:677 msgid "" "The amount of time between lookups of the SELinux maps against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -10209,33 +10299,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:626 +#: sssd-ipa.5.xml:690 msgid "ipa_server_mode (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:629 +#: sssd-ipa.5.xml:693 msgid "" "This option will be set by the IPA installer (ipa-server-install) " "automatically and denotes if SSSD is running on an IPA server or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:634 +#: sssd-ipa.5.xml:698 msgid "" "On an IPA server SSSD will lookup users and groups from trusted domains " "directly while on a client it will ask an IPA server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:639 +#: sssd-ipa.5.xml:703 msgid "" "NOTE: There are currently some assumptions that must be met when SSSD is " "running on an IPA server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:644 +#: sssd-ipa.5.xml:708 msgid "" "The <quote>ipa_server</quote> option must be configured to point to the IPA " "server itself. This is already the default set by the IPA installer, so no " @@ -10243,59 +10333,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:653 +#: sssd-ipa.5.xml:717 msgid "" "The <quote>full_name_format</quote> option must not be tweaked to only print " "short names for users from trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:668 +#: sssd-ipa.5.xml:732 msgid "ipa_automount_location (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:671 +#: sssd-ipa.5.xml:735 msgid "The automounter location this IPA client will be using" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:674 +#: sssd-ipa.5.xml:738 msgid "Default: The location named \"default\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:682 +#: sssd-ipa.5.xml:746 msgid "VIEWS AND OVERRIDES" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:691 +#: sssd-ipa.5.xml:755 msgid "ipa_view_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:694 +#: sssd-ipa.5.xml:758 msgid "Objectclass of the view container." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:697 +#: sssd-ipa.5.xml:761 msgid "Default: nsContainer" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:703 +#: sssd-ipa.5.xml:767 msgid "ipa_view_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:706 +#: sssd-ipa.5.xml:770 msgid "Name of the attribute holding the name of the view." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:710 sssd-ldap-attributes.5.xml:496 +#: sssd-ipa.5.xml:774 sssd-ldap-attributes.5.xml:496 #: sssd-ldap-attributes.5.xml:832 sssd-ldap-attributes.5.xml:913 #: sssd-ldap-attributes.5.xml:1010 sssd-ldap-attributes.5.xml:1068 #: sssd-ldap-attributes.5.xml:1226 sssd-ldap-attributes.5.xml:1271 @@ -10303,128 +10393,128 @@ msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:716 +#: sssd-ipa.5.xml:780 msgid "ipa_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:719 +#: sssd-ipa.5.xml:783 msgid "Objectclass of the override objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:722 +#: sssd-ipa.5.xml:786 msgid "Default: ipaOverrideAnchor" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:728 +#: sssd-ipa.5.xml:792 msgid "ipa_anchor_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:731 +#: sssd-ipa.5.xml:795 msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:735 +#: sssd-ipa.5.xml:799 msgid "Default: ipaAnchorUUID" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:741 +#: sssd-ipa.5.xml:805 msgid "ipa_user_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:744 +#: sssd-ipa.5.xml:808 msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:749 +#: sssd-ipa.5.xml:813 msgid "User overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:752 +#: sssd-ipa.5.xml:816 msgid "ldap_user_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:755 +#: sssd-ipa.5.xml:819 msgid "ldap_user_uid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:758 +#: sssd-ipa.5.xml:822 msgid "ldap_user_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:761 +#: sssd-ipa.5.xml:825 msgid "ldap_user_gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:764 +#: sssd-ipa.5.xml:828 msgid "ldap_user_home_directory" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:767 +#: sssd-ipa.5.xml:831 msgid "ldap_user_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:770 +#: sssd-ipa.5.xml:834 msgid "ldap_user_ssh_public_key" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:775 +#: sssd-ipa.5.xml:839 msgid "Default: ipaUserOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:781 +#: sssd-ipa.5.xml:845 msgid "ipa_group_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:784 +#: sssd-ipa.5.xml:848 msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:789 +#: sssd-ipa.5.xml:853 msgid "Group overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:792 +#: sssd-ipa.5.xml:856 msgid "ldap_group_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:795 +#: sssd-ipa.5.xml:859 msgid "ldap_group_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:800 +#: sssd-ipa.5.xml:864 msgid "Default: ipaGroupOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:684 +#: sssd-ipa.5.xml:748 msgid "" "SSSD can handle views and overrides which are offered by FreeIPA 4.1 and " "later version. Since all paths and objectclasses are fixed on the server " @@ -10434,19 +10524,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:812 +#: sssd-ipa.5.xml:876 msgid "SUBDOMAINS PROVIDER" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:814 +#: sssd-ipa.5.xml:878 msgid "" "The IPA subdomains provider behaves slightly differently if it is configured " "explicitly or implicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:818 +#: sssd-ipa.5.xml:882 msgid "" "If the option 'subdomains_provider = ipa' is found in the domain section of " "sssd.conf, the IPA subdomains provider is configured explicitly, and all " @@ -10454,7 +10544,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:824 +#: sssd-ipa.5.xml:888 msgid "" "If the option 'subdomains_provider' is not set in the domain section of sssd." "conf but there is the option 'id_provider = ipa', the IPA subdomains " @@ -10466,12 +10556,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:835 +#: sssd-ipa.5.xml:899 msgid "TRUSTED DOMAINS CONFIGURATION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:843 +#: sssd-ipa.5.xml:907 #, no-wrap msgid "" "[domain/ipa.domain.com/ad.domain.com]\n" @@ -10479,7 +10569,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:837 +#: sssd-ipa.5.xml:901 msgid "" "Some configuration options can also be set for a trusted domain. A trusted " "domain configuration can be set using the trusted domain subsection as shown " @@ -10489,80 +10579,80 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:848 +#: sssd-ipa.5.xml:912 msgid "" "For more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:855 +#: sssd-ipa.5.xml:919 msgid "" "Different configuration options are tunable for a trusted domain depending " "on whether you are configuring SSSD on an IPA server or an IPA client." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:860 +#: sssd-ipa.5.xml:924 msgid "OPTIONS TUNABLE ON IPA MASTERS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:862 +#: sssd-ipa.5.xml:926 msgid "" "The following options can be set in a subdomain section on an IPA master:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:866 sssd-ipa.5.xml:896 +#: sssd-ipa.5.xml:930 sssd-ipa.5.xml:960 msgid "ad_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:869 +#: sssd-ipa.5.xml:933 msgid "ad_backup_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:872 sssd-ipa.5.xml:899 +#: sssd-ipa.5.xml:936 sssd-ipa.5.xml:963 msgid "ad_site" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:875 +#: sssd-ipa.5.xml:939 msgid "ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:878 +#: sssd-ipa.5.xml:942 msgid "ldap_user_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:881 +#: sssd-ipa.5.xml:945 msgid "ldap_group_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:890 +#: sssd-ipa.5.xml:954 msgid "OPTIONS TUNABLE ON IPA CLIENTS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:892 +#: sssd-ipa.5.xml:956 msgid "" "The following options can be set in a subdomain section on an IPA client:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:904 +#: sssd-ipa.5.xml:968 msgid "" "Note that if both options are set, only <quote>ad_server</quote> is " "evaluated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:908 +#: sssd-ipa.5.xml:972 msgid "" "Since any request for a user or a group identity from a trusted domain " "triggered from an IPA client is resolved by the IPA server, the " @@ -10576,7 +10666,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:932 +#: sssd-ipa.5.xml:996 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10584,7 +10674,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:939 +#: sssd-ipa.5.xml:1003 #, no-wrap msgid "" "[domain/example.com]\n" @@ -11710,6 +11800,11 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:1136 +msgid "This option is deprecated." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1139 msgid "" "If this option is set to <quote>true</quote> SSSD will not filter out Domain " "Local groups from remote domains in the AD forest. By default they are " @@ -11720,7 +11815,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1146 +#: sssd-ad.5.xml:1149 msgid "" "Please note that setting this option to <quote>true</quote> will be against " "the intention of Domain Local group in Active Directory and <emphasis>SHOULD " @@ -11735,7 +11830,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1162 +#: sssd-ad.5.xml:1165 msgid "" "Given the comments above, if this option is set to <quote>true</quote> the " "tokenGroups request must be disabled by setting <quote>ldap_use_tokengroups</" @@ -11747,7 +11842,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1185 +#: sssd-ad.5.xml:1188 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -11758,19 +11853,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1215 +#: sssd-ad.5.xml:1218 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1231 +#: sssd-ad.5.xml:1234 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1244 +#: sssd-ad.5.xml:1247 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -11780,7 +11875,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1394 +#: sssd-ad.5.xml:1461 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -11788,7 +11883,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1401 +#: sssd-ad.5.xml:1468 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -11803,7 +11898,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1421 +#: sssd-ad.5.xml:1488 #, no-wrap msgid "" "access_provider = ldap\n" @@ -11812,7 +11907,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1417 +#: sssd-ad.5.xml:1484 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -11820,7 +11915,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1427 +#: sssd-ad.5.xml:1494 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -11830,7 +11925,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1435 +#: sssd-ad.5.xml:1502 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -17389,7 +17484,7 @@ msgstr "" #: include/ldap_id_mapping.xml:67 msgid "" "The SSSD ID-mapping algorithm takes a range of available UIDs and divides it " -"into equally-sized component sections - called \"slices\"-. Each slice " +"into equally-sized component sections - called \"slices\". Each slice " "represents the space available to an Active Directory domain." msgstr "" @@ -17534,7 +17629,7 @@ msgid "" "For example, if your most recently-added Active Directory user has " "objectSid=S-1-5-21-2153326666-2176343378-3404031434-1107, " "<quote>ldap_idmap_range_size</quote> must be at least 1108 as range size is " -"equal to maximal SID minus minimal SID plus one (e.g. 1108 = 1107 - 0 + 1)." +"equal to maximal RID minus minimal RID plus one (e.g. 1108 = 1107 - 0 + 1)." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> diff --git a/src/man/po/ru.po b/src/man/po/ru.po index f94c9e15a03..ee55452ae42 100644 --- a/src/man/po/ru.po +++ b/src/man/po/ru.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 2.3.0\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2024-10-15 11:44+0200\n" +"POT-Creation-Date: 2024-12-10 14:33+0100\n" "PO-Revision-Date: 2024-09-24 08:39+0000\n" "Last-Translator: Elena Mishina <lepata@basealt.ru>\n" "Language-Team: Russian <https://translate.fedoraproject.org/projects/sssd/" @@ -136,21 +136,26 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:60 +#, fuzzy +#| msgid "" +#| "<filename>sssd.conf</filename> must be a regular file that is owned, " +#| "readable, and writeable by the same user as configured to run SSSD " +#| "service." msgid "" -"<filename>sssd.conf</filename> must be a regular file that is owned, " -"readable, and writeable by the same user as configured to run SSSD service." +"<filename>sssd.conf</filename> must be a regular file that is accessible " +"only by the user used to run SSSD service or root." msgstr "" "<filename>sssd.conf</filename> должен быть обычным файлом, который должен " "принадлежать и быть доступен для чтения и записи пользователю, который " "настроен для запуска службы SSSD." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:67 +#: sssd.conf.5.xml:66 msgid "CONFIGURATION SNIPPETS FROM INCLUDE DIRECTORY" msgstr "ФРАГМЕНТЫ КОНФИГУРАЦИИ ИЗ КАТАЛОГА ВКЛЮЧЕНИЯ" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:70 +#: sssd.conf.5.xml:69 msgid "" "The configuration file <filename>sssd.conf</filename> will include " "configuration snippets using the include directory <filename>conf.d</" @@ -160,7 +165,7 @@ msgstr "" "конфигурации из каталога <filename>conf.d</filename>." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:76 +#: sssd.conf.5.xml:75 msgid "" "Any file placed in <filename>conf.d</filename> that ends in " "<quote><filename>.conf</filename></quote> and does not begin with a dot " @@ -173,7 +178,7 @@ msgstr "" "SSSD вместе с файлом <filename>sssd.conf</filename>." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:84 +#: sssd.conf.5.xml:83 msgid "" "The configuration snippets from <filename>conf.d</filename> have higher " "priority than <filename>sssd.conf</filename> and will override " @@ -195,7 +200,7 @@ msgstr "" "визуализировать приоритет (чем больше число, тем выше приоритет)." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:98 +#: sssd.conf.5.xml:97 msgid "" "The snippet files require the same owner and permissions as <filename>sssd." "conf</filename>." @@ -204,32 +209,32 @@ msgstr "" "файл <filename>sssd.conf</filename>." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:104 +#: sssd.conf.5.xml:103 msgid "GENERAL OPTIONS" msgstr "ОБЩИЕ ПАРАМЕТРЫ" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:106 +#: sssd.conf.5.xml:105 msgid "Following options are usable in more than one configuration sections." msgstr "Следующие параметры используются в нескольких разделах конфигурации." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:110 +#: sssd.conf.5.xml:109 msgid "Options usable in all sections" msgstr "Параметры, используемые во всех разделах" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:114 +#: sssd.conf.5.xml:113 msgid "debug_level (integer)" msgstr "debug_level (целое число)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:118 +#: sssd.conf.5.xml:117 msgid "debug (integer)" msgstr "debug (целое число)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:121 +#: sssd.conf.5.xml:120 msgid "" "SSSD 1.14 and later also includes the <replaceable>debug</replaceable> alias " "for <replaceable>debug_level</replaceable> as a convenience feature. If both " @@ -242,12 +247,12 @@ msgstr "" "использовано значение <replaceable>debug_level</replaceable>." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:131 +#: sssd.conf.5.xml:130 msgid "debug_timestamps (bool)" msgstr "debug_timestamps (логическое значение)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:134 +#: sssd.conf.5.xml:133 msgid "" "Add a timestamp to the debug messages. If journald is enabled for SSSD " "debug logging this option is ignored." @@ -256,23 +261,23 @@ msgstr "" "отладки SSSD включена служба journald, этот параметр будет игнорироваться." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 sssd.conf.5.xml:176 sssd.conf.5.xml:338 -#: sssd.conf.5.xml:698 sssd.conf.5.xml:713 sssd.conf.5.xml:923 -#: sssd.conf.5.xml:1041 sssd.conf.5.xml:2169 sssd-ldap.5.xml:920 -#: sssd-ldap.5.xml:1074 sssd-ldap.5.xml:1177 sssd-ldap.5.xml:1246 -#: sssd-ldap.5.xml:1654 sssd-ldap.5.xml:1788 sssd-ldap.5.xml:1853 -#: sssd-ipa.5.xml:347 sssd-ad.5.xml:252 sssd-ad.5.xml:367 sssd-ad.5.xml:1201 -#: sssd-ad.5.xml:1354 sssd-krb5.5.xml:358 +#: sssd.conf.5.xml:138 sssd.conf.5.xml:175 sssd.conf.5.xml:337 +#: sssd.conf.5.xml:701 sssd.conf.5.xml:716 sssd.conf.5.xml:926 +#: sssd.conf.5.xml:1044 sssd.conf.5.xml:2172 sssd-ldap.5.xml:931 +#: sssd-ldap.5.xml:1085 sssd-ldap.5.xml:1188 sssd-ldap.5.xml:1257 +#: sssd-ldap.5.xml:1665 sssd-ldap.5.xml:1799 sssd-ldap.5.xml:1864 +#: sssd-ipa.5.xml:361 sssd-ad.5.xml:252 sssd-ad.5.xml:367 sssd-ad.5.xml:1204 +#: sssd-ad.5.xml:1371 sssd-krb5.5.xml:358 msgid "Default: true" msgstr "По умолчанию: true" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:144 +#: sssd.conf.5.xml:143 msgid "debug_microseconds (bool)" msgstr "debug_microseconds (логическое значение)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:147 +#: sssd.conf.5.xml:146 msgid "" "Add microseconds to the timestamp in debug messages. If journald is enabled " "for SSSD debug logging this option is ignored." @@ -282,27 +287,27 @@ msgstr "" "игнорироваться." #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:152 sssd.conf.5.xml:636 sssd.conf.5.xml:920 -#: sssd.conf.5.xml:2072 sssd.conf.5.xml:2139 sssd.conf.5.xml:4231 -#: sssd-ldap.5.xml:313 sssd-ldap.5.xml:939 sssd-ldap.5.xml:1149 -#: sssd-ldap.5.xml:1603 sssd-ldap.5.xml:1877 sssd-ipa.5.xml:152 -#: sssd-ipa.5.xml:254 sssd-ipa.5.xml:662 sssd-ad.5.xml:1107 sssd-krb5.5.xml:268 +#: sssd.conf.5.xml:151 sssd.conf.5.xml:639 sssd.conf.5.xml:923 +#: sssd.conf.5.xml:2075 sssd.conf.5.xml:2142 sssd.conf.5.xml:4234 +#: sssd-ldap.5.xml:324 sssd-ldap.5.xml:950 sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1888 sssd-ipa.5.xml:152 +#: sssd-ipa.5.xml:254 sssd-ipa.5.xml:726 sssd-ad.5.xml:1107 sssd-krb5.5.xml:268 #: sssd-krb5.5.xml:330 sssd-krb5.5.xml:432 include/krb5_options.xml:163 msgid "Default: false" msgstr "По умолчанию: false" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:157 +#: sssd.conf.5.xml:156 msgid "debug_backtrace_enabled (bool)" msgstr "debug_backtrace_enabled (логическое значение)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:160 +#: sssd.conf.5.xml:159 msgid "Enable debug backtrace." msgstr "Включить обратную трассировку отладки." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:163 +#: sssd.conf.5.xml:162 msgid "" "In case SSSD is run with debug_level less than 9, everything is logged to a " "ring buffer in memory and flushed to a log file on any error up to and " @@ -318,7 +323,7 @@ msgstr "" "случае — до 2)." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:172 +#: sssd.conf.5.xml:171 msgid "" "Feature is only supported for `logger == files` (i.e. setting doesn't have " "effect for other logger types)." @@ -327,8 +332,8 @@ msgstr "" "на другие типы журнала)." #. type: Content of: outside any tag (error?) -#: sssd.conf.5.xml:112 sssd.conf.5.xml:187 sssd-ldap.5.xml:1694 -#: sssd-ldap.5.xml:1900 sss-certmap.5.xml:645 sssd-systemtap.5.xml:82 +#: sssd.conf.5.xml:111 sssd.conf.5.xml:186 sssd-ldap.5.xml:1705 +#: sssd-ldap.5.xml:1911 sss-certmap.5.xml:645 sssd-systemtap.5.xml:82 #: sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 #: sssd-systemtap.5.xml:330 sssd-ldap-attributes.5.xml:40 #: sssd-ldap-attributes.5.xml:661 sssd-ldap-attributes.5.xml:803 @@ -340,17 +345,17 @@ msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:185 +#: sssd.conf.5.xml:184 msgid "Options usable in SERVICE and DOMAIN sections" msgstr "Параметры, используемые в разделах SERVICE и DOMAIN" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:189 +#: sssd.conf.5.xml:188 msgid "timeout (integer)" msgstr "timeout (целое число)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:192 +#: sssd.conf.5.xml:191 msgid "" "Timeout in seconds between heartbeats for this service. This is used to " "ensure that the process is alive and capable of answering requests. Note " @@ -362,33 +367,33 @@ msgstr "" "завершит свою работу." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:199 sssd.conf.5.xml:1261 sssd.conf.5.xml:1738 -#: sssd.conf.5.xml:4247 sssd-ldap.5.xml:766 include/ldap_id_mapping.xml:270 +#: sssd.conf.5.xml:198 sssd.conf.5.xml:1264 sssd.conf.5.xml:1741 +#: sssd.conf.5.xml:4250 sssd-ldap.5.xml:777 include/ldap_id_mapping.xml:270 msgid "Default: 10" msgstr "По умолчанию: 10" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:209 +#: sssd.conf.5.xml:208 msgid "SPECIAL SECTIONS" msgstr "ОСОБЫЕ РАЗДЕЛЫ" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:212 +#: sssd.conf.5.xml:211 msgid "The [sssd] section" msgstr "Раздел [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><title> -#: sssd.conf.5.xml:221 +#: sssd.conf.5.xml:220 msgid "Section parameters" msgstr "Параметры раздела" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:223 +#: sssd.conf.5.xml:222 msgid "services" msgstr "services" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:226 +#: sssd.conf.5.xml:225 msgid "" "Comma separated list of services that are started when sssd itself starts. " "<phrase condition=\"have_systemd\"> The services' list is optional on " @@ -401,7 +406,7 @@ msgstr "" "необходимости будут активированы с помощью сокета или D-Bus. </phrase>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:235 +#: sssd.conf.5.xml:234 #, fuzzy #| msgid "" #| "Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</" @@ -422,7 +427,7 @@ msgstr "" "condition=\"with_ifp\">, ifp</phrase>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:242 +#: sssd.conf.5.xml:241 msgid "" "<phrase condition=\"have_systemd\"> By default, all services are disabled " "and the administrator must enable the ones allowed to be used by executing: " @@ -433,12 +438,12 @@ msgstr "" "следующей команды: «systemctl enable sssd-@service@.socket». </phrase>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:251 +#: sssd.conf.5.xml:250 msgid "domains" msgstr "domains" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:254 +#: sssd.conf.5.xml:253 msgid "" "A domain is a database containing user information. SSSD can use more " "domains at the same time, but at least one must be configured or SSSD won't " @@ -456,12 +461,12 @@ msgstr "" "Символ «/» использовать нельзя." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:267 sssd.conf.5.xml:3535 +#: sssd.conf.5.xml:266 sssd.conf.5.xml:3538 msgid "re_expression (string)" msgstr "re_expression (строка)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:270 +#: sssd.conf.5.xml:269 msgid "" "Default regular expression that describes how to parse the string containing " "user name and domain into these components." @@ -470,7 +475,7 @@ msgstr "" "содержащей имя пользователя и домен, для выделения этих частей." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:275 +#: sssd.conf.5.xml:274 msgid "" "Each domain can have an individual regular expression configured. For some " "ID providers there are also default regular expressions. See DOMAIN SECTIONS " @@ -482,12 +487,12 @@ msgstr "" "разделе справки «РАЗДЕЛЫ ДОМЕНА»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:284 sssd.conf.5.xml:3592 +#: sssd.conf.5.xml:283 sssd.conf.5.xml:3595 msgid "full_name_format (string)" msgstr "full_name_format (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:3595 +#: sssd.conf.5.xml:286 sssd.conf.5.xml:3598 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -498,32 +503,32 @@ msgstr "" "создания полностью определённого имени из имени пользователя и имени домена." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:298 sssd.conf.5.xml:3606 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:3609 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 sssd.conf.5.xml:3607 +#: sssd.conf.5.xml:298 sssd.conf.5.xml:3610 msgid "user name" msgstr "имя пользователя" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:302 sssd.conf.5.xml:3610 +#: sssd.conf.5.xml:301 sssd.conf.5.xml:3613 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:305 sssd.conf.5.xml:3613 +#: sssd.conf.5.xml:304 sssd.conf.5.xml:3616 msgid "domain name as specified in the SSSD config file." msgstr "имя домена, указанное в файле конфигурации SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:311 sssd.conf.5.xml:3619 +#: sssd.conf.5.xml:310 sssd.conf.5.xml:3622 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:314 sssd.conf.5.xml:3622 +#: sssd.conf.5.xml:313 sssd.conf.5.xml:3625 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." @@ -533,7 +538,7 @@ msgstr "" "доверия IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:295 sssd.conf.5.xml:3603 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:3606 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -542,7 +547,7 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:324 +#: sssd.conf.5.xml:323 msgid "" "Each domain can have an individual format string configured. See DOMAIN " "SECTIONS for more info on this option." @@ -551,12 +556,12 @@ msgstr "" "сведения об этом параметре доступны в разделе справки «РАЗДЕЛЫ ДОМЕНОВ»." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:330 +#: sssd.conf.5.xml:329 msgid "monitor_resolv_conf (boolean)" msgstr "monitor_resolv_conf (логическое значение)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:333 +#: sssd.conf.5.xml:332 msgid "" "Controls if SSSD should monitor the state of resolv.conf to identify when it " "needs to update its internal DNS resolver." @@ -566,12 +571,12 @@ msgstr "" "сопоставителя DNS." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:343 +#: sssd.conf.5.xml:342 msgid "try_inotify (boolean)" msgstr "try_inotify (логическое значение)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:346 +#: sssd.conf.5.xml:345 msgid "" "By default, SSSD will attempt to use inotify to monitor configuration files " "changes and will fall back to polling every five seconds if inotify cannot " @@ -582,7 +587,7 @@ msgstr "" "этого снова будет выполняться опрос каждые пять секунд." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:352 +#: sssd.conf.5.xml:351 msgid "" "There are some limited situations where it is preferred that we should skip " "even trying to use inotify. In these rare cases, this option should be set " @@ -592,7 +597,7 @@ msgstr "" "В таких случаях в этот параметр следует установить значение «false»" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:358 +#: sssd.conf.5.xml:357 msgid "" "Default: true on platforms where inotify is supported. False on other " "platforms." @@ -601,7 +606,7 @@ msgstr "" "других платформах." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:362 +#: sssd.conf.5.xml:361 msgid "" "Note: this option will have no effect on platforms where inotify is " "unavailable. On these platforms, polling will always be used." @@ -611,12 +616,12 @@ msgstr "" "использоваться опрос." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 +#: sssd.conf.5.xml:368 msgid "krb5_rcache_dir (string)" msgstr "krb5_rcache_dir (строка)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 +#: sssd.conf.5.xml:371 msgid "" "Directory on the filesystem where SSSD should store Kerberos replay cache " "files." @@ -625,7 +630,7 @@ msgstr "" "повтора Kerberos." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:376 +#: sssd.conf.5.xml:375 msgid "" "This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " "SSSD to let libkrb5 decide the appropriate location for the replay cache." @@ -635,7 +640,7 @@ msgstr "" "повтора." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:382 +#: sssd.conf.5.xml:381 msgid "" "Default: Distribution-specific and specified at build-time. " "(__LIBKRB5_DEFAULTS__ if not configured)" @@ -644,12 +649,12 @@ msgstr "" "(__LIBKRB5_DEFAULTS__, если не настроено)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:389 +#: sssd.conf.5.xml:388 msgid "user (string)" msgstr "user (строка)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:392 +#: sssd.conf.5.xml:391 msgid "" "A legacy (deprecated) method to configure the user to drop the privileges to " "where appropriate to avoid running as the root user. The only supported " @@ -660,7 +665,7 @@ msgstr "" "пользователя root. Единственное поддерживаемое значение — «&sssd_user_name;»." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 +#: sssd.conf.5.xml:398 msgid "" "This option is ignored if main SSSD process is started under non-root user " "initially (preferred method)." @@ -670,7 +675,7 @@ msgstr "" "метод)." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:404 +#: sssd.conf.5.xml:403 msgid "" "This option doesn't apply to socket activated services, as in this case the " "user to run the processes is configured in systemd service files. Keep in " @@ -686,18 +691,25 @@ msgstr "" "«&sssd_user_name;», либо от имени «root»." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:415 +#: sssd.conf.5.xml:414 msgid "Default: not set, process will run as root" msgstr "" "По умолчанию: не задано, процесс будет запущен от имени пользователя root" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:420 +#: sssd.conf.5.xml:419 msgid "default_domain_suffix (string)" msgstr "default_domain_suffix (строка)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:423 +#: sssd.conf.5.xml:422 +msgid "" +"Please note that this option is deprecated and domain_resolution_order " +"should be used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:426 msgid "" "This string will be used as a default domain name for all names without a " "domain name component. The main use case is environments where the primary " @@ -713,7 +725,7 @@ msgstr "" "не указывая имя домена." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 +#: sssd.conf.5.xml:436 msgid "" "Please note that if this option is set all users from the primary domain " "have to use their fully qualified name, e.g. user@domain.name, to log in. " @@ -737,8 +749,8 @@ msgstr "" "параметр default_domain_suffix. </phrase>" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:450 sssd-ldap.5.xml:878 sssd-ldap.5.xml:890 -#: sssd-ldap.5.xml:983 sssd-ad.5.xml:921 sssd-ad.5.xml:996 sssd-krb5.5.xml:468 +#: sssd.conf.5.xml:453 sssd-ldap.5.xml:889 sssd-ldap.5.xml:901 +#: sssd-ldap.5.xml:994 sssd-ad.5.xml:921 sssd-ad.5.xml:996 sssd-krb5.5.xml:468 #: sssd-ldap-attributes.5.xml:470 sssd-ldap-attributes.5.xml:978 #: include/ldap_id_mapping.xml:211 include/ldap_id_mapping.xml:222 #: include/krb5_options.xml:148 @@ -746,12 +758,12 @@ msgid "Default: not set" msgstr "По умолчанию: не задано" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:455 +#: sssd.conf.5.xml:458 msgid "override_space (string)" msgstr "override_space (строка)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:458 +#: sssd.conf.5.xml:461 msgid "" "This parameter will replace spaces (space bar) with the given character for " "user and group names. e.g. (_). User name "john doe" will be " @@ -767,7 +779,7 @@ msgstr "" "пробел является стандартным разделителем полей." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:467 +#: sssd.conf.5.xml:470 msgid "" "Please note it is a configuration error to use a replacement character that " "might be used in user or group names. If a name contains the replacement " @@ -780,22 +792,22 @@ msgstr "" "вернуть неизменённое имя, но в целом результат поиска будет не определён." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:475 +#: sssd.conf.5.xml:478 msgid "Default: not set (spaces will not be replaced)" msgstr "По умолчанию: не задано (пробелы не будут заменены)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:480 +#: sssd.conf.5.xml:483 msgid "certificate_verification (string)" msgstr "certificate_verification (строка)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:488 +#: sssd.conf.5.xml:491 msgid "no_ocsp" msgstr "no_ocsp" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:490 +#: sssd.conf.5.xml:493 msgid "" "Disables Online Certificate Status Protocol (OCSP) checks. This might be " "needed if the OCSP servers defined in the certificate are not reachable from " @@ -805,12 +817,12 @@ msgstr "" "сертификате серверы OCSP недоступны со стороны клиента." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:498 +#: sssd.conf.5.xml:501 msgid "soft_ocsp" msgstr "soft_ocsp" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:500 +#: sssd.conf.5.xml:503 msgid "" "If a connection cannot be established to an OCSP responder the OCSP check is " "skipped. This option should be used to allow authentication when the system " @@ -822,12 +834,12 @@ msgstr "" "связаться с ответчиком OCSP." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:510 +#: sssd.conf.5.xml:513 msgid "ocsp_dgst" msgstr "ocsp_dgst" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:512 +#: sssd.conf.5.xml:515 msgid "" "Digest (hash) function used to create the certificate ID for the OCSP " "request. Allowed values are:" @@ -836,39 +848,39 @@ msgstr "" "сертификата для запроса OCSP. Допустимые значения:" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:516 +#: sssd.conf.5.xml:519 msgid "sha1" msgstr "sha1" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:517 +#: sssd.conf.5.xml:520 msgid "sha256" msgstr "sha256" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:518 +#: sssd.conf.5.xml:521 msgid "sha384" msgstr "sha384" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:519 +#: sssd.conf.5.xml:522 msgid "sha512" msgstr "sha512" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:522 +#: sssd.conf.5.xml:525 msgid "Default: sha1 (to allow compatibility with RFC5019-compliant responder)" msgstr "" "По умолчанию: sha1 (для обеспечения совместимости с ответчиком, " "соответствующим стандарту RFC5019)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:528 +#: sssd.conf.5.xml:531 msgid "no_verification" msgstr "no_verification" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:530 +#: sssd.conf.5.xml:533 msgid "" "Disables verification completely. This option should only be used for " "testing." @@ -877,12 +889,12 @@ msgstr "" "тестирования." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:536 +#: sssd.conf.5.xml:539 msgid "partial_chain" msgstr "partial_chain" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:538 +#: sssd.conf.5.xml:541 msgid "" "Allow verification to succeed even if a <replaceable>complete</replaceable> " "chain cannot be built to a self-signed trust-anchor, provided it is possible " @@ -894,12 +906,12 @@ msgstr "" "сертификата, который может быть не самоподписанным." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:547 +#: sssd.conf.5.xml:550 msgid "ocsp_default_responder=URL" msgstr "ocsp_default_responder=URL" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:549 +#: sssd.conf.5.xml:552 msgid "" "Sets the OCSP default responder which should be used instead of the one " "mentioned in the certificate. URL must be replaced with the URL of the OCSP " @@ -910,12 +922,12 @@ msgstr "" "стандартного ответчика OCSP, например: http://example.com:80/ocsp." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:559 +#: sssd.conf.5.xml:562 msgid "ocsp_default_responder_signing_cert=NAME" msgstr "ocsp_default_responder_signing_cert=NAME" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:561 +#: sssd.conf.5.xml:564 msgid "" "This option is currently ignored. All needed certificates must be available " "in the PEM file given by pam_cert_db_path." @@ -924,12 +936,12 @@ msgstr "" "должны быть доступны в файле PEM, указанном параметром pam_cert_db_path." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:569 +#: sssd.conf.5.xml:572 msgid "crl_file=/PATH/TO/CRL/FILE" msgstr "crl_file=/ПУТЬ/К/ФАЙЛУ/CRL" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:571 +#: sssd.conf.5.xml:574 msgid "" "Use the Certificate Revocation List (CRL) from the given file during the " "verification of the certificate. The CRL must be given in PEM format, see " @@ -942,12 +954,12 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:584 +#: sssd.conf.5.xml:587 msgid "soft_crl" msgstr "soft_crl" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:587 +#: sssd.conf.5.xml:590 msgid "" "If a Certificate Revocation List (CRL) is expired ignore the expiration " "time of the CRL and check the related certificates with the expired CRL. " @@ -960,7 +972,7 @@ msgstr "" "в автономном режиме и нельзя обновить CRL." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:483 +#: sssd.conf.5.xml:486 msgid "" "With this parameter the certificate verification can be tuned with a comma " "separated list of options. Supported options are: <placeholder " @@ -971,22 +983,22 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 +#: sssd.conf.5.xml:603 msgid "Unknown options are reported but ignored." msgstr "Неизвестные параметры передаются, но игнорируются." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:603 +#: sssd.conf.5.xml:606 msgid "Default: not set, i.e. do not restrict certificate verification" msgstr "По умолчанию: не задано, то есть не ограничивать проверку сертификатов" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:609 +#: sssd.conf.5.xml:612 msgid "disable_netlink (boolean)" msgstr "disable_netlink (логическое значение)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:612 +#: sssd.conf.5.xml:615 msgid "" "SSSD hooks into the netlink interface to monitor changes to routes, " "addresses, links and trigger certain actions." @@ -995,7 +1007,7 @@ msgstr "" "маршрутах,адресах, ссылках и вызова определённых действий." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 +#: sssd.conf.5.xml:620 msgid "" "The SSSD state changes caused by netlink events may be undesirable and can " "be disabled by setting this option to 'true'" @@ -1005,17 +1017,17 @@ msgstr "" "«true»" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:622 +#: sssd.conf.5.xml:625 msgid "Default: false (netlink changes are detected)" msgstr "По умолчанию: false (изменения netlink обнаруживаются)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:627 +#: sssd.conf.5.xml:630 msgid "enable_files_domain (boolean)" msgstr "enable_files_domain (логическое значение)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:630 +#: sssd.conf.5.xml:633 msgid "" "When this option is enabled, SSSD prepends an implicit domain with " "<quote>id_provider=files</quote> before any explicitly configured domains." @@ -1024,12 +1036,12 @@ msgstr "" "доменами неявный домен с<quote>id_provider=files</quote>." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:641 +#: sssd.conf.5.xml:644 msgid "domain_resolution_order" msgstr "domain_resolution_order" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:644 +#: sssd.conf.5.xml:647 msgid "" "Comma separated list of domains and subdomains representing the lookup order " "that will be followed. The list doesn't have to include all possible " @@ -1046,7 +1058,7 @@ msgstr "" "будет выполняться в случайном порядке для каждого родительского домена." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:656 +#: sssd.conf.5.xml:659 msgid "" "Please, note that when this option is set the output format of all commands " "is always fully-qualified even when using short names for input <phrase " @@ -1079,18 +1091,18 @@ msgstr "" "пользователей в разных доменах могут быть одинаковыми." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:684 sssd.conf.5.xml:1762 sssd.conf.5.xml:4297 +#: sssd.conf.5.xml:687 sssd.conf.5.xml:1765 sssd.conf.5.xml:4300 #: sssd-ad.5.xml:187 sssd-ad.5.xml:328 sssd-ad.5.xml:342 msgid "Default: Not set" msgstr "По умолчанию: не задано" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:692 msgid "implicit_pac_responder (boolean)" msgstr "implicit_pac_responder (логическое значение)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 +#: sssd.conf.5.xml:695 msgid "" "The PAC responder is enabled automatically for the IPA and AD provider to " "evaluate and check the PAC. If it has to be disabled set this option to " @@ -1101,12 +1113,12 @@ msgstr "" "значение «false»." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:703 +#: sssd.conf.5.xml:706 msgid "core_dumpable (boolean)" msgstr "core_dumpable (логическое значение)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:706 +#: sssd.conf.5.xml:709 msgid "" "This option can be used for general system hardening: setting it to 'false' " "forbids core dumps for all SSSD processes to avoid leaking plain text " @@ -1118,17 +1130,17 @@ msgstr "" "доступны на справочной странице prctl:PR_SET_DUMPABLE." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:718 +#: sssd.conf.5.xml:721 msgid "passkey_verification (string)" msgstr "passkey_verification (строка)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:726 +#: sssd.conf.5.xml:729 msgid "user_verification (boolean)" msgstr "user_verification (логическое значение)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 +#: sssd.conf.5.xml:731 msgid "" "Enable or disable the user verification (i.e. PIN, fingerprint) during " "authentication. If enabled, the PIN will always be requested." @@ -1138,7 +1150,7 @@ msgstr "" "запрашиваться всегда." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 +#: sssd.conf.5.xml:737 msgid "" "The default is that the key settings decide what to do. In the IPA or " "kerberos pre-authentication case, this value will be overwritten by the " @@ -1149,7 +1161,7 @@ msgstr "" "перезаписано сервером." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:721 +#: sssd.conf.5.xml:724 msgid "" "With this parameter the passkey verification can be tuned with a comma " "separated list of options. Supported options are: <placeholder " @@ -1160,7 +1172,7 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:214 +#: sssd.conf.5.xml:213 msgid "" "Individual pieces of SSSD functionality are provided by special SSSD " "services that are started and stopped together with SSSD. The services are " @@ -1177,12 +1189,12 @@ msgstr "" "<quote>[sssd]</quote>. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:753 +#: sssd.conf.5.xml:756 msgid "SERVICES SECTIONS" msgstr "РАЗДЕЛЫ СЛУЖБ" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:755 +#: sssd.conf.5.xml:758 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -1195,22 +1207,22 @@ msgstr "" "раздел <quote>[nss]</quote>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:762 +#: sssd.conf.5.xml:765 msgid "General service configuration options" msgstr "Общие параметры настройки служб" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:764 +#: sssd.conf.5.xml:767 msgid "These options can be used to configure any service." msgstr "Эти параметры можно использовать для настройки любых служб." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:768 +#: sssd.conf.5.xml:771 msgid "fd_limit" msgstr "fd_limit" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:771 +#: sssd.conf.5.xml:774 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -1226,17 +1238,17 @@ msgstr "" "ограничением «hard» в limits.conf." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:780 +#: sssd.conf.5.xml:783 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "По умолчанию: 8192 (или ограничение «hard» в limits.conf)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:785 +#: sssd.conf.5.xml:788 msgid "client_idle_timeout" msgstr "client_idle_timeout" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:788 +#: sssd.conf.5.xml:791 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " @@ -1251,17 +1263,17 @@ msgstr "" "на 10 секунд." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:797 +#: sssd.conf.5.xml:800 msgid "Default: 60, KCM: 300" msgstr "По умолчанию: 60, KCM: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 +#: sssd.conf.5.xml:805 msgid "offline_timeout (integer)" msgstr "offline_timeout (целое число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 +#: sssd.conf.5.xml:808 msgid "" "When SSSD switches to offline mode the amount of time before it tries to go " "back online will increase based upon the time spent disconnected. By " @@ -1279,7 +1291,7 @@ msgstr "" "следующей формуле:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:816 sssd.conf.5.xml:872 +#: sssd.conf.5.xml:819 sssd.conf.5.xml:875 msgid "" "new_delay = Minimum(old_delay * 2, offline_timeout_max) + random[0..." "offline_timeout_random_offset]" @@ -1288,7 +1300,7 @@ msgstr "" "offline_timeout_random_offset]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:822 msgid "" "The offline_timeout default value is 60. The offline_timeout_max default " "value is 3600. The offline_timeout_random_offset default value is 30. The " @@ -1300,7 +1312,7 @@ msgstr "" "количество секунд до следующей попытки." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:825 +#: sssd.conf.5.xml:828 msgid "" "Note that the maximum length of each interval is defined by " "offline_timeout_max (apart of random part)." @@ -1309,18 +1321,18 @@ msgstr "" "параметром offline_timeout_max (кроме случайной части)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:829 sssd.conf.5.xml:1172 sssd.conf.5.xml:1555 -#: sssd.conf.5.xml:1851 sssd-ldap.5.xml:495 +#: sssd.conf.5.xml:832 sssd.conf.5.xml:1175 sssd.conf.5.xml:1558 +#: sssd.conf.5.xml:1854 sssd-ldap.5.xml:506 msgid "Default: 60" msgstr "По умолчанию: 60" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:834 +#: sssd.conf.5.xml:837 msgid "offline_timeout_max (integer)" msgstr "offline_timeout_max (целое число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:837 +#: sssd.conf.5.xml:840 msgid "" "Controls by how much the time between attempts to go online can be " "incremented following unsuccessful attempts to go online." @@ -1329,12 +1341,12 @@ msgstr "" "сеть после неудачных попыток восстановления подключения." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:842 +#: sssd.conf.5.xml:845 msgid "A value of 0 disables the incrementing behaviour." msgstr "Значение «0» отключает использование приращения." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:845 +#: sssd.conf.5.xml:848 msgid "" "The value of this parameter should be set in correlation to offline_timeout " "parameter value." @@ -1343,7 +1355,7 @@ msgstr "" "offline_timeout." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:849 +#: sssd.conf.5.xml:852 msgid "" "With offline_timeout set to 60 (default value) there is no point in setting " "offlinet_timeout_max to less than 120 as it will saturate instantly. General " @@ -1357,7 +1369,7 @@ msgstr "" "4 раза превышать значение offline_timeout." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:858 msgid "" "Although a value between 0 and offline_timeout may be specified, it has the " "effect of overriding the offline_timeout value so is of little use." @@ -1367,17 +1379,17 @@ msgstr "" "имеет практического смысла." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:863 msgid "Default: 3600" msgstr "По умолчанию: 3600" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:865 +#: sssd.conf.5.xml:868 msgid "offline_timeout_random_offset (integer)" msgstr "offline_timeout_random_offset (целое число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:868 +#: sssd.conf.5.xml:871 msgid "" "When SSSD is in offline mode it keeps probing backend servers in specified " "time intervals:" @@ -1386,7 +1398,7 @@ msgstr "" "внутренним серверам через заданные промежутки времени:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:875 +#: sssd.conf.5.xml:878 msgid "" "This parameter controls the value of the random offset used for the above " "equation. Final random_offset value will be random number in range:" @@ -1396,27 +1408,27 @@ msgstr "" "случайное число, принадлежащее диапазону:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:880 +#: sssd.conf.5.xml:883 msgid "[0 - offline_timeout_random_offset]" msgstr "[0 - offline_timeout_random_offset]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:883 +#: sssd.conf.5.xml:886 msgid "A value of 0 disables the random offset addition." msgstr "Значение «0» отключает добавление случайной задержки." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:886 +#: sssd.conf.5.xml:889 msgid "Default: 30" msgstr "По умолчанию: 30" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:894 msgid "responder_idle_timeout" msgstr "responder_idle_timeout" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:894 +#: sssd.conf.5.xml:897 msgid "" "This option specifies the number of seconds that an SSSD responder process " "can be up without being used. This value is limited in order to avoid " @@ -1435,18 +1447,18 @@ msgstr "" "активируются с помощью сокетов или D-Bus." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:908 sssd.conf.5.xml:1185 sssd.conf.5.xml:2304 -#: sssd-ldap.5.xml:332 +#: sssd.conf.5.xml:911 sssd.conf.5.xml:1188 sssd.conf.5.xml:2307 +#: sssd-ldap.5.xml:343 msgid "Default: 300" msgstr "По умолчанию: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:913 +#: sssd.conf.5.xml:916 msgid "cache_first" msgstr "cache_first" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:916 +#: sssd.conf.5.xml:919 msgid "" "This option specifies whether the responder should query all caches before " "querying the Data Providers." @@ -1455,12 +1467,12 @@ msgstr "" "опросом поставщиков данных." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:934 msgid "NSS configuration options" msgstr "Параметры настройки NSS" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:933 +#: sssd.conf.5.xml:936 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" @@ -1468,12 +1480,12 @@ msgstr "" "(NSS)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:938 +#: sssd.conf.5.xml:941 msgid "enum_cache_timeout (integer)" msgstr "enum_cache_timeout (целое число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:941 +#: sssd.conf.5.xml:944 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" @@ -1482,17 +1494,17 @@ msgstr "" "пользователях) в кэше nss_sss в секундах" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:945 +#: sssd.conf.5.xml:948 msgid "Default: 120" msgstr "По умолчанию: 120" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:950 +#: sssd.conf.5.xml:953 msgid "entry_cache_nowait_percentage (integer)" msgstr "entry_cache_nowait_percentage (целое число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:956 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -1503,7 +1515,7 @@ msgstr "" "значения entry_cache_timeout для домена." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:959 +#: sssd.conf.5.xml:962 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -1519,7 +1531,7 @@ msgstr "" "ожидании обновления кэша." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:969 +#: sssd.conf.5.xml:972 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -1533,17 +1545,17 @@ msgstr "" "значения «0» отключает эту возможность." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:977 sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:980 sssd.conf.5.xml:2096 msgid "Default: 50" msgstr "По умолчанию: 50" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:985 msgid "entry_negative_timeout (integer)" msgstr "entry_negative_timeout (целое число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:985 +#: sssd.conf.5.xml:988 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -1555,17 +1567,17 @@ msgstr "" "серверу." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:991 sssd.conf.5.xml:1750 sssd.conf.5.xml:2117 +#: sssd.conf.5.xml:994 sssd.conf.5.xml:1753 sssd.conf.5.xml:2120 msgid "Default: 15" msgstr "По умолчанию: 15" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:996 +#: sssd.conf.5.xml:999 msgid "local_negative_timeout (integer)" msgstr "local_negative_timeout (целое число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:999 +#: sssd.conf.5.xml:1002 msgid "" "Specifies for how many seconds nss_sss should keep local users and groups in " "negative cache before trying to look it up in the back end again. Setting " @@ -1577,17 +1589,17 @@ msgstr "" "возможность." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1005 +#: sssd.conf.5.xml:1008 msgid "Default: 14400 (4 hours)" msgstr "По умолчанию: 14400 (4 часа)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1013 msgid "filter_users, filter_groups (string)" msgstr "filter_users, filter_groups (строка)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1013 +#: sssd.conf.5.xml:1016 msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " @@ -1602,7 +1614,7 @@ msgstr "" "(UPN)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1024 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1616,17 +1628,17 @@ msgstr "" "отфильтрованной вложенной группы." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1029 +#: sssd.conf.5.xml:1032 msgid "Default: root" msgstr "По умолчанию: root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1037 msgid "filter_users_in_groups (bool)" msgstr "filter_users_in_groups (логическое значение)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1037 +#: sssd.conf.5.xml:1040 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" @@ -1634,12 +1646,12 @@ msgstr "" "установите этот параметр в значение «false»." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1048 +#: sssd.conf.5.xml:1051 msgid "fallback_homedir (string)" msgstr "fallback_homedir (строка)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 +#: sssd.conf.5.xml:1054 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." @@ -1648,7 +1660,7 @@ msgstr "" "явно не указан поставщиком данных домена." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1056 +#: sssd.conf.5.xml:1059 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" @@ -1656,7 +1668,7 @@ msgstr "" "параметра override_homedir." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1062 +#: sssd.conf.5.xml:1065 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1666,23 +1678,23 @@ msgstr "" " " #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 sssd.conf.5.xml:1622 sssd.conf.5.xml:1641 -#: sssd.conf.5.xml:1718 sssd-krb5.5.xml:451 include/override_homedir.xml:66 +#: sssd.conf.5.xml:1063 sssd.conf.5.xml:1625 sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1721 sssd-krb5.5.xml:451 include/override_homedir.xml:66 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "пример: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1069 msgid "Default: not set (no substitution for unset home directories)" msgstr "По умолчанию: не задано (без замен для незаданных домашних каталогов)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1072 +#: sssd.conf.5.xml:1075 msgid "override_shell (string)" msgstr "override_shell (строка)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 +#: sssd.conf.5.xml:1078 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1694,19 +1706,19 @@ msgstr "" "домена отдельно." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1084 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" "По умолчанию: не задано (SSSD будет использовать значение, полученное от " "LDAP)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1090 msgid "allowed_shells (string)" msgstr "allowed_shells (строка)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1093 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" @@ -1714,14 +1726,14 @@ msgstr "" "Порядок вычисления:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:1096 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" "1. Если оболочка присутствует в файле <quote>/etc/shells</quote>, будет " "использована она." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1097 +#: sssd.conf.5.xml:1100 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." @@ -1730,7 +1742,7 @@ msgstr "" "etc/shells</quote>, использовать значение параметра shell_fallback." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1105 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." @@ -1739,14 +1751,14 @@ msgstr "" "shells</quote>, будет использована оболочка, которая не требует входа." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 +#: sssd.conf.5.xml:1110 msgid "The wildcard (*) can be used to allow any shell." msgstr "" "Чтобы разрешить использование любой оболочки, можно использовать " "подстановочный знак (*)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1110 +#: sssd.conf.5.xml:1113 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1757,12 +1769,12 @@ msgstr "" "ведение списка всех разрешённых оболочек в allowed_shells было бы излишним." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1117 +#: sssd.conf.5.xml:1120 msgid "An empty string for shell is passed as-is to libc." msgstr "Пустая строка оболочки передаётся libc «как есть»." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1123 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." @@ -1771,28 +1783,28 @@ msgstr "" "Следовательно, в случае установки новой оболочки потребуется перезапуск SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1127 msgid "Default: Not set. The user shell is automatically used." msgstr "" "По умолчанию: не задано. Автоматически используется оболочка пользователя." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1132 msgid "vetoed_shells (string)" msgstr "vetoed_shells (строка)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1132 +#: sssd.conf.5.xml:1135 msgid "Replace any instance of these shells with the shell_fallback" msgstr "Заменять все экземпляры этих оболочек на shell_fallback" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1140 msgid "shell_fallback (string)" msgstr "shell_fallback (строка)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1143 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" @@ -1800,17 +1812,17 @@ msgstr "" "оболочка не установлена на компьютере." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1147 msgid "Default: /bin/sh" msgstr "По умолчанию: /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1152 msgid "default_shell" msgstr "default_shell" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1155 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." @@ -1820,7 +1832,7 @@ msgstr "" "разделе [nss] или для каждого домена отдельно." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1161 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" @@ -1829,12 +1841,12 @@ msgstr "" "положиться на libc в плане подстановки подходящего варианта, обычно /bin/sh)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 sssd.conf.5.xml:1548 +#: sssd.conf.5.xml:1168 sssd.conf.5.xml:1551 msgid "get_domains_timeout (int)" msgstr "get_domains_timeout (целое число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 sssd.conf.5.xml:1551 +#: sssd.conf.5.xml:1171 sssd.conf.5.xml:1554 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." @@ -1843,12 +1855,12 @@ msgstr "" "действительным." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1180 msgid "memcache_timeout (integer)" msgstr "memcache_timeout (целое число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1180 +#: sssd.conf.5.xml:1183 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." @@ -1858,7 +1870,7 @@ msgstr "" "отключит кэш в памяти." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1191 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." @@ -1868,8 +1880,8 @@ msgstr "" "только для тестирования." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 sssd.conf.5.xml:1219 sssd.conf.5.xml:1244 -#: sssd.conf.5.xml:1269 sssd.conf.5.xml:1296 +#: sssd.conf.5.xml:1197 sssd.conf.5.xml:1222 sssd.conf.5.xml:1247 +#: sssd.conf.5.xml:1272 sssd.conf.5.xml:1299 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." @@ -1879,12 +1891,12 @@ msgstr "" "памяти." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1202 +#: sssd.conf.5.xml:1205 msgid "memcache_size_passwd (integer)" msgstr "memcache_size_passwd (целое число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1205 +#: sssd.conf.5.xml:1208 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for passwd requests. Setting the size to 0 will disable the passwd in-" @@ -1895,13 +1907,13 @@ msgstr "" "памяти для запросов passwd." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:2963 sssd-ldap.5.xml:549 +#: sssd.conf.5.xml:1214 sssd.conf.5.xml:2966 sssd-ldap.5.xml:560 msgid "Default: 8" msgstr "По умолчанию: 8" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1214 sssd.conf.5.xml:1239 sssd.conf.5.xml:1264 -#: sssd.conf.5.xml:1291 +#: sssd.conf.5.xml:1217 sssd.conf.5.xml:1242 sssd.conf.5.xml:1267 +#: sssd.conf.5.xml:1294 msgid "" "WARNING: Disabled or too small in-memory cache can have significant negative " "impact on SSSD's performance." @@ -1910,12 +1922,12 @@ msgstr "" "значительное негативное воздействие на производительность SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1230 msgid "memcache_size_group (integer)" msgstr "memcache_size_group (целое число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1233 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for group requests. Setting the size to 0 will disable the group in-memory " @@ -1926,19 +1938,19 @@ msgstr "" "памяти для запросов group." #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1236 sssd.conf.5.xml:1288 sssd.conf.5.xml:3724 -#: sssd-ldap.5.xml:474 sssd-ldap.5.xml:526 include/failover.xml:116 +#: sssd.conf.5.xml:1239 sssd.conf.5.xml:1291 sssd.conf.5.xml:3727 +#: sssd-ldap.5.xml:485 sssd-ldap.5.xml:537 include/failover.xml:116 #: include/krb5_options.xml:11 msgid "Default: 6" msgstr "По умолчанию: 6" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1252 +#: sssd.conf.5.xml:1255 msgid "memcache_size_initgroups (integer)" msgstr "memcache_size_initgroups (целое число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1255 +#: sssd.conf.5.xml:1258 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for initgroups requests. Setting the size to 0 will disable the initgroups " @@ -1949,12 +1961,12 @@ msgstr "" "отключит кэш в памяти для запросов групп инициализации." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 +#: sssd.conf.5.xml:1280 msgid "memcache_size_sid (integer)" msgstr "memcache_size_sid (целое число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 +#: sssd.conf.5.xml:1283 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for SID related requests. Only SID-by-ID and ID-by-SID requests are " @@ -1967,12 +1979,12 @@ msgstr "" "размера в значение «0» отключит кэш SID в памяти." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1304 sssd-ifp.5.xml:90 +#: sssd.conf.5.xml:1307 sssd-ifp.5.xml:90 msgid "user_attributes (string)" msgstr "user_attributes (строка)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1307 +#: sssd.conf.5.xml:1310 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1989,7 +2001,7 @@ msgstr "" "manvolnum> </citerefentry>), но без стандартных значений." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1320 +#: sssd.conf.5.xml:1323 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." @@ -1998,17 +2010,17 @@ msgstr "" "ли он для ответчика NSS." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1325 +#: sssd.conf.5.xml:1328 msgid "Default: not set, fallback to InfoPipe option" msgstr "По умолчанию: не задано, использовать параметр InfoPipe" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1330 +#: sssd.conf.5.xml:1333 msgid "pwfield (string)" msgstr "pwfield (строка)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1336 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." @@ -2017,12 +2029,12 @@ msgstr "" "вернут для поля <quote>password</quote>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1341 msgid "Default: <quote>*</quote>" msgstr "По умолчанию: <quote>*</quote>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1341 +#: sssd.conf.5.xml:1344 msgid "" "Note: This option can also be set per-domain which overwrites the value in " "[nss] section." @@ -2031,7 +2043,7 @@ msgstr "" "что будет иметь приоритет над значением в разделе [nss]." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1348 msgid "" "Default: <quote>not set</quote> (remote domains), <phrase " "condition=\"with_files_provider\"> <quote>x</quote> (the files domain), </" @@ -2043,12 +2055,12 @@ msgstr "" "<quote>x</quote> (домен прокси с nss_files и целью sssd-shadowutils)" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1360 msgid "PAM configuration options" msgstr "Параметры настройки PAM" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1359 +#: sssd.conf.5.xml:1362 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." @@ -2057,12 +2069,12 @@ msgstr "" "проверки подлинности (PAM)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1364 +#: sssd.conf.5.xml:1367 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (целое число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1367 +#: sssd.conf.5.xml:1370 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." @@ -2072,17 +2084,17 @@ msgstr "" "момента последнего успешного входа)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1372 sssd.conf.5.xml:1385 +#: sssd.conf.5.xml:1375 sssd.conf.5.xml:1388 msgid "Default: 0 (No limit)" msgstr "По умолчанию: 0 (без ограничений)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1381 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (целое число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1384 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." @@ -2091,12 +2103,12 @@ msgstr "" "режиме, сколько следует допускать неудачных попыток входа." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1391 +#: sssd.conf.5.xml:1394 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (целое число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1394 +#: sssd.conf.5.xml:1397 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." @@ -2106,7 +2118,7 @@ msgstr "" "входа." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1399 +#: sssd.conf.5.xml:1402 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -2118,17 +2130,17 @@ msgstr "" "возможной, необходимо успешно пройти проверку подлинности в сетевом режиме." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1405 sssd.conf.5.xml:1515 +#: sssd.conf.5.xml:1408 sssd.conf.5.xml:1518 msgid "Default: 5" msgstr "По умолчанию: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1411 +#: sssd.conf.5.xml:1414 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (целое число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1414 +#: sssd.conf.5.xml:1417 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." @@ -2137,43 +2149,43 @@ msgstr "" "подлинности. Чем больше число, тем больше сообщений будет показано." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1422 msgid "Currently sssd supports the following values:" msgstr "В настоящее время sssd поддерживает следующие значения:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1422 +#: sssd.conf.5.xml:1425 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis>: не показывать никаких сообщений" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1425 +#: sssd.conf.5.xml:1428 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis>: показывать только важные сообщения" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1432 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis>: показывать информационные сообщения" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1435 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" "<emphasis>3</emphasis>: показывать все сообщения и отладочную информацию" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1436 sssd.8.xml:63 +#: sssd.conf.5.xml:1439 sssd.8.xml:63 msgid "Default: 1" msgstr "По умолчанию: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1442 +#: sssd.conf.5.xml:1445 msgid "pam_response_filter (string)" msgstr "pam_response_filter (строка)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:1448 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -2187,7 +2199,7 @@ msgstr "" "установлены pam_sss)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1453 +#: sssd.conf.5.xml:1456 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." @@ -2196,37 +2208,37 @@ msgstr "" "параметр позволяет отфильтровать также и другие типы ответов." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1463 msgid "ENV" msgstr "ENV" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1461 +#: sssd.conf.5.xml:1464 msgid "Do not send any environment variables to any service." msgstr "Не отправлять никаким службам никакие переменные среды." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1464 +#: sssd.conf.5.xml:1467 msgid "ENV:var_name" msgstr "ENV:var_name" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1465 +#: sssd.conf.5.xml:1468 msgid "Do not send environment variable var_name to any service." msgstr "Не отправлять переменную среды var_name никаким службам." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:1472 msgid "ENV:var_name:service" msgstr "ENV:var_name:service" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1470 +#: sssd.conf.5.xml:1473 msgid "Do not send environment variable var_name to service." msgstr "Не отправлять переменную среды var_name указанной службе." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1458 +#: sssd.conf.5.xml:1461 msgid "" "Currently the following filters are supported: <placeholder " "type=\"variablelist\" id=\"0\"/>" @@ -2235,7 +2247,7 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1477 +#: sssd.conf.5.xml:1480 msgid "" "The list of strings can either be the list of filters which would set this " "list of filters and overwrite the defaults. Or each element of the list can " @@ -2253,23 +2265,23 @@ msgstr "" "префикса только для части элементов списка считается ошибкой." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1488 +#: sssd.conf.5.xml:1491 msgid "Default: ENV:KRB5CCNAME:sudo, ENV:KRB5CCNAME:sudo-i" msgstr "По умолчанию: ENV:KRB5CCNAME:sudo, ENV:KRB5CCNAME:sudo-i" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1491 +#: sssd.conf.5.xml:1494 msgid "" "Example: -ENV:KRB5CCNAME:sudo-i will remove the filter from the default list" msgstr "Пример: -ENV:KRB5CCNAME:sudo-i удалит фильтр из списка стандартных" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1498 +#: sssd.conf.5.xml:1501 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (целое число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1501 +#: sssd.conf.5.xml:1504 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -2281,7 +2293,7 @@ msgstr "" "данные." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1507 +#: sssd.conf.5.xml:1510 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -2295,17 +2307,17 @@ msgstr "" "обменов данными с поставщиком данных идентификации." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1521 +#: sssd.conf.5.xml:1524 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1524 sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:1527 sssd.conf.5.xml:2990 msgid "Display a warning N days before the password expires." msgstr "Показать предупреждение за N дней до истечения срока действия пароля." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1527 +#: sssd.conf.5.xml:1530 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2316,7 +2328,7 @@ msgstr "" "сможет показать предупреждение." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1533 sssd.conf.5.xml:2990 +#: sssd.conf.5.xml:1536 sssd.conf.5.xml:2993 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -2326,7 +2338,7 @@ msgstr "" "показано автоматически." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1541 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." @@ -2335,18 +2347,18 @@ msgstr "" "<emphasis>pwd_expiration_warning</emphasis> для конкретного домена." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1543 sssd.conf.5.xml:3990 sssd-ldap.5.xml:607 -#: sssd-ldap.5.xml:1673 sssd.8.xml:79 +#: sssd.conf.5.xml:1546 sssd.conf.5.xml:3993 sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:1684 sssd.8.xml:79 msgid "Default: 0" msgstr "По умолчанию: 0" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1560 +#: sssd.conf.5.xml:1563 msgid "pam_trusted_users (string)" msgstr "pam_trusted_users (строка)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1563 +#: sssd.conf.5.xml:1566 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -2361,12 +2373,12 @@ msgstr "" "quote>. Имена пользователей разрешаются в UID при запуске." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1573 +#: sssd.conf.5.xml:1576 msgid "Default: All users are considered trusted by default" msgstr "По умолчанию: все пользователи считаются доверенными по умолчанию" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1577 +#: sssd.conf.5.xml:1580 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." @@ -2375,12 +2387,12 @@ msgstr "" "если этот идентификатор пользователя отсутствует в списке pam_trusted_users." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1584 +#: sssd.conf.5.xml:1587 msgid "pam_public_domains (string)" msgstr "pam_public_domains (строка)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1587 +#: sssd.conf.5.xml:1590 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." @@ -2389,12 +2401,12 @@ msgstr "" "недоверенных пользователей." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1591 +#: sssd.conf.5.xml:1594 msgid "Two special values for pam_public_domains option are defined:" msgstr "Для параметра pam_public_domains определены два специальных значения:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1595 +#: sssd.conf.5.xml:1598 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" @@ -2402,7 +2414,7 @@ msgstr "" "PAM)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1602 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" @@ -2411,19 +2423,19 @@ msgstr "" "PAM)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1603 sssd.conf.5.xml:1628 sssd.conf.5.xml:1647 -#: sssd.conf.5.xml:1884 sssd.conf.5.xml:2725 sssd.conf.5.xml:3919 -#: sssd-ldap.5.xml:1210 +#: sssd.conf.5.xml:1606 sssd.conf.5.xml:1631 sssd.conf.5.xml:1650 +#: sssd.conf.5.xml:1887 sssd.conf.5.xml:2728 sssd.conf.5.xml:3922 +#: sssd-ldap.5.xml:1221 msgid "Default: none" msgstr "По умолчанию: none" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1611 msgid "pam_account_expired_message (string)" msgstr "pam_account_expired_message (строка)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1611 +#: sssd.conf.5.xml:1614 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." @@ -2432,17 +2444,17 @@ msgstr "" "которое заменит стандартное сообщение «Доступ запрещён»." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1616 +#: sssd.conf.5.xml:1619 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" "Примечание: следует учитывать, что для службы SSH сообщение будет показано " -"только при условии, что параметр pam_verbosity установлен в значение " -"«3» (показывать все сообщения и отладочную информацию)." +"только при условии, что параметр pam_verbosity установлен в значение «3» " +"(показывать все сообщения и отладочную информацию)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1627 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -2452,12 +2464,12 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1633 +#: sssd.conf.5.xml:1636 msgid "pam_account_locked_message (string)" msgstr "pam_account_locked_message (строка)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1639 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." @@ -2466,7 +2478,7 @@ msgstr "" "стандартное сообщение «Доступ запрещён»." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1643 +#: sssd.conf.5.xml:1646 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -2476,46 +2488,46 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1652 +#: sssd.conf.5.xml:1655 msgid "pam_passkey_auth (bool)" msgstr "pam_passkey_auth (логическое значение)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1655 +#: sssd.conf.5.xml:1658 msgid "Enable passkey device based authentication." msgstr "Включить аутентификацию на основе ключа доступа." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1658 sssd.conf.5.xml:1970 sssd-ad.5.xml:1272 +#: sssd.conf.5.xml:1661 sssd.conf.5.xml:1973 sssd-ad.5.xml:1275 #: sss_rpcidmapd.5.xml:76 sssd-files.5.xml:145 msgid "Default: True" msgstr "По умолчанию: true" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1663 +#: sssd.conf.5.xml:1666 msgid "passkey_debug_libfido2 (bool)" msgstr "passkey_debug_libfido2 (логическое значение)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1666 +#: sssd.conf.5.xml:1669 msgid "Enable libfido2 library debug messages." msgstr "Включить отладочные сообщения библиотеки libfido2." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1669 sssd.conf.5.xml:1683 sssd-ldap.5.xml:672 -#: sssd-ldap.5.xml:693 sssd-ldap.5.xml:789 sssd-ldap.5.xml:1296 -#: sssd-ad.5.xml:506 sssd-ad.5.xml:582 sssd-ad.5.xml:1127 sssd-ad.5.xml:1176 +#: sssd.conf.5.xml:1672 sssd.conf.5.xml:1686 sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:704 sssd-ldap.5.xml:800 sssd-ldap.5.xml:1307 +#: sssd-ad.5.xml:506 sssd-ad.5.xml:582 sssd-ad.5.xml:1127 sssd-ad.5.xml:1179 #: include/ldap_id_mapping.xml:250 msgid "Default: False" msgstr "По умолчанию: false" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1674 +#: sssd.conf.5.xml:1677 msgid "pam_cert_auth (bool)" msgstr "pam_cert_auth (логическое значение)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1677 +#: sssd.conf.5.xml:1680 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -2526,22 +2538,22 @@ msgstr "" "задержит процесс проверки подлинности, по умолчанию этот параметр отключён." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1688 +#: sssd.conf.5.xml:1691 msgid "pam_cert_db_path (string)" msgstr "pam_cert_db_path (строка)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1691 +#: sssd.conf.5.xml:1694 msgid "The path to the certificate database." msgstr "Путь к базе данных сертификатов." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1694 sssd.conf.5.xml:2219 sssd.conf.5.xml:4411 +#: sssd.conf.5.xml:1697 sssd.conf.5.xml:2222 sssd.conf.5.xml:4414 msgid "Default:" msgstr "По умолчанию:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1696 sssd.conf.5.xml:2221 +#: sssd.conf.5.xml:1699 sssd.conf.5.xml:2224 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (path to a file with trusted CA " "certificates in PEM format)" @@ -2550,12 +2562,12 @@ msgstr "" "CA в формате PEM)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:1709 msgid "pam_cert_verification (string)" msgstr "pam_cert_verification (строка)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:1712 msgid "" "With this parameter the PAM certificate verification can be tuned with a " "comma separated list of options that override the " @@ -2570,7 +2582,7 @@ msgstr "" "<quote>certificate_verification</quote>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:1723 #, no-wrap msgid "" "pam_cert_verification = partial_chain\n" @@ -2580,7 +2592,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:1727 msgid "" "Default: not set, i.e. use default <quote>certificate_verification</quote> " "option defined in <quote>[sssd]</quote> section." @@ -2590,24 +2602,24 @@ msgstr "" "quote>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1731 +#: sssd.conf.5.xml:1734 msgid "p11_child_timeout (integer)" msgstr "p11_child_timeout (целое число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1734 +#: sssd.conf.5.xml:1737 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" "Разрешённое количество секунд, в течение которого pam_sss ожидает завершения " "работы p11_child." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1743 +#: sssd.conf.5.xml:1746 msgid "passkey_child_timeout (integer)" msgstr "passkey_child_timeout (целое число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 +#: sssd.conf.5.xml:1749 msgid "" "How many seconds will the PAM responder wait for passkey_child to finish." msgstr "" @@ -2615,12 +2627,12 @@ msgstr "" "завершения работы passkey_child." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1758 msgid "pam_app_services (string)" msgstr "pam_app_services (строка)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1761 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" @@ -2629,12 +2641,12 @@ msgstr "" "типа <quote>application</quote>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1767 +#: sssd.conf.5.xml:1770 msgid "pam_p11_allowed_services (string)" msgstr "pam_p11_allowed_services (строка)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1770 +#: sssd.conf.5.xml:1773 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." @@ -2643,7 +2655,7 @@ msgstr "" "использовать смарт-карты." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1785 +#: sssd.conf.5.xml:1788 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -2653,7 +2665,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1774 +#: sssd.conf.5.xml:1777 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -2672,63 +2684,63 @@ msgstr "" "конфигурацию: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1789 sssd-ad.5.xml:645 sssd-ad.5.xml:754 sssd-ad.5.xml:812 +#: sssd.conf.5.xml:1792 sssd-ad.5.xml:645 sssd-ad.5.xml:754 sssd-ad.5.xml:812 #: sssd-ad.5.xml:870 sssd-ad.5.xml:948 msgid "Default: the default set of PAM service names includes:" msgstr "По умолчанию: стандартный набор имён служб PAM включает:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1794 sssd-ad.5.xml:649 +#: sssd.conf.5.xml:1797 sssd-ad.5.xml:649 msgid "login" msgstr "login" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1799 sssd-ad.5.xml:654 +#: sssd.conf.5.xml:1802 sssd-ad.5.xml:654 msgid "su" msgstr "su" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1804 sssd-ad.5.xml:659 +#: sssd.conf.5.xml:1807 sssd-ad.5.xml:659 msgid "su-l" msgstr "su-l" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1809 sssd-ad.5.xml:674 +#: sssd.conf.5.xml:1812 sssd-ad.5.xml:674 msgid "gdm-smartcard" msgstr "gdm-smartcard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1814 sssd-ad.5.xml:669 +#: sssd.conf.5.xml:1817 sssd-ad.5.xml:669 msgid "gdm-password" msgstr "gdm-password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1819 sssd-ad.5.xml:679 +#: sssd.conf.5.xml:1822 sssd-ad.5.xml:679 msgid "kdm" msgstr "kdm" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1824 sssd-ad.5.xml:957 +#: sssd.conf.5.xml:1827 sssd-ad.5.xml:957 msgid "sudo" msgstr "sudo" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1829 sssd-ad.5.xml:962 +#: sssd.conf.5.xml:1832 sssd-ad.5.xml:962 msgid "sudo-i" msgstr "sudo-i" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1837 msgid "gnome-screensaver" msgstr "gnome-screensaver" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1845 msgid "p11_wait_for_card_timeout (integer)" msgstr "p11_wait_for_card_timeout (целое число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1845 +#: sssd.conf.5.xml:1848 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2739,12 +2751,12 @@ msgstr "" "p11_child_timeout) ответчик PAM должен ожидать вставки смарт-карты." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1856 +#: sssd.conf.5.xml:1859 msgid "p11_uri (string)" msgstr "p11_uri (строка)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1859 +#: sssd.conf.5.xml:1862 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " @@ -2762,7 +2774,7 @@ msgstr "" "чтения." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1872 +#: sssd.conf.5.xml:1875 #, no-wrap msgid "" "p11_uri = pkcs11:slot-description=My%20Smartcard%20Reader\n" @@ -2772,7 +2784,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1876 +#: sssd.conf.5.xml:1879 #, no-wrap msgid "" "p11_uri = pkcs11:library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2782,7 +2794,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1870 +#: sssd.conf.5.xml:1873 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2796,17 +2808,17 @@ msgstr "" "URI PKCS#11." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1892 msgid "pam_initgroups_scheme" msgstr "pam_initgroups_scheme" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1897 +#: sssd.conf.5.xml:1900 msgid "always" msgstr "always" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1898 +#: sssd.conf.5.xml:1901 msgid "" "Always do an online lookup, please note that pam_id_timeout still applies" msgstr "" @@ -2814,12 +2826,12 @@ msgstr "" "pam_id_timeout всё равно применяется)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1902 +#: sssd.conf.5.xml:1905 msgid "no_session" msgstr "no_session" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1903 +#: sssd.conf.5.xml:1906 msgid "" "Only do an online lookup if there is no active session of the user, i.e. if " "the user is currently not logged in" @@ -2828,12 +2840,12 @@ msgstr "" "то есть тогда, когда пользователь не находится в системе" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1908 +#: sssd.conf.5.xml:1911 msgid "never" msgstr "never" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1909 +#: sssd.conf.5.xml:1912 msgid "" "Never force an online lookup, use the data from the cache as long as they " "are not expired" @@ -2842,7 +2854,7 @@ msgstr "" "до тех пор, пока они не устареют" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1892 +#: sssd.conf.5.xml:1895 msgid "" "The PAM responder can force an online lookup to get the current group " "memberships of the user trying to log in. This option controls when this " @@ -2855,17 +2867,17 @@ msgstr "" "допустимые значения: <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1916 +#: sssd.conf.5.xml:1919 msgid "Default: no_session" msgstr "По умолчанию: no_session" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1921 sssd.conf.5.xml:4350 +#: sssd.conf.5.xml:1924 sssd.conf.5.xml:4353 msgid "pam_gssapi_services" msgstr "pam_gssapi_services" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1924 +#: sssd.conf.5.xml:1927 msgid "" "Comma separated list of PAM services that are allowed to try GSSAPI " "authentication using pam_sss_gss.so module." @@ -2874,7 +2886,7 @@ msgstr "" "проверку подлинности по GSSAPI с помощью модуля pam_sss_gss.so." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:1932 msgid "" "To disable GSSAPI authentication, set this option to <quote>-</quote> (dash)." msgstr "" @@ -2882,7 +2894,7 @@ msgstr "" "параметр в значение <quote>-</quote> (дефис)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1933 sssd.conf.5.xml:1964 sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:1936 sssd.conf.5.xml:1967 sssd.conf.5.xml:2005 msgid "" "Note: This option can also be set per-domain which overwrites the value in " "[pam] section. It can also be set for trusted domain which overwrites the " @@ -2894,7 +2906,7 @@ msgstr "" "в разделе домена." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1941 +#: sssd.conf.5.xml:1944 #, no-wrap msgid "" "pam_gssapi_services = sudo, sudo-i\n" @@ -2904,22 +2916,22 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1939 sssd.conf.5.xml:3913 +#: sssd.conf.5.xml:1942 sssd.conf.5.xml:3916 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "Пример: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1945 +#: sssd.conf.5.xml:1948 msgid "Default: - (GSSAPI authentication is disabled)" msgstr "По умолчанию: - (проверка подлинности с помощью GSSAPI отключена)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1950 sssd.conf.5.xml:4351 +#: sssd.conf.5.xml:1953 sssd.conf.5.xml:4354 msgid "pam_gssapi_check_upn" msgstr "pam_gssapi_check_upn" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1953 +#: sssd.conf.5.xml:1956 msgid "" "If True, SSSD will require that the Kerberos user principal that " "successfully authenticated through GSSAPI can be associated with the user " @@ -2931,7 +2943,7 @@ msgstr "" "такой привязки нет, проверка подлинности завершится ошибкой." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1960 +#: sssd.conf.5.xml:1963 msgid "" "If False, every user that is able to obtained required service ticket will " "be authenticated." @@ -2940,12 +2952,12 @@ msgstr "" "пользователей, получивших необходимый билет службы." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:1978 msgid "pam_gssapi_indicators_map" msgstr "pam_gssapi_indicators_map" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1978 +#: sssd.conf.5.xml:1981 msgid "" "Comma separated list of authentication indicators required to be present in " "a Kerberos ticket to access a PAM service that is allowed to try GSSAPI " @@ -2957,7 +2969,7 @@ msgstr "" "pam_sss_gss.so." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1984 +#: sssd.conf.5.xml:1987 msgid "" "Each element of the list can be either an authentication indicator name or a " "pair <quote>service:indicator</quote>. Indicators not prefixed with the PAM " @@ -2984,7 +2996,7 @@ msgstr "" "доступ." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1997 +#: sssd.conf.5.xml:2000 msgid "" "To disable GSSAPI authentication indicator check, set this option to <quote>-" "</quote> (dash). To disable the check for a specific PAM service, add " @@ -2996,7 +3008,7 @@ msgstr "" "<quote>service:-</quote>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2008 +#: sssd.conf.5.xml:2011 msgid "" "Following authentication indicators are supported by IPA Kerberos " "deployments:" @@ -3005,7 +3017,7 @@ msgstr "" "индикаторов проверки подлинности:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2011 +#: sssd.conf.5.xml:2014 msgid "" "pkinit -- pre-authentication using X.509 certificates -- whether stored in " "files or on smart cards." @@ -3014,7 +3026,7 @@ msgstr "" "которые хранятся в файлах или на смарт-картах." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2014 +#: sssd.conf.5.xml:2017 msgid "" "hardened -- SPAKE pre-authentication or any pre-authentication wrapped in a " "FAST channel." @@ -3023,13 +3035,13 @@ msgstr "" "предварительная проверка подлинности, помещённая в канал FAST." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2017 +#: sssd.conf.5.xml:2020 msgid "radius -- pre-authentication with the help of a RADIUS server." msgstr "" "radius — предварительная проверка подлинности с помощью сервера RADIUS." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2020 +#: sssd.conf.5.xml:2023 msgid "" "otp -- pre-authentication using integrated two-factor authentication (2FA or " "one-time password, OTP) in IPA." @@ -3038,14 +3050,14 @@ msgstr "" "двухфакторной аутентификации (2FA или одноразовый пароль, OTP) в IPA." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2023 +#: sssd.conf.5.xml:2026 msgid "idp -- pre-authentication using external identity provider." msgstr "" "idp -- предварительная аутентификация с использованием внешнего поставщика " "удостоверений." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2033 +#: sssd.conf.5.xml:2036 #, no-wrap msgid "" "pam_gssapi_indicators_map = sudo:pkinit, sudo-i:pkinit\n" @@ -3055,7 +3067,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2028 +#: sssd.conf.5.xml:2031 msgid "" "Example: to require access to SUDO services only for users which obtained " "their Kerberos tickets with a X.509 certificate pre-authentication (PKINIT), " @@ -3067,19 +3079,19 @@ msgstr "" "type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2037 +#: sssd.conf.5.xml:2040 msgid "Default: not set (use of authentication indicators is not required)" msgstr "" "По умолчанию: не задано (использование индикаторов проверки подлинности не " "требуется)" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2048 msgid "SUDO configuration options" msgstr "Параметры настройки SUDO" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2047 +#: sssd.conf.5.xml:2050 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -3096,12 +3108,12 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2064 +#: sssd.conf.5.xml:2067 msgid "sudo_timed (bool)" msgstr "sudo_timed (логическое значение)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2067 +#: sssd.conf.5.xml:2070 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." @@ -3110,12 +3122,12 @@ msgstr "" "предназначенные для определения временных ограничений для записей sudoers." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2079 +#: sssd.conf.5.xml:2082 msgid "sudo_threshold (integer)" msgstr "sudo_threshold (целое число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2082 +#: sssd.conf.5.xml:2085 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -3131,22 +3143,22 @@ msgstr "" "к поискам команд и групп команд sudo IPA." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2101 +#: sssd.conf.5.xml:2104 msgid "AUTOFS configuration options" msgstr "Параметры настройки AUTOFS" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2103 +#: sssd.conf.5.xml:2106 msgid "These options can be used to configure the autofs service." msgstr "Эти параметры можно использовать для настройки службы autofs." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2107 +#: sssd.conf.5.xml:2110 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (целое число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2110 +#: sssd.conf.5.xml:2113 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -3157,22 +3169,22 @@ msgstr "" "например, несуществующих) перед повторным запросом к внутреннему серверу." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2126 +#: sssd.conf.5.xml:2129 msgid "SSH configuration options" msgstr "Параметры настройки SSH" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2128 +#: sssd.conf.5.xml:2131 msgid "These options can be used to configure the SSH service." msgstr "Эти параметры можно использовать для настройки службы SSH." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:2135 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (логическое значение)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2135 +#: sssd.conf.5.xml:2138 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." @@ -3180,12 +3192,12 @@ msgstr "" "Следует ли хэшировать имена и адреса узлов в управляемом файле known_hosts." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2144 +#: sssd.conf.5.xml:2147 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (целое число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2147 +#: sssd.conf.5.xml:2150 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." @@ -3194,17 +3206,17 @@ msgstr "" "управляемом файле known_hosts после запроса ключей этого узла." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2154 msgid "Default: 180" msgstr "По умолчанию: 180" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2156 +#: sssd.conf.5.xml:2159 msgid "ssh_use_certificate_keys (bool)" msgstr "ssh_use_certificate_keys (логическое значение)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2159 +#: sssd.conf.5.xml:2162 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -3218,12 +3230,12 @@ msgstr "" "<manvolnum>1</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2174 +#: sssd.conf.5.xml:2177 msgid "ssh_use_certificate_matching_rules (string)" msgstr "ssh_use_certificate_matching_rules (строка)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2177 +#: sssd.conf.5.xml:2180 msgid "" "By default the ssh responder will use all available certificate matching " "rules to filter the certificates so that ssh keys are only derived from the " @@ -3239,7 +3251,7 @@ msgstr "" "другие правила будут игнорироваться." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2186 +#: sssd.conf.5.xml:2189 msgid "" "There are two special key words 'all_rules' and 'no_rules' which will enable " "all or no rules, respectively. The latter means that no certificates will be " @@ -3251,7 +3263,7 @@ msgstr "" "ключи SSH будут создаваться на основе всех действительных сертификатов." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2193 +#: sssd.conf.5.xml:2196 msgid "" "If no rules are configured using 'all_rules' will enable a default rule " "which enables all certificates suitable for client authentication. This is " @@ -3265,7 +3277,7 @@ msgstr "" "подлинности сертификатов." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2200 +#: sssd.conf.5.xml:2203 msgid "" "A non-existing rule name is considered an error. If as a result no rule is " "selected all certificates will be ignored." @@ -3274,7 +3286,7 @@ msgstr "" "выбрано ни одного правила, все сертификаты будут проигнорированы." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2205 +#: sssd.conf.5.xml:2208 msgid "" "Default: not set, equivalent to 'all_rules', all found rules or the default " "rule are used" @@ -3283,12 +3295,12 @@ msgstr "" "правила или правило по умолчанию" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2211 +#: sssd.conf.5.xml:2214 msgid "ca_db (string)" msgstr "ca_db (строка)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2214 +#: sssd.conf.5.xml:2217 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." @@ -3298,12 +3310,12 @@ msgstr "" "SSH." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2234 +#: sssd.conf.5.xml:2237 msgid "PAC responder configuration options" msgstr "Параметры настройки ответчика PAC" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2239 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -3321,7 +3333,7 @@ msgstr "" "обрабатывается, выполняются некоторые из следующих операций:" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2245 +#: sssd.conf.5.xml:2248 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -3338,7 +3350,7 @@ msgstr "" "можно переопределить с помощью параметра default_shell." #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2253 +#: sssd.conf.5.xml:2256 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." @@ -3347,17 +3359,17 @@ msgstr "" "добавлен в эти группы." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2259 +#: sssd.conf.5.xml:2262 msgid "These options can be used to configure the PAC responder." msgstr "Эти параметры можно использовать для настройки ответчика PAC." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2263 sssd-ifp.5.xml:66 +#: sssd.conf.5.xml:2266 sssd-ifp.5.xml:66 msgid "allowed_uids (string)" msgstr "allowed_uids (строка)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2266 +#: sssd.conf.5.xml:2269 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -3368,7 +3380,7 @@ msgstr "" "запуске." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2272 +#: sssd.conf.5.xml:2275 msgid "" "Default: 0, &sssd_user_name; (only root and SSSD service users are allowed " "to access the PAC responder)" @@ -3377,13 +3389,13 @@ msgstr "" "root и пользователям службы SSSD)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2279 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" "По умолчанию: 0 (доступ к ответчику PAC разрешён только пользователю root)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2280 +#: sssd.conf.5.xml:2283 msgid "" "Please note that defaults will be overwritten with this option. If you still " "want to allow the root and/or '&sssd_user_name;' user to access the PAC " @@ -3396,7 +3408,7 @@ msgstr "" "случай), необходимо явно добавить их в список разрешенных UID." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2287 +#: sssd.conf.5.xml:2290 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -3410,12 +3422,12 @@ msgstr "" "доступ." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2296 +#: sssd.conf.5.xml:2299 msgid "pac_lifetime (integer)" msgstr "pac_lifetime (целое число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2299 +#: sssd.conf.5.xml:2302 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." @@ -3424,12 +3436,12 @@ msgstr "" "PAC можно использовать для определения участия пользователя в группах." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2309 +#: sssd.conf.5.xml:2312 msgid "pac_check (string)" msgstr "pac_check (строка)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2312 +#: sssd.conf.5.xml:2315 msgid "" "Apply additional checks on the PAC of the Kerberos ticket which is available " "in Active Directory and FreeIPA domains, if configured. Please note that " @@ -3447,12 +3459,12 @@ msgstr "" "пропущена." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2326 +#: sssd.conf.5.xml:2329 msgid "no_check" msgstr "no_check" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2328 +#: sssd.conf.5.xml:2331 msgid "" "The PAC must not be present and even if it is present no additional checks " "will be done." @@ -3461,12 +3473,12 @@ msgstr "" "проверки выполняться не будут." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2334 +#: sssd.conf.5.xml:2337 msgid "pac_present" msgstr "pac_present" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:2339 msgid "" "The PAC must be present in the service ticket which SSSD will request with " "the help of the user's TGT. If the PAC is not available the authentication " @@ -3477,12 +3489,12 @@ msgstr "" "ошибкой." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2344 +#: sssd.conf.5.xml:2347 msgid "check_upn" msgstr "check_upn" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2346 +#: sssd.conf.5.xml:2349 msgid "" "If the PAC is present check if the user principal name (UPN) information is " "consistent." @@ -3491,12 +3503,12 @@ msgstr "" "пользователя (UPN) верна." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2352 +#: sssd.conf.5.xml:2355 msgid "check_upn_allow_missing" msgstr "check_upn_allow_missing" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2357 msgid "" "This option should be used together with 'check_upn' and handles the case " "where a UPN is set on the server-side but is not read by SSSD. The typical " @@ -3516,7 +3528,7 @@ msgstr "" "устанавливать 'ldap_user_principal'." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2366 +#: sssd.conf.5.xml:2369 msgid "" "Currently this option is set by default to avoid regressions in such " "environments. A log message will be added to the system log and SSSD's debug " @@ -3533,24 +3545,24 @@ msgstr "" "пропуску проверки и сообщение не появится в журнале." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2380 +#: sssd.conf.5.xml:2383 msgid "upn_dns_info_present" msgstr "upn_dns_info_present" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2382 +#: sssd.conf.5.xml:2385 msgid "The PAC must contain the UPN-DNS-INFO buffer, implies 'check_upn'." msgstr "" "PAC должен содержать буфер UPN-DNS-INFO, неявным образом устанавливает " "'check_upn'." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2387 +#: sssd.conf.5.xml:2390 msgid "check_upn_dns_info_ex" msgstr "check_upn_dns_info_ex" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2389 +#: sssd.conf.5.xml:2392 msgid "" "If the PAC is present and the extension to the UPN-DNS-INFO buffer is " "available check if the information in the extension is consistent." @@ -3559,12 +3571,12 @@ msgstr "" "согласованы ли данные в расширении." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2396 +#: sssd.conf.5.xml:2399 msgid "upn_dns_info_ex_present" msgstr "upn_dns_info_ex_present" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2401 msgid "" "The PAC must contain the extension of the UPN-DNS-INFO buffer, implies " "'check_upn_dns_info_ex', 'upn_dns_info_present' and 'check_upn'." @@ -3573,7 +3585,7 @@ msgstr "" "устанавливает 'check_upn_dns_info_ex', 'upn_dns_info_present' и 'check_upn'." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2325 msgid "" "The following options can be used alone or in a comma-separated list: " "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -3582,7 +3594,7 @@ msgstr "" "запятыми списка: <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2408 +#: sssd.conf.5.xml:2411 msgid "" "Default: no_check (AD and IPA provider 'check_upn, check_upn_allow_missing, " "check_upn_dns_info_ex')" @@ -3591,12 +3603,12 @@ msgstr "" "check_upn_allow_missing, check_upn_dns_info_ex')" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2417 +#: sssd.conf.5.xml:2420 msgid "Session recording configuration options" msgstr "Параметры настройки записи сеансов" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2419 +#: sssd.conf.5.xml:2422 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -3612,32 +3624,32 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2432 +#: sssd.conf.5.xml:2435 msgid "These options can be used to configure session recording." msgstr "Эти параметры можно использовать для настройки записи сеансов." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2436 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:2439 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "scope (строка)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2443 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:2446 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "«none»" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2446 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:2449 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "Пользователи не записываются." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2451 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:2454 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "«some»" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2454 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:2457 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." @@ -3646,17 +3658,17 @@ msgstr "" "<replaceable>users</replaceable> и <replaceable>groups</replaceable>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2463 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:2466 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "«all»" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2466 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:2469 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "Записываются все пользователи." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2439 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:2442 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -3665,17 +3677,17 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:2476 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "По умолчанию: «none»" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2478 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:2481 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "users (строка)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2481 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:2484 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -3687,17 +3699,17 @@ msgstr "" "так далее." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2487 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:2490 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "По умолчанию: пусто. Не соответствует ни одному пользователю." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2492 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:2495 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "groups (строка)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2495 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:2498 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -3708,7 +3720,7 @@ msgstr "" "NSS, то есть после возможной замены пробелов, смены регистра и так далее." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2501 sssd.conf.5.xml:2533 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:2504 sssd.conf.5.xml:2536 sssd-session-recording.5.xml:129 #: sssd-session-recording.5.xml:161 msgid "" "NOTE: using this option (having it set to anything) has a considerable " @@ -3721,17 +3733,17 @@ msgstr "" "установление соответствия групп, участником которых он является." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2508 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:2511 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "По умолчанию: пусто. Не соответствует ни одной группе." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2513 sssd-session-recording.5.xml:141 +#: sssd.conf.5.xml:2516 sssd-session-recording.5.xml:141 msgid "exclude_users (string)" msgstr "exclude_users (строка)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2516 sssd-session-recording.5.xml:144 +#: sssd.conf.5.xml:2519 sssd-session-recording.5.xml:144 msgid "" "A comma-separated list of users to be excluded from recording, only " "applicable with 'scope=all'." @@ -3740,17 +3752,17 @@ msgstr "" "применимо только при «scope=all»." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2520 sssd-session-recording.5.xml:148 +#: sssd.conf.5.xml:2523 sssd-session-recording.5.xml:148 msgid "Default: Empty. No users excluded." msgstr "По умолчанию: пусто. Не исключается ни один пользователь." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2525 sssd-session-recording.5.xml:153 +#: sssd.conf.5.xml:2528 sssd-session-recording.5.xml:153 msgid "exclude_groups (string)" msgstr "exclude_groups (строка)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2528 sssd-session-recording.5.xml:156 +#: sssd.conf.5.xml:2531 sssd-session-recording.5.xml:156 msgid "" "A comma-separated list of groups, members of which should be excluded from " "recording. Only applicable with 'scope=all'." @@ -3759,23 +3771,23 @@ msgstr "" "применимо только при «scope=all»." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2540 sssd-session-recording.5.xml:168 +#: sssd.conf.5.xml:2543 sssd-session-recording.5.xml:168 msgid "Default: Empty. No groups excluded." msgstr "По умолчанию: пусто. Не исключается ни одна группа." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:2550 +#: sssd.conf.5.xml:2553 msgid "DOMAIN SECTIONS" msgstr "РАЗДЕЛЫ ДОМЕНА" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para> -#: sssd.conf.5.xml:2557 sssd.conf.5.xml:4041 sssd.conf.5.xml:4042 -#: sssd.conf.5.xml:4045 +#: sssd.conf.5.xml:2560 sssd.conf.5.xml:4044 sssd.conf.5.xml:4045 +#: sssd.conf.5.xml:4048 msgid "enabled" msgstr "enabled" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2560 +#: sssd.conf.5.xml:2563 msgid "" "Explicitly enable or disable the domain. If <quote>true</quote>, the domain " "is always <quote>enabled</quote>. If <quote>false</quote>, the domain is " @@ -3790,12 +3802,12 @@ msgstr "" "параметра domains в разделе <quote>[sssd]</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2572 +#: sssd.conf.5.xml:2575 msgid "domain_type (string)" msgstr "domain_type (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2578 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -3808,7 +3820,7 @@ msgstr "" "операционной системы доступны только объекты из доменов POSIX." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2583 +#: sssd.conf.5.xml:2586 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." @@ -3817,7 +3829,7 @@ msgstr "" "<quote>application</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2587 +#: sssd.conf.5.xml:2590 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -3829,7 +3841,7 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) и ответчика PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2595 +#: sssd.conf.5.xml:2598 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." @@ -3838,7 +3850,7 @@ msgstr "" "с <quote>id_provider=ldap</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2602 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." @@ -3847,17 +3859,17 @@ msgstr "" "<quote>Домены приложений</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2603 +#: sssd.conf.5.xml:2606 msgid "Default: posix" msgstr "По умолчанию: posix" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2609 +#: sssd.conf.5.xml:2612 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2615 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -3866,7 +3878,7 @@ msgstr "" "находящуюся вне указанного диапазона, она будет проигнорирована." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2617 +#: sssd.conf.5.xml:2620 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -3880,7 +3892,7 @@ msgstr "" "группы, будут выведены в обычном режиме." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2627 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." @@ -3889,17 +3901,17 @@ msgstr "" "кэш, а не только на их возврат по имени или идентификатору." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2631 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "По умолчанию: 1 для min_id, 0 (без ограничений) для max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2637 msgid "enumerate (bool)" msgstr "enumerate (логическое значение)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2637 +#: sssd.conf.5.xml:2640 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -3912,22 +3924,22 @@ msgstr "" "вторичных групп. Этот параметр может иметь одно из следующих значений:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:2648 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = пользователи и группы перечисляются" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:2651 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = для этого домена не выполняется перечисление" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2651 sssd.conf.5.xml:2942 sssd.conf.5.xml:3119 +#: sssd.conf.5.xml:2654 sssd.conf.5.xml:2945 sssd.conf.5.xml:3122 msgid "Default: FALSE" msgstr "По умолчанию: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2654 +#: sssd.conf.5.xml:2657 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." @@ -3936,7 +3948,7 @@ msgstr "" "сохранить ВСЕ записи пользователей и групп с удалённого сервера." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2659 +#: sssd.conf.5.xml:2662 msgid "" "Feature is only supported for domains with id_provider = ldap or id_provider " "= proxy." @@ -3945,7 +3957,7 @@ msgstr "" "id_provider = proxy." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2663 +#: sssd.conf.5.xml:2666 msgid "" "Note: Enabling enumeration has a severe performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -3969,7 +3981,7 @@ msgstr "" "перезапущен внутренним сторожевым таймером." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2678 +#: sssd.conf.5.xml:2681 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -3978,7 +3990,7 @@ msgstr "" "или групп могут не вернуть результатов до момента завершения перечисления." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2683 +#: sssd.conf.5.xml:2686 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -3992,7 +4004,7 @@ msgstr "" "идентификаторов (id_provider)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2694 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." @@ -4001,7 +4013,7 @@ msgstr "" "средах большого размера." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2696 +#: sssd.conf.5.xml:2699 msgid "" "Note: the proxy provider is tested with open source modules like " "'libnss_files' and 'libnss_ldap'. 3rd party modules must follow the " @@ -4013,32 +4025,32 @@ msgstr "" "этой конфигурации." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2705 +#: sssd.conf.5.xml:2708 msgid "subdomain_enumerate (string)" msgstr "subdomain_enumerate (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2712 +#: sssd.conf.5.xml:2715 msgid "all" msgstr "all" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2716 msgid "All discovered trusted domains will be enumerated" msgstr "Выполнить перечисление для всех обнаруженных доверенных доменов" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2716 +#: sssd.conf.5.xml:2719 msgid "none" msgstr "none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2717 +#: sssd.conf.5.xml:2720 msgid "No discovered trusted domains will be enumerated" msgstr "Не выполнять перечисление для обнаруженных доверенных доменов" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2708 +#: sssd.conf.5.xml:2711 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -4052,12 +4064,12 @@ msgstr "" "только для них." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2731 +#: sssd.conf.5.xml:2734 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2734 +#: sssd.conf.5.xml:2737 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -4066,7 +4078,7 @@ msgstr "" "действительными, прежде чем снова обратиться к внутреннему серверу" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2738 +#: sssd.conf.5.xml:2741 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -4083,17 +4095,17 @@ msgstr "" "уже были кэшированы." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2751 +#: sssd.conf.5.xml:2754 msgid "Default: 5400" msgstr "По умолчанию: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2757 +#: sssd.conf.5.xml:2760 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2760 +#: sssd.conf.5.xml:2763 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" @@ -4103,19 +4115,19 @@ msgstr "" "серверу" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2764 sssd.conf.5.xml:2777 sssd.conf.5.xml:2790 -#: sssd.conf.5.xml:2803 sssd.conf.5.xml:2817 sssd.conf.5.xml:2830 -#: sssd.conf.5.xml:2844 sssd.conf.5.xml:2858 sssd.conf.5.xml:2871 +#: sssd.conf.5.xml:2767 sssd.conf.5.xml:2780 sssd.conf.5.xml:2793 +#: sssd.conf.5.xml:2806 sssd.conf.5.xml:2820 sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2847 sssd.conf.5.xml:2861 sssd.conf.5.xml:2874 msgid "Default: entry_cache_timeout" msgstr "По умолчанию: entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2773 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2776 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" @@ -4124,12 +4136,12 @@ msgstr "" "действительными, прежде чем снова обратиться к внутреннему серверу" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2783 +#: sssd.conf.5.xml:2786 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2786 +#: sssd.conf.5.xml:2789 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" @@ -4138,12 +4150,12 @@ msgstr "" "групп действительными, прежде чем снова обратиться к внутреннему серверу" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2796 +#: sssd.conf.5.xml:2799 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2799 +#: sssd.conf.5.xml:2802 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" @@ -4152,12 +4164,12 @@ msgstr "" "действительными, прежде чем снова обратиться к внутреннему серверу" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2812 msgid "entry_cache_resolver_timeout (integer)" msgstr "entry_cache_resolver_timeout (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2812 +#: sssd.conf.5.xml:2815 msgid "" "How many seconds should nss_sss consider hosts and networks entries valid " "before asking the backend again" @@ -4166,12 +4178,12 @@ msgstr "" "сетей действительными, прежде чем снова обратиться к внутреннему серверу" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:2826 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2826 +#: sssd.conf.5.xml:2829 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" @@ -4180,12 +4192,12 @@ msgstr "" "действительными, прежде чем снова обратиться к внутреннему серверу" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2836 +#: sssd.conf.5.xml:2839 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2839 +#: sssd.conf.5.xml:2842 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" @@ -4195,12 +4207,12 @@ msgstr "" "внутреннему серверу" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2850 +#: sssd.conf.5.xml:2853 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "entry_cache_ssh_host_timeout (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2853 +#: sssd.conf.5.xml:2856 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." @@ -4210,12 +4222,12 @@ msgstr "" "узла в кэше." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2867 msgid "entry_cache_computer_timeout (integer)" msgstr "entry_cache_computer_timeout (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2867 +#: sssd.conf.5.xml:2870 msgid "" "How many seconds to keep the local computer entry before asking the backend " "again" @@ -4224,12 +4236,12 @@ msgstr "" "компьютера, прежде чем снова обратиться к внутреннему серверу" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2877 +#: sssd.conf.5.xml:2880 msgid "refresh_expired_interval (integer)" msgstr "refresh_expired_interval (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2880 +#: sssd.conf.5.xml:2883 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." @@ -4238,7 +4250,7 @@ msgstr "" "обновления всех устаревших или почти устаревших записей." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2885 +#: sssd.conf.5.xml:2888 msgid "" "The background refresh will process users, groups and netgroups in the " "cache. For users who have performed the initgroups (get group membership for " @@ -4252,18 +4264,18 @@ msgstr "" "пользователя в группах, обычно выполняется при запуске)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2893 +#: sssd.conf.5.xml:2896 msgid "This option is automatically inherited for all trusted domains." msgstr "Этот параметр автоматически наследуется для всех доверенных доменов." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2897 +#: sssd.conf.5.xml:2900 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" "Рекомендуется установить это значение равным 3/4 * entry_cache_timeout." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2901 +#: sssd.conf.5.xml:2904 msgid "" "Cache entry will be refreshed by background task when 2/3 of cache timeout " "has already passed. If there are existing cached entries, the background " @@ -4284,18 +4296,18 @@ msgstr "" "существующего кэша." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2914 sssd-ldap.5.xml:361 sssd-ldap.5.xml:1774 +#: sssd.conf.5.xml:2917 sssd-ldap.5.xml:372 sssd-ldap.5.xml:1785 #: sssd-ipa.5.xml:270 msgid "Default: 0 (disabled)" msgstr "По умолчанию: 0 (отключено)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2920 +#: sssd.conf.5.xml:2923 msgid "cache_credentials (bool)" msgstr "cache_credentials (логическое значение)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:2926 msgid "" "Determines if user credentials are also cached in the local LDB cache. The " "cached credentials refer to passwords, which includes the first (long term) " @@ -4312,7 +4324,7 @@ msgstr "" "аутентификация записывается в кэш без дополнительной настройки." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2934 +#: sssd.conf.5.xml:2937 msgid "" "Take a note that while credentials are stored as a salted SHA512 hash, this " "still potentially poses some security risk in case an attacker manages to " @@ -4326,12 +4338,12 @@ msgstr "" "пароль с помощью атаки грубой силы." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:2951 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "cache_credentials_minimal_first_factor_length (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2951 +#: sssd.conf.5.xml:2954 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -4343,7 +4355,7 @@ msgstr "" "сохранён в формате контрольной суммы SHA512 в кэше." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2958 +#: sssd.conf.5.xml:2961 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." @@ -4353,12 +4365,12 @@ msgstr "" "мишенью для атак методом подбора." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:2972 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:2975 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -4371,17 +4383,17 @@ msgstr "" "быть больше или равно значению offline_credentials_expiration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2979 +#: sssd.conf.5.xml:2982 msgid "Default: 0 (unlimited)" msgstr "По умолчанию: 0 (без ограничений)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:2987 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2995 +#: sssd.conf.5.xml:2998 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -4394,17 +4406,17 @@ msgstr "" "настроить поставщика данных проверки подлинности." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3002 +#: sssd.conf.5.xml:3005 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "По умолчанию: 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3008 +#: sssd.conf.5.xml:3011 msgid "id_provider (string)" msgstr "id_provider (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3011 +#: sssd.conf.5.xml:3014 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" @@ -4412,12 +4424,12 @@ msgstr "" "Поддерживаемые поставщики ID:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3015 +#: sssd.conf.5.xml:3018 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "<quote>proxy</quote>: поддержка устаревшего поставщика NSS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3018 +#: sssd.conf.5.xml:3021 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -4429,7 +4441,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3026 +#: sssd.conf.5.xml:3029 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -4440,8 +4452,8 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3034 sssd.conf.5.xml:3145 sssd.conf.5.xml:3196 -#: sssd.conf.5.xml:3259 +#: sssd.conf.5.xml:3037 sssd.conf.5.xml:3148 sssd.conf.5.xml:3199 +#: sssd.conf.5.xml:3262 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Identity Management provider. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -4453,8 +4465,8 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3043 sssd.conf.5.xml:3154 sssd.conf.5.xml:3205 -#: sssd.conf.5.xml:3268 +#: sssd.conf.5.xml:3046 sssd.conf.5.xml:3157 sssd.conf.5.xml:3208 +#: sssd.conf.5.xml:3271 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4465,12 +4477,12 @@ msgstr "" "ad</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3054 +#: sssd.conf.5.xml:3057 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (логическое значение)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3057 +#: sssd.conf.5.xml:3060 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." @@ -4479,7 +4491,7 @@ msgstr "" "домена) в качестве имени для входа пользователя, которое сообщается NSS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3062 +#: sssd.conf.5.xml:3065 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -4493,7 +4505,7 @@ msgstr "" "passwd test@LOCAL</command> получится это сделать." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3070 +#: sssd.conf.5.xml:3073 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -4504,7 +4516,7 @@ msgstr "" "групп выполняется поиск во всех доменах, когда запрашивается неполное имя." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3077 +#: sssd.conf.5.xml:3080 msgid "" "Default: FALSE (TRUE for trusted domain/sub-domains or if " "default_domain_suffix is used)" @@ -4513,17 +4525,17 @@ msgstr "" "использования default_domain_suffix)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3084 +#: sssd.conf.5.xml:3087 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (логическое значение)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3087 +#: sssd.conf.5.xml:3090 msgid "Do not return group members for group lookups." msgstr "Не возвращать участников групп для поиска групп." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3090 +#: sssd.conf.5.xml:3093 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -4542,7 +4554,7 @@ msgstr "" "запрошенную группу так, как будто она пуста." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3111 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -4553,11 +4565,11 @@ msgstr "" "количество участников)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3114 sssd.conf.5.xml:3835 sssd-ldap.5.xml:327 -#: sssd-ldap.5.xml:356 sssd-ldap.5.xml:409 sssd-ldap.5.xml:469 -#: sssd-ldap.5.xml:490 sssd-ldap.5.xml:521 sssd-ldap.5.xml:544 -#: sssd-ldap.5.xml:583 sssd-ldap.5.xml:602 sssd-ldap.5.xml:626 -#: sssd-ldap.5.xml:1054 sssd-ldap.5.xml:1087 +#: sssd.conf.5.xml:3117 sssd.conf.5.xml:3838 sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:367 sssd-ldap.5.xml:420 sssd-ldap.5.xml:480 +#: sssd-ldap.5.xml:501 sssd-ldap.5.xml:532 sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:594 sssd-ldap.5.xml:613 sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:1065 sssd-ldap.5.xml:1098 msgid "" "This option can be also set per subdomain or inherited via " "<emphasis>subdomain_inherit</emphasis>." @@ -4566,12 +4578,12 @@ msgstr "" "унаследован с помощью <emphasis>subdomain_inherit</emphasis>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3124 +#: sssd.conf.5.xml:3127 msgid "auth_provider (string)" msgstr "auth_provider (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3127 +#: sssd.conf.5.xml:3130 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -4580,7 +4592,7 @@ msgstr "" "Поддерживаемые поставщики данных для проверки подлинности:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3131 sssd.conf.5.xml:3189 +#: sssd.conf.5.xml:3134 sssd.conf.5.xml:3192 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4591,7 +4603,7 @@ msgstr "" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3138 +#: sssd.conf.5.xml:3141 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4603,7 +4615,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3162 +#: sssd.conf.5.xml:3165 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" @@ -4611,12 +4623,12 @@ msgstr "" "PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3168 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> — явно отключить проверку подлинности." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3168 +#: sssd.conf.5.xml:3171 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -4625,12 +4637,12 @@ msgstr "" "задан и поддерживает обработку запросов проверки подлинности." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3174 +#: sssd.conf.5.xml:3177 msgid "access_provider (string)" msgstr "access_provider (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3177 +#: sssd.conf.5.xml:3180 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -4641,7 +4653,7 @@ msgstr "" "включены в установленные внутренние серверы). Внутренние особые поставщики:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3183 +#: sssd.conf.5.xml:3186 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." @@ -4650,12 +4662,12 @@ msgstr "" "разрешённого доступа для локального домена." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3186 +#: sssd.conf.5.xml:3189 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> — всегда отказывать в доступе." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3213 +#: sssd.conf.5.xml:3216 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -4668,7 +4680,7 @@ msgstr "" "<manvolnum>5</manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3223 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -4679,23 +4691,23 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3227 +#: sssd.conf.5.xml:3230 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" "<quote>proxy</quote> — передать управление доступом другому модулю PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3230 +#: sssd.conf.5.xml:3233 msgid "Default: <quote>permit</quote>" msgstr "По умолчанию: <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3235 +#: sssd.conf.5.xml:3238 msgid "chpass_provider (string)" msgstr "chpass_provider (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3238 +#: sssd.conf.5.xml:3241 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -4704,7 +4716,7 @@ msgstr "" "домена. Поддерживаемые поставщики данных смены пароля:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3243 +#: sssd.conf.5.xml:3246 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -4715,7 +4727,7 @@ msgstr "" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3251 +#: sssd.conf.5.xml:3254 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4726,19 +4738,19 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3276 +#: sssd.conf.5.xml:3279 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" "<quote>proxy</quote> — передать смену пароля какой-либо другой цели PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3280 +#: sssd.conf.5.xml:3283 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "<quote>none</quote> — явно запретить смену пароля." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3283 +#: sssd.conf.5.xml:3286 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -4747,19 +4759,19 @@ msgstr "" "задан и поддерживает обработку запросов смены пароля." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3290 +#: sssd.conf.5.xml:3293 msgid "sudo_provider (string)" msgstr "sudo_provider (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3293 +#: sssd.conf.5.xml:3296 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" "Поставщик данных SUDO, который используется для домена. Поддерживаемые " "поставщики данных SUDO:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3297 +#: sssd.conf.5.xml:3300 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4770,7 +4782,7 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3305 +#: sssd.conf.5.xml:3308 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." @@ -4779,7 +4791,7 @@ msgstr "" "параметрами IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3309 +#: sssd.conf.5.xml:3312 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." @@ -4788,20 +4800,20 @@ msgstr "" "параметрами AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3313 +#: sssd.conf.5.xml:3316 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "<quote>none</quote> — явно отключить SUDO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3316 sssd.conf.5.xml:3402 sssd.conf.5.xml:3467 -#: sssd.conf.5.xml:3492 sssd.conf.5.xml:3528 +#: sssd.conf.5.xml:3319 sssd.conf.5.xml:3405 sssd.conf.5.xml:3470 +#: sssd.conf.5.xml:3495 sssd.conf.5.xml:3531 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" "По умолчанию: использовать значение <quote>id_provider</quote>, если этот " "параметр задан." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3320 +#: sssd.conf.5.xml:3323 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -4819,7 +4831,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3335 +#: sssd.conf.5.xml:3338 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -4833,12 +4845,12 @@ msgstr "" "планируется использовать sudo." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3345 +#: sssd.conf.5.xml:3348 msgid "selinux_provider (string)" msgstr "selinux_provider (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3348 +#: sssd.conf.5.xml:3351 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -4849,7 +4861,7 @@ msgstr "" "работы поставщика доступа. Поддерживаемые поставщики данных SELinux:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3354 +#: sssd.conf.5.xml:3357 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -4860,12 +4872,12 @@ msgstr "" "ipa</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3362 +#: sssd.conf.5.xml:3365 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "<quote>none</quote> — явно отключает получение параметров SELinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3365 +#: sssd.conf.5.xml:3368 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." @@ -4874,12 +4886,12 @@ msgstr "" "задан и поддерживает обработку запросов загрузки параметров SELinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3371 +#: sssd.conf.5.xml:3374 msgid "subdomains_provider (string)" msgstr "subdomains_provider (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3374 +#: sssd.conf.5.xml:3377 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" @@ -4889,7 +4901,7 @@ msgstr "" "Поддерживаемые поставщики данных поддоменов:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3380 +#: sssd.conf.5.xml:3383 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -4900,7 +4912,7 @@ msgstr "" "ipa</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3389 +#: sssd.conf.5.xml:3392 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -4913,17 +4925,17 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3398 +#: sssd.conf.5.xml:3401 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "<quote>none</quote> — явно отключает получение данных поддоменов." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3408 +#: sssd.conf.5.xml:3411 msgid "session_provider (string)" msgstr "session_provider (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3411 +#: sssd.conf.5.xml:3414 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -4935,14 +4947,14 @@ msgstr "" "Commander (работает только c IPA). Поддерживаемые поставщики данных сеансов:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3418 +#: sssd.conf.5.xml:3421 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" "<quote>ipa</quote> — разрешить выполнение заданий, связанных с сеансами " "пользователей." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3422 +#: sssd.conf.5.xml:3425 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" @@ -4950,7 +4962,7 @@ msgstr "" "пользователей." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3426 +#: sssd.conf.5.xml:3429 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." @@ -4959,12 +4971,12 @@ msgstr "" "задан и поддерживает выполнение заданий, связанных с сеансами." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3433 +#: sssd.conf.5.xml:3436 msgid "autofs_provider (string)" msgstr "autofs_provider (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3436 +#: sssd.conf.5.xml:3439 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" @@ -4972,7 +4984,7 @@ msgstr "" "поставщики данных autofs:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3440 +#: sssd.conf.5.xml:3443 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4983,7 +4995,7 @@ msgstr "" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3447 +#: sssd.conf.5.xml:3450 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4994,7 +5006,7 @@ msgstr "" "ipa</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3455 +#: sssd.conf.5.xml:3458 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -5006,17 +5018,17 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3464 +#: sssd.conf.5.xml:3467 msgid "<quote>none</quote> disables autofs explicitly." msgstr "<quote>none</quote> — явно отключить autofs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3474 +#: sssd.conf.5.xml:3477 msgid "hostid_provider (string)" msgstr "hostid_provider (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3477 +#: sssd.conf.5.xml:3480 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" @@ -5025,7 +5037,7 @@ msgstr "" "узла. Поддерживаемые поставщики hostid:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3481 +#: sssd.conf.5.xml:3484 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -5037,17 +5049,17 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3492 msgid "<quote>none</quote> disables hostid explicitly." msgstr "<quote>none</quote> — явно отключить hostid." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3499 +#: sssd.conf.5.xml:3502 msgid "resolver_provider (string)" msgstr "resolver_provider (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3502 +#: sssd.conf.5.xml:3505 msgid "" "The provider which should handle hosts and networks lookups. Supported " "resolver providers are:" @@ -5056,7 +5068,7 @@ msgstr "" "Поддерживаемые поставщики данных сопоставления:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3506 +#: sssd.conf.5.xml:3509 msgid "" "<quote>proxy</quote> to forward lookups to another NSS library. See " "<quote>proxy_resolver_lib_name</quote>" @@ -5065,7 +5077,7 @@ msgstr "" "NSS. См. <quote>proxy_resolver_lib_name</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3510 +#: sssd.conf.5.xml:3513 msgid "" "<quote>ldap</quote> to fetch hosts and networks stored in LDAP. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -5077,7 +5089,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3517 +#: sssd.conf.5.xml:3520 msgid "" "<quote>ad</quote> to fetch hosts and networks stored in AD. See " "<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" @@ -5090,12 +5102,12 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3525 +#: sssd.conf.5.xml:3528 msgid "<quote>none</quote> disallows fetching hosts and networks explicitly." msgstr "<quote>none</quote> — явно отключает получение записей узлов и сетей." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3538 +#: sssd.conf.5.xml:3541 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -5110,7 +5122,7 @@ msgstr "" "домена." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3547 +#: sssd.conf.5.xml:3550 msgid "" "Default: <quote>^((?P<name>.+)@(?P<domain>[^@]*)|(?P<name>" "[^@]+))$</quote> which allows two different styles for user names:" @@ -5120,17 +5132,17 @@ msgstr "" "пользователей:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3552 sssd.conf.5.xml:3566 +#: sssd.conf.5.xml:3555 sssd.conf.5.xml:3569 msgid "username" msgstr "username" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3555 sssd.conf.5.xml:3569 +#: sssd.conf.5.xml:3558 sssd.conf.5.xml:3572 msgid "username@domain.name" msgstr "username@domain.name" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3560 +#: sssd.conf.5.xml:3563 msgid "" "Default for the AD and IPA provider: <quote>^(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+))|((?P<name>.+)@(?P<domain>[^@]+))|((?P<" @@ -5143,12 +5155,12 @@ msgstr "" "назначать три разных стиля записи имён пользователей:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3572 +#: sssd.conf.5.xml:3575 msgid "domain\\username" msgstr "domain\\username" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3575 +#: sssd.conf.5.xml:3578 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." @@ -5157,7 +5169,7 @@ msgstr "" "обеспечения простой интеграции пользователей из доменов Windows." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3580 +#: sssd.conf.5.xml:3583 msgid "" "The default re_expression uses the <quote>@</quote> character as a separator " "between the name and the domain. As a result of this setting the default " @@ -5173,17 +5185,17 @@ msgstr "" "создать собственное re_expression." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3632 +#: sssd.conf.5.xml:3635 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "По умолчанию: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3638 +#: sssd.conf.5.xml:3641 msgid "lookup_family_order (string)" msgstr "lookup_family_order (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3641 +#: sssd.conf.5.xml:3644 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -5192,46 +5204,46 @@ msgstr "" "следует использовать при выполнении запросов DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3645 +#: sssd.conf.5.xml:3648 msgid "Supported values:" msgstr "Поддерживаемые значения:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3648 +#: sssd.conf.5.xml:3651 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" "ipv4_first: попытаться найти адрес IPv4, в случае неудачи попытаться найти " "адрес IPv6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3651 +#: sssd.conf.5.xml:3654 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "ipv4_only: пытаться разрешать имена узлов только в адреса IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3654 +#: sssd.conf.5.xml:3657 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" "ipv6_first: попытаться найти адрес IPv6, в случае неудачи попытаться найти " "адрес IPv4" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3657 +#: sssd.conf.5.xml:3660 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "ipv6_only: пытаться разрешать имена узлов только в адреса IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3660 +#: sssd.conf.5.xml:3663 msgid "Default: ipv4_first" msgstr "По умолчанию: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3666 +#: sssd.conf.5.xml:3669 msgid "dns_resolver_server_timeout (integer)" msgstr "dns_resolver_server_timeout (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3669 +#: sssd.conf.5.xml:3672 msgid "" "Defines the amount of time (in milliseconds) SSSD would try to talk to DNS " "server before trying next DNS server." @@ -5241,7 +5253,7 @@ msgstr "" "следующему." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3674 +#: sssd.conf.5.xml:3677 msgid "" "The AD provider will use this option for the CLDAP ping timeouts as well." msgstr "" @@ -5249,7 +5261,7 @@ msgstr "" "времени проверки связи CLDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3678 sssd.conf.5.xml:3698 sssd.conf.5.xml:3719 +#: sssd.conf.5.xml:3681 sssd.conf.5.xml:3701 sssd.conf.5.xml:3722 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." @@ -5258,17 +5270,17 @@ msgstr "" "<quote>ОБРАБОТКА ОТКАЗА</quote>." #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3683 sssd-ldap.5.xml:645 include/failover.xml:84 +#: sssd.conf.5.xml:3686 sssd-ldap.5.xml:656 include/failover.xml:84 msgid "Default: 1000" msgstr "По умолчанию: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3689 +#: sssd.conf.5.xml:3692 msgid "dns_resolver_op_timeout (integer)" msgstr "dns_resolver_op_timeout (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3692 +#: sssd.conf.5.xml:3695 msgid "" "Defines the amount of time (in seconds) to wait to resolve single DNS query " "(e.g. resolution of a hostname or an SRV record) before trying the next " @@ -5280,17 +5292,17 @@ msgstr "" "следующего DNS." #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3703 include/failover.xml:100 +#: sssd.conf.5.xml:3706 include/failover.xml:100 msgid "Default: 3" msgstr "По умолчанию: 3" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3709 +#: sssd.conf.5.xml:3712 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3712 +#: sssd.conf.5.xml:3715 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -5303,12 +5315,12 @@ msgstr "" "работу в автономном режиме." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3730 +#: sssd.conf.5.xml:3733 msgid "dns_resolver_use_search_list (bool)" msgstr "dns_resolver_use_search_list (логическое значение)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3733 +#: sssd.conf.5.xml:3736 msgid "" "Normally, the DNS resolver searches the domain list defined in the " "\"search\" directive from the resolv.conf file. This can lead to delays in " @@ -5319,7 +5331,7 @@ msgstr "" "средах с неправильно настроенным DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3739 +#: sssd.conf.5.xml:3742 msgid "" "If fully qualified domain names (or _srv_) are used in the SSSD " "configuration, setting this option to FALSE can prevent unnecessary DNS " @@ -5330,17 +5342,17 @@ msgstr "" "запросы DNS в таких средах." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3745 +#: sssd.conf.5.xml:3748 msgid "Default: TRUE" msgstr "По умолчанию: TRUE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3751 +#: sssd.conf.5.xml:3754 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3754 +#: sssd.conf.5.xml:3757 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -5349,17 +5361,17 @@ msgstr "" "доменную часть запроса обнаружения служб DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3758 +#: sssd.conf.5.xml:3761 msgid "Default: Use the domain part of machine's hostname" msgstr "По умолчанию: использовать доменную часть имени узла компьютера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3764 +#: sssd.conf.5.xml:3767 msgid "failover_primary_timeout (integer)" msgstr "failover_primary_timeout (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3767 +#: sssd.conf.5.xml:3770 msgid "" "When no primary server is available, SSSD fails over to a backup server. " "This option defines the number of seconds SSSD waits before attempting to " @@ -5370,59 +5382,59 @@ msgstr "" "повторного подключения к основному серверу." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3774 +#: sssd.conf.5.xml:3777 msgid "Note: The minimum value is 31." msgstr "Примечание: минимальное значение — 31." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3777 +#: sssd.conf.5.xml:3780 msgid "Default: 31" msgstr "По умолчанию: 31" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3783 +#: sssd.conf.5.xml:3786 msgid "override_gid (integer)" msgstr "override_gid (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3786 +#: sssd.conf.5.xml:3789 msgid "Override the primary GID value with the one specified." msgstr "Переопределить значение основного GID указанным значением." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3792 +#: sssd.conf.5.xml:3795 msgid "case_sensitive (string)" msgstr "case_sensitive (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3799 +#: sssd.conf.5.xml:3802 msgid "True" msgstr "True" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3802 +#: sssd.conf.5.xml:3805 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" "С учётом регистра. Это значение не является корректным для поставщика данных " "AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3808 +#: sssd.conf.5.xml:3811 msgid "False" msgstr "False" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3810 +#: sssd.conf.5.xml:3813 msgid "Case insensitive." msgstr "Без учёта регистра." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3814 +#: sssd.conf.5.xml:3817 msgid "Preserving" msgstr "Preserving" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3817 +#: sssd.conf.5.xml:3820 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -5434,7 +5446,7 @@ msgstr "" "регистр в выведенных данных." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3825 +#: sssd.conf.5.xml:3828 msgid "" "If you want to set this value for trusted domain with IPA provider, you need " "to set it on both the client and SSSD on the server." @@ -5444,7 +5456,7 @@ msgstr "" "на сервере." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3795 +#: sssd.conf.5.xml:3798 msgid "" "Treat user and group names as case sensitive. Possible option values are: " "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -5453,17 +5465,17 @@ msgstr "" "значения: <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3840 +#: sssd.conf.5.xml:3843 msgid "Default: True (False for AD provider)" msgstr "По умолчанию: True (False для поставщика данных AD)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3846 +#: sssd.conf.5.xml:3849 msgid "subdomain_inherit (string)" msgstr "subdomain_inherit (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3849 +#: sssd.conf.5.xml:3852 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -5475,47 +5487,47 @@ msgstr "" "параметров:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3855 +#: sssd.conf.5.xml:3858 msgid "ldap_search_timeout" msgstr "ldap_search_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3858 +#: sssd.conf.5.xml:3861 msgid "ldap_network_timeout" msgstr "ldap_network_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3861 +#: sssd.conf.5.xml:3864 msgid "ldap_opt_timeout" msgstr "ldap_opt_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3864 +#: sssd.conf.5.xml:3867 msgid "ldap_offline_timeout" msgstr "ldap_offline_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3867 +#: sssd.conf.5.xml:3870 msgid "ldap_enumeration_refresh_timeout" msgstr "ldap_enumeration_refresh_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3870 +#: sssd.conf.5.xml:3873 msgid "ldap_enumeration_refresh_offset" msgstr "ldap_enumeration_refresh_offset" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3873 +#: sssd.conf.5.xml:3876 msgid "ldap_purge_cache_timeout" msgstr "ldap_purge_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3876 +#: sssd.conf.5.xml:3879 msgid "ldap_purge_cache_offset" msgstr "ldap_purge_cache_offset" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3879 +#: sssd.conf.5.xml:3882 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" @@ -5524,57 +5536,57 @@ msgstr "" "ldap_krb5_keytab не задан явно)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3883 +#: sssd.conf.5.xml:3886 msgid "ldap_krb5_ticket_lifetime" msgstr "ldap_krb5_ticket_lifetime" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3886 +#: sssd.conf.5.xml:3889 msgid "ldap_enumeration_search_timeout" msgstr "ldap_enumeration_search_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3889 +#: sssd.conf.5.xml:3892 msgid "ldap_connection_expire_timeout" msgstr "ldap_connection_expire_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3892 +#: sssd.conf.5.xml:3895 msgid "ldap_connection_expire_offset" msgstr "ldap_connection_expire_offset" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3895 +#: sssd.conf.5.xml:3898 msgid "ldap_connection_idle_timeout" msgstr "ldap_connection_idle_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3898 sssd-ldap.5.xml:401 +#: sssd.conf.5.xml:3901 sssd-ldap.5.xml:412 msgid "ldap_use_tokengroups" msgstr "ldap_use_tokengroups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3901 +#: sssd.conf.5.xml:3904 msgid "ldap_user_principal" msgstr "ldap_user_principal" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3904 +#: sssd.conf.5.xml:3907 msgid "ignore_group_members" msgstr "ignore_group_members" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3907 +#: sssd.conf.5.xml:3910 msgid "auto_private_groups" msgstr "auto_private_groups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3910 +#: sssd.conf.5.xml:3913 msgid "case_sensitive" msgstr "case_sensitive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3915 +#: sssd.conf.5.xml:3918 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -5584,28 +5596,28 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3922 +#: sssd.conf.5.xml:3925 msgid "Note: This option only works with the IPA and AD provider." msgstr "" "Примечание: этот параметр работает только для поставщиков данных IPA и AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3929 +#: sssd.conf.5.xml:3932 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3940 +#: sssd.conf.5.xml:3943 msgid "%F" msgstr "%F" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3941 +#: sssd.conf.5.xml:3944 msgid "flat (NetBIOS) name of a subdomain." msgstr "плоское (NetBIOS) имя поддомена." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3932 +#: sssd.conf.5.xml:3935 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -5621,7 +5633,7 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3946 +#: sssd.conf.5.xml:3949 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" @@ -5629,29 +5641,29 @@ msgstr "" "<emphasis>override_homedir</emphasis>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3950 +#: sssd.conf.5.xml:3953 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "По умолчанию: <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3955 +#: sssd.conf.5.xml:3958 msgid "realmd_tags (string)" msgstr "realmd_tags (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3958 +#: sssd.conf.5.xml:3961 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" "Различные метки, сохранённые службой настройки realmd для этого домена." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3964 +#: sssd.conf.5.xml:3967 msgid "cached_auth_timeout (int)" msgstr "cached_auth_timeout (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3967 +#: sssd.conf.5.xml:3970 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -5665,7 +5677,7 @@ msgstr "" "сетевом режиме." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3975 +#: sssd.conf.5.xml:3978 msgid "" "This option's value is inherited by all trusted domains. At the moment it is " "not possible to set a different value per trusted domain." @@ -5675,12 +5687,12 @@ msgstr "" "значения." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3980 +#: sssd.conf.5.xml:3983 msgid "Special value 0 implies that this feature is disabled." msgstr "Специальное значение «0» подразумевает, что эта возможность отключена." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3984 +#: sssd.conf.5.xml:3987 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -5691,12 +5703,12 @@ msgstr "" "обработки <quote>initgroups.</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3995 +#: sssd.conf.5.xml:3998 msgid "local_auth_policy (string)" msgstr "local_auth_policy (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3998 +#: sssd.conf.5.xml:4001 msgid "" "Local authentication methods policy. Some backends (i.e. LDAP, proxy " "provider) only support a password based authentication, while others can " @@ -5716,7 +5728,7 @@ msgstr "" "и проверяются локально." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4010 +#: sssd.conf.5.xml:4013 msgid "" "There are three possible values for this option: match, only, enable. " "<quote>match</quote> is used to match offline and online states for Kerberos " @@ -5736,7 +5748,7 @@ msgstr "" "разделены запятыми, например, <quote>enable:passkey, enable:smartcard</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4023 +#: sssd.conf.5.xml:4026 msgid "" "The following table shows which authentication methods, if configured " "properly, are currently enabled or disabled for each backend, with the " @@ -5748,42 +5760,42 @@ msgstr "" "local_auth_policy: <quote>match</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4036 +#: sssd.conf.5.xml:4039 msgid "local_auth_policy = match (default)" msgstr "local_auth_policy = match (по умолчанию)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4037 +#: sssd.conf.5.xml:4040 msgid "Passkey" msgstr "Ключ" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4038 +#: sssd.conf.5.xml:4041 msgid "Smartcard" msgstr "Смарт-карта" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4041 sssd-ldap.5.xml:189 +#: sssd.conf.5.xml:4044 sssd-ldap.5.xml:189 msgid "IPA" msgstr "IPA" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4044 sssd-ldap.5.xml:194 +#: sssd.conf.5.xml:4047 sssd-ldap.5.xml:194 msgid "AD" msgstr "AD" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para> -#: sssd.conf.5.xml:4044 sssd.conf.5.xml:4047 sssd.conf.5.xml:4048 +#: sssd.conf.5.xml:4047 sssd.conf.5.xml:4050 sssd.conf.5.xml:4051 msgid "disabled" msgstr "выключено" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry> -#: sssd.conf.5.xml:4047 +#: sssd.conf.5.xml:4050 msgid "LDAP" msgstr "LDAP" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4052 +#: sssd.conf.5.xml:4055 msgid "" "Please note that if local Smartcard authentication is enabled and a " "Smartcard is present, Smartcard authentication will be preferred over the " @@ -5796,7 +5808,7 @@ msgstr "" "е., например, вместо запроса пароля будет предложено ввести PIN-код." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4064 +#: sssd.conf.5.xml:4067 #, no-wrap msgid "" "[domain/shadowutils]\n" @@ -5812,7 +5824,7 @@ msgstr "" "local_auth_policy = only\n" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4060 +#: sssd.conf.5.xml:4063 msgid "" "The following configuration example allows local users to authenticate " "locally using any enabled method (i.e. smartcard, passkey). <placeholder " @@ -5824,7 +5836,7 @@ msgstr "" "type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4072 +#: sssd.conf.5.xml:4075 msgid "" "It is expected that the <quote>files</quote> provider ignores the " "local_auth_policy option and supports Smartcard authentication by default." @@ -5834,22 +5846,22 @@ msgstr "" "помощью смарт-карты." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4077 +#: sssd.conf.5.xml:4080 msgid "Default: match" msgstr "По умолчанию: match" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4082 +#: sssd.conf.5.xml:4085 msgid "auto_private_groups (string)" msgstr "auto_private_groups (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4088 +#: sssd.conf.5.xml:4091 msgid "true" msgstr "true" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4091 +#: sssd.conf.5.xml:4094 msgid "" "Create user's private group unconditionally from user's UID number. The GID " "number is ignored in this case." @@ -5858,7 +5870,7 @@ msgstr "" "UID пользователя. Номер GID в этом случае игнорируется." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4095 +#: sssd.conf.5.xml:4098 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -5872,12 +5884,12 @@ msgstr "" "пространстве идентификаторов." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4104 +#: sssd.conf.5.xml:4107 msgid "false" msgstr "false" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4107 +#: sssd.conf.5.xml:4110 msgid "" "Always use the user's primary GID number. The GID number must refer to a " "group object in the LDAP database." @@ -5886,12 +5898,12 @@ msgstr "" "ссылаться на объект группы в базе данных LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4113 +#: sssd.conf.5.xml:4116 msgid "hybrid" msgstr "hybrid" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4116 +#: sssd.conf.5.xml:4119 msgid "" "A primary group is autogenerated for user entries whose UID and GID numbers " "have the same value and at the same time the GID number does not correspond " @@ -5906,7 +5918,7 @@ msgstr "" "основной GID этого пользователя разрешается в этот объект группы." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4129 +#: sssd.conf.5.xml:4132 msgid "" "If the UID and GID of a user are different, then the GID must correspond to " "a group entry, otherwise the GID is simply not resolvable." @@ -5915,7 +5927,7 @@ msgstr "" "группы; в ином случае GID просто будет невозможно разрешить." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4136 +#: sssd.conf.5.xml:4139 msgid "" "This feature is useful for environments that wish to stop maintaining a " "separate group objects for the user private groups, but also wish to retain " @@ -5926,7 +5938,7 @@ msgstr "" "сохранить существующие закрытые группы пользователей." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4085 +#: sssd.conf.5.xml:4088 msgid "" "This option takes any of three available values: <placeholder " "type=\"variablelist\" id=\"0\"/>" @@ -5935,7 +5947,7 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4148 +#: sssd.conf.5.xml:4151 msgid "" "For subdomains, the default value is False for subdomains that use assigned " "POSIX IDs and True for subdomains that use automatic ID-mapping." @@ -5945,7 +5957,7 @@ msgstr "" "поддоменов, которые используют автоматическое сопоставление идентификаторов." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4156 +#: sssd.conf.5.xml:4159 #, no-wrap msgid "" "[domain/forest.domain/sub.domain]\n" @@ -5955,7 +5967,7 @@ msgstr "" "auto_private_groups = false\n" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4162 +#: sssd.conf.5.xml:4165 #, no-wrap msgid "" "[domain/forest.domain]\n" @@ -5967,7 +5979,7 @@ msgstr "" "auto_private_groups = false\n" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4153 +#: sssd.conf.5.xml:4156 msgid "" "The value of auto_private_groups can either be set per subdomains in a " "subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " @@ -5981,7 +5993,7 @@ msgstr "" "type=\"programlisting\" id=\"1\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2552 +#: sssd.conf.5.xml:2555 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -5992,17 +6004,17 @@ msgstr "" "replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4177 +#: sssd.conf.5.xml:4180 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4180 +#: sssd.conf.5.xml:4183 msgid "The proxy target PAM proxies to." msgstr "Цель, которой пересылает данные прокси PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4183 +#: sssd.conf.5.xml:4186 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here. As an alternative you can " @@ -6014,12 +6026,12 @@ msgstr "" "local_auth_policy." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4193 +#: sssd.conf.5.xml:4196 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4196 +#: sssd.conf.5.xml:4199 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -6030,12 +6042,12 @@ msgstr "" "_nss_$(libName)_$(function), например: _nss_files_getpwent." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4206 +#: sssd.conf.5.xml:4209 msgid "proxy_resolver_lib_name (string)" msgstr "proxy_resolver_lib_name (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4209 +#: sssd.conf.5.xml:4212 msgid "" "The name of the NSS library to use for hosts and networks lookups in proxy " "domains. The NSS functions searched for in the library are in the form of " @@ -6046,12 +6058,12 @@ msgstr "" "вид _nss_$(libName)_$(function), например: _nss_dns_gethostbyname2_r." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4220 +#: sssd.conf.5.xml:4223 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (логическое значение)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4223 +#: sssd.conf.5.xml:4226 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -6065,12 +6077,12 @@ msgstr "" "идентификатора в кэше в целях ускорения предоставления результатов." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4237 +#: sssd.conf.5.xml:4240 msgid "proxy_max_children (integer)" msgstr "proxy_max_children (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4240 +#: sssd.conf.5.xml:4243 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -6082,7 +6094,7 @@ msgstr "" "постановки запросов в очередь." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4173 +#: sssd.conf.5.xml:4176 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -6091,12 +6103,12 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:4256 +#: sssd.conf.5.xml:4259 msgid "Application domains" msgstr "Домены приложений" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4258 +#: sssd.conf.5.xml:4261 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -6125,7 +6137,7 @@ msgstr "" "традиционного домена SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4278 +#: sssd.conf.5.xml:4281 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -6136,17 +6148,17 @@ msgstr "" "порядок поиска для домена приложений и его родственного домена POSIX." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:4284 +#: sssd.conf.5.xml:4287 msgid "Application domain parameters" msgstr "Параметры доменов приложений" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4286 +#: sssd.conf.5.xml:4289 msgid "inherit_from (string)" msgstr "inherit_from (строка)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4289 +#: sssd.conf.5.xml:4292 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -6159,7 +6171,7 @@ msgstr "" "<quote>родственного</quote> домена." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4303 +#: sssd.conf.5.xml:4306 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -6174,7 +6186,7 @@ msgstr "" "атрибут phone доступным через интерфейс D-Bus." #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:4311 +#: sssd.conf.5.xml:4314 #, no-wrap msgid "" "[sssd]\n" @@ -6208,12 +6220,12 @@ msgstr "" "ldap_user_extra_attrs = phone:telephoneNumber\n" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4331 +#: sssd.conf.5.xml:4334 msgid "TRUSTED DOMAIN SECTION" msgstr "РАЗДЕЛ ДОВЕРЕННЫХ ДОМЕНОВ" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4333 +#: sssd.conf.5.xml:4336 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -6231,57 +6243,57 @@ msgstr "" "поддерживаются следующие параметры:" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4340 +#: sssd.conf.5.xml:4343 msgid "ldap_search_base," msgstr "ldap_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4341 +#: sssd.conf.5.xml:4344 msgid "ldap_user_search_base," msgstr "ldap_user_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4342 +#: sssd.conf.5.xml:4345 msgid "ldap_group_search_base," msgstr "ldap_group_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4343 +#: sssd.conf.5.xml:4346 msgid "ldap_netgroup_search_base," msgstr "ldap_netgroup_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4344 +#: sssd.conf.5.xml:4347 msgid "ldap_service_search_base," msgstr "ldap_service_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4345 +#: sssd.conf.5.xml:4348 msgid "ldap_sasl_mech," msgstr "ldap_sasl_mech," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4346 +#: sssd.conf.5.xml:4349 msgid "ad_server," msgstr "ad_server," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4347 +#: sssd.conf.5.xml:4350 msgid "ad_backup_server," msgstr "ad_backup_server," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4348 +#: sssd.conf.5.xml:4351 msgid "ad_site," msgstr "ad_site," #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4349 sssd-ipa.5.xml:884 +#: sssd.conf.5.xml:4352 sssd-ipa.5.xml:948 msgid "use_fully_qualified_names" msgstr "use_fully_qualified_names" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4353 +#: sssd.conf.5.xml:4356 msgid "" "For more details about these options see their individual description in the " "manual page." @@ -6290,12 +6302,12 @@ msgstr "" "справочной странице." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4359 +#: sssd.conf.5.xml:4362 msgid "CERTIFICATE MAPPING SECTION" msgstr "РАЗДЕЛ СОПОСТАВЛЕНИЯ СЕРТИФИКАТОВ" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4361 +#: sssd.conf.5.xml:4364 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -6318,7 +6330,7 @@ msgstr "" "проверки подлинности." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4375 +#: sssd.conf.5.xml:4378 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -6329,7 +6341,7 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>)." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4384 +#: sssd.conf.5.xml:4387 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -6342,12 +6354,12 @@ msgstr "" "replaceable>]</quote>. В этом разделе допустимы следующие параметры:" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4391 +#: sssd.conf.5.xml:4394 msgid "matchrule (string)" msgstr "matchrule (строка)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4394 +#: sssd.conf.5.xml:4397 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." @@ -6356,7 +6368,7 @@ msgstr "" "соответствуют этому правилу. Все остальные будут игнорироваться." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4398 +#: sssd.conf.5.xml:4401 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" @@ -6366,17 +6378,17 @@ msgstr "" "<quote>clientAuth</quote>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4405 +#: sssd.conf.5.xml:4408 msgid "maprule (string)" msgstr "maprule (строка)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4408 +#: sssd.conf.5.xml:4411 msgid "Defines how the user is found for a given certificate." msgstr "Определяет способ поиска пользователя для указанного сертификата." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4414 +#: sssd.conf.5.xml:4417 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." @@ -6386,21 +6398,20 @@ msgstr "" "quote>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4420 +#: sssd.conf.5.xml:4423 msgid "" -"The RULE_NAME for the <quote>files</quote> provider which tries to find a " -"user with the same name." +"If maprule is not set and provider is <quote>proxy</quote><phrase " +"condition=\"with_files_provider\">  or <quote>files</quote></phrase>, " +"the RULE_NAME name is assumed to be the name of the matching user." msgstr "" -"RULE_NAME для поставщика данных <quote>files</quote>, который пытается найти " -"пользователя с таким же именем." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4429 +#: sssd.conf.5.xml:4434 msgid "domains (string)" msgstr "domains (строка)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4432 +#: sssd.conf.5.xml:4437 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -6413,17 +6424,17 @@ msgstr "" "параметра можно добавить правило также и в поддомены." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4439 +#: sssd.conf.5.xml:4444 msgid "Default: the configured domain in sssd.conf" msgstr "По умолчанию: настроенный домен в sssd.conf" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4444 +#: sssd.conf.5.xml:4449 msgid "priority (integer)" msgstr "priority (целое число)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4447 +#: sssd.conf.5.xml:4452 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -6434,12 +6445,12 @@ msgstr "" "приоритет, а <quote>4294967295</quote> — самый низкий." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4453 +#: sssd.conf.5.xml:4458 msgid "Default: the lowest priority" msgstr "По умолчанию: самый низкий приоритет" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4459 +#: sssd.conf.5.xml:4464 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" @@ -6449,7 +6460,7 @@ msgstr "" "свойства:" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4465 +#: sssd.conf.5.xml:4470 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" @@ -6458,7 +6469,7 @@ msgstr "" "RULE_NAME" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4471 +#: sssd.conf.5.xml:4476 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -6471,17 +6482,17 @@ msgstr "" "<quote>({subject_rfc822_name.short_name})</quote>" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4480 +#: sssd.conf.5.xml:4485 msgid "the <quote>domains</quote> option is ignored" msgstr "параметр <quote>domains</quote> игнорируется" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4488 +#: sssd.conf.5.xml:4493 msgid "PROMPTING CONFIGURATION SECTION" msgstr "РАЗДЕЛ НАСТРОЙКИ ЗАПРОСОВ" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4490 +#: sssd.conf.5.xml:4495 msgid "" "If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" "filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " @@ -6496,7 +6507,7 @@ msgstr "" "запросит у пользователя соответствующие учётные данные." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4498 +#: sssd.conf.5.xml:4503 msgid "" "With the growing number of authentication methods and the possibility that " "there are multiple ones for a single user the heuristic used by pam_sss to " @@ -6509,22 +6520,22 @@ msgstr "" "Следующие параметры обеспечивают более гибкую настройку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4510 +#: sssd.conf.5.xml:4515 msgid "[prompting/password]" msgstr "[prompting/password]" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4513 +#: sssd.conf.5.xml:4518 msgid "password_prompt" msgstr "password_prompt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4514 +#: sssd.conf.5.xml:4519 msgid "to change the string of the password prompt" msgstr "изменить строку запроса пароля" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4512 +#: sssd.conf.5.xml:4517 msgid "" "to configure password prompting, allowed options are: <placeholder " "type=\"variablelist\" id=\"0\"/>" @@ -6533,37 +6544,37 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4522 +#: sssd.conf.5.xml:4527 msgid "[prompting/2fa]" msgstr "[prompting/2fa]" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4526 +#: sssd.conf.5.xml:4531 msgid "first_prompt" msgstr "first_prompt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4527 +#: sssd.conf.5.xml:4532 msgid "to change the string of the prompt for the first factor" msgstr "изменить строку запроса первого фактора" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4530 +#: sssd.conf.5.xml:4535 msgid "second_prompt" msgstr "second_prompt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4531 +#: sssd.conf.5.xml:4536 msgid "to change the string of the prompt for the second factor" msgstr "изменить строку запроса второго фактора" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4534 +#: sssd.conf.5.xml:4539 msgid "single_prompt" msgstr "single_prompt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4535 +#: sssd.conf.5.xml:4540 msgid "" "boolean value, if True there will be only a single prompt using the value of " "first_prompt where it is expected that both factors are entered as a single " @@ -6576,7 +6587,7 @@ msgstr "" "фактора, даже если второй фактор является необязательным." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4524 +#: sssd.conf.5.xml:4529 msgid "" "to configure two-factor authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/> If the second factor is " @@ -6589,7 +6600,7 @@ msgstr "" "пароль, либо оба фактора, следует использовать двухэтапный запрос." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4548 +#: sssd.conf.5.xml:4553 msgid "" "Some clients, such as SSH with 'PasswordAuthentication yes', generate their " "own prompts and do not use prompts provided by SSSD or other PAM modules. " @@ -6600,17 +6611,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4563 +#: sssd.conf.5.xml:4568 msgid "[prompting/passkey]" msgstr "[prompting/passkey]" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4569 sssd-ad.5.xml:1022 +#: sssd.conf.5.xml:4574 sssd-ad.5.xml:1022 msgid "interactive" msgstr "interactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4571 +#: sssd.conf.5.xml:4576 msgid "" "boolean value, if True prompt a message and wait before testing the presence " "of a passkey device. Recommended if your device doesn’t have a tactile " @@ -6621,22 +6632,22 @@ msgstr "" "тактильного переключателя." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4579 +#: sssd.conf.5.xml:4584 msgid "interactive_prompt" msgstr "interactive_prompt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4581 +#: sssd.conf.5.xml:4586 msgid "to change the message of the interactive prompt." msgstr "изменить сообщение интерактивного запроса." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4586 +#: sssd.conf.5.xml:4591 msgid "touch" msgstr "touch" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4588 +#: sssd.conf.5.xml:4593 msgid "" "boolean value, if True prompt a message to remind the user to touch the " "device." @@ -6645,17 +6656,17 @@ msgstr "" "пользователю о необходимости коснуться устройства." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4594 +#: sssd.conf.5.xml:4599 msgid "touch_prompt" msgstr "touch_prompt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4596 +#: sssd.conf.5.xml:4601 msgid "to change the message of the touch prompt." msgstr "изменить сообщение запроса касания." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4565 +#: sssd.conf.5.xml:4570 msgid "" "to configure passkey authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -6664,7 +6675,7 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4505 +#: sssd.conf.5.xml:4510 msgid "" "Each supported authentication method has its own configuration subsection " "under <quote>[prompting/...]</quote>. Currently there are: <placeholder " @@ -6678,7 +6689,7 @@ msgstr "" "type=\"variablelist\" id=\"2\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4607 +#: sssd.conf.5.xml:4612 msgid "" "It is possible to add a subsection for specific PAM services, e.g. " "<quote>[prompting/password/sshd]</quote> to individual change the prompting " @@ -6689,12 +6700,12 @@ msgstr "" "конкретно для этой службы." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4614 pam_sss_gss.8.xml:157 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:4619 pam_sss_gss.8.xml:157 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "ПРИМЕРЫ" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4620 +#: sssd.conf.5.xml:4625 #, no-wrap msgid "" "[sssd]\n" @@ -6746,7 +6757,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4616 +#: sssd.conf.5.xml:4621 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -6758,7 +6769,7 @@ msgstr "" "документации. <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4652 +#: sssd.conf.5.xml:4657 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -6768,7 +6779,7 @@ msgstr "" "use_fully_qualified_names = false\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4646 +#: sssd.conf.5.xml:4651 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -6785,7 +6796,7 @@ msgstr "" "type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4663 +#: sssd.conf.5.xml:4668 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -6801,7 +6812,7 @@ msgstr "" "priority = 10\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4657 +#: sssd.conf.5.xml:4662 msgid "" "3. The following example shows the configuration of a certificate mapping " "rule. It is valid for the configured domain <quote>my.domain</quote> and " @@ -7139,8 +7150,17 @@ msgstr "exop — расширенное действие по изменению msgid "ldap_modify - Direct modification of userPassword (not recommended)." msgstr "ldap_modify — прямое изменение userPassword (не рекомендуется)." +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:239 +msgid "" +"exop_force - Try Password Modify Extended Operation (RFC 3062) even if there " +"are no grace logins left. Depending on the type and configuration of the " +"LDAP server the password change might fail because an authenticated bind is " +"not possible." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:240 +#: sssd-ldap.5.xml:251 msgid "" "Note: First, a new connection is established to verify current password by " "binding as the user that requested password change. If successful, this " @@ -7153,54 +7173,54 @@ msgstr "" "пользователя должны быть права на запись в атрибут userPassword." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:248 +#: sssd-ldap.5.xml:259 msgid "Default: exop" msgstr "По умолчанию: exop" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:265 msgid "ldap_default_bind_dn (string)" msgstr "ldap_default_bind_dn (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:268 msgid "The default bind DN to use for performing LDAP operations." msgstr "" "Стандартное DN привязки, которое следует использовать для выполнения " "действий LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:264 +#: sssd-ldap.5.xml:275 msgid "ldap_default_authtok_type (string)" msgstr "ldap_default_authtok_type (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:267 +#: sssd-ldap.5.xml:278 msgid "The type of the authentication token of the default bind DN." msgstr "Тип маркера проверки подлинности для bind DN по умолчанию." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:271 +#: sssd-ldap.5.xml:282 msgid "The two mechanisms currently supported are:" msgstr "В настоящее время поддерживаются два механизма:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:274 +#: sssd-ldap.5.xml:285 msgid "password" msgstr "password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:288 msgid "obfuscated_password" msgstr "obfuscated_password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:291 msgid "Default: password" msgstr "По умолчанию: password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:283 +#: sssd-ldap.5.xml:294 msgid "" "See the <citerefentry> <refentrytitle>sss_obfuscate</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> manual page for more information." @@ -7210,22 +7230,22 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:294 +#: sssd-ldap.5.xml:305 msgid "ldap_default_authtok (string)" msgstr "ldap_default_authtok (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 +#: sssd-ldap.5.xml:308 msgid "The authentication token of the default bind DN." msgstr "Маркер проверки подлинности стандартного DN привязки." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:314 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (логическое значение)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:317 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -7238,12 +7258,12 @@ msgstr "" "следует использовать название области в верхнем регистре." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:319 +#: sssd-ldap.5.xml:330 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:322 +#: sssd-ldap.5.xml:333 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." @@ -7252,12 +7272,12 @@ msgstr "" "перечисленных записей." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:349 msgid "ldap_purge_cache_timeout (integer)" msgstr "ldap_purge_cache_timeout (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:341 +#: sssd-ldap.5.xml:352 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -7268,7 +7288,7 @@ msgstr "" "выполняли вход) и удалять эти записи для экономии места." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:358 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -7282,12 +7302,12 @@ msgstr "" "включено." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:367 +#: sssd-ldap.5.xml:378 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:370 +#: sssd-ldap.5.xml:381 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -7299,7 +7319,7 @@ msgstr "" "SSSD. Если используется схема RFC2307, этот параметр ни на что не влияет." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:377 +#: sssd-ldap.5.xml:388 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -7316,7 +7336,7 @@ msgstr "" "исходного поиска, когда он будет выполнен повторно." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:397 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -7332,12 +7352,12 @@ msgstr "" "для ограничения вложенности групп." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:395 +#: sssd-ldap.5.xml:406 msgid "Default: 2" msgstr "По умолчанию: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 +#: sssd-ldap.5.xml:415 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." @@ -7347,25 +7367,25 @@ msgstr "" "выше." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:414 +#: sssd-ldap.5.xml:425 msgid "Default: True for AD and IPA otherwise False." msgstr "По умолчанию: True для AD и IPA, в ином случае — False." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:420 +#: sssd-ldap.5.xml:431 msgid "ldap_host_search_base (string)" msgstr "ldap_host_search_base (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:423 +#: sssd-ldap.5.xml:434 msgid "Optional. Use the given string as search base for host objects." msgstr "" "Необязательный параметр. Использовать указанную строку как базу поиска " "объектов узлов." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:427 sssd-ipa.5.xml:462 sssd-ipa.5.xml:481 sssd-ipa.5.xml:500 -#: sssd-ipa.5.xml:519 +#: sssd-ldap.5.xml:438 sssd-ipa.5.xml:526 sssd-ipa.5.xml:545 sssd-ipa.5.xml:564 +#: sssd-ipa.5.xml:583 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " "multiple search bases." @@ -7374,32 +7394,32 @@ msgstr "" "<quote>ldap_search_base</quote>." #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:432 sssd-ipa.5.xml:467 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:443 sssd-ipa.5.xml:531 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "По умолчанию: значение <emphasis>ldap_search_base</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:450 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:444 +#: sssd-ldap.5.xml:455 msgid "ldap_iphost_search_base (string)" msgstr "ldap_iphost_search_base (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:449 +#: sssd-ldap.5.xml:460 msgid "ldap_ipnetwork_search_base (string)" msgstr "ldap_ipnetwork_search_base (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:465 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:468 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -7410,7 +7430,7 @@ msgstr "" "результаты (и выполнен переход в автономный режим)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:463 +#: sssd-ldap.5.xml:474 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -7420,12 +7440,12 @@ msgstr "" "его заменит ряд тайм-аутов для отдельных типов поиска." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:480 +#: sssd-ldap.5.xml:491 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:483 +#: sssd-ldap.5.xml:494 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -7437,12 +7457,12 @@ msgstr "" "автономный режим)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:501 +#: sssd-ldap.5.xml:512 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:504 +#: sssd-ldap.5.xml:515 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -7459,12 +7479,12 @@ msgstr "" "<manvolnum>2</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:532 +#: sssd-ldap.5.xml:543 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:546 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -7478,12 +7498,12 @@ msgstr "" "расширенного действия по смене пароля и действия StartTLS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:566 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:569 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -7497,7 +7517,7 @@ msgstr "" "значений (значение этого параметра или значение времени жизни TGT)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:577 msgid "" "If the connection is idle (not actively running an operation) within " "<emphasis>ldap_opt_timeout</emphasis> seconds of expiration, then it will be " @@ -7515,7 +7535,7 @@ msgstr "" "<emphasis>ldap_connection_expire_timeout <= ldap_opt_timout</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:578 +#: sssd-ldap.5.xml:589 msgid "" "This timeout can be extended of a random value specified by " "<emphasis>ldap_connection_expire_offset</emphasis>" @@ -7524,17 +7544,17 @@ msgstr "" "параметра <emphasis>ldap_connection_expire_offset</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:588 sssd-ldap.5.xml:631 sssd-ldap.5.xml:1749 +#: sssd-ldap.5.xml:599 sssd-ldap.5.xml:642 sssd-ldap.5.xml:1760 msgid "Default: 900 (15 minutes)" msgstr "По умолчанию: 900 (15 минут)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:594 +#: sssd-ldap.5.xml:605 msgid "ldap_connection_expire_offset (integer)" msgstr "ldap_connection_expire_offset (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:597 +#: sssd-ldap.5.xml:608 msgid "" "Random offset between 0 and configured value is added to " "<emphasis>ldap_connection_expire_timeout</emphasis>." @@ -7543,12 +7563,12 @@ msgstr "" "<emphasis>ldap_connection_expire_timeout</emphasis>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:624 msgid "ldap_connection_idle_timeout (integer)" msgstr "ldap_connection_idle_timeout (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 +#: sssd-ldap.5.xml:627 msgid "" "Specifies a timeout (in seconds) that an idle connection to an LDAP server " "will be maintained. If the connection is idle for more than this time then " @@ -7559,17 +7579,17 @@ msgstr "" "бездействует дольше этого времени, соединение будет закрыто." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:622 +#: sssd-ldap.5.xml:633 msgid "You can disable this timeout by setting the value to 0." msgstr "Можно отключить этот тайм-аут, установив значение «0»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:648 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:651 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." @@ -7579,12 +7599,12 @@ msgstr "" "количества на один запрос." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:662 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (логическое значение)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:654 +#: sssd-ldap.5.xml:665 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -7596,7 +7616,7 @@ msgstr "" "работает надлежащим образом." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:660 +#: sssd-ldap.5.xml:671 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." @@ -7606,7 +7626,7 @@ msgstr "" "RootDSE, но не смогут использовать его." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:666 +#: sssd-ldap.5.xml:677 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -7618,17 +7638,17 @@ msgstr "" "привести к отказам в выполнении некоторых из них." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:678 +#: sssd-ldap.5.xml:689 msgid "ldap_disable_range_retrieval (boolean)" msgstr "ldap_disable_range_retrieval (логическое значение)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:681 +#: sssd-ldap.5.xml:692 msgid "Disable Active Directory range retrieval." msgstr "Отключить получение диапазонов Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:684 +#: sssd-ldap.5.xml:695 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -7644,12 +7664,12 @@ msgstr "" "большие группы будут показаны как группы без участников." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:699 +#: sssd-ldap.5.xml:710 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 +#: sssd-ldap.5.xml:713 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -7660,19 +7680,19 @@ msgstr "" "Значение этого параметра определяется OpenLDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:708 sssd-ldap.5.xml:724 +#: sssd-ldap.5.xml:719 sssd-ldap.5.xml:735 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" "По умолчанию: использовать стандартное системное значение (обычно " "указывается в ldap.conf)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:715 +#: sssd-ldap.5.xml:726 msgid "ldap_sasl_maxssf (integer)" msgstr "ldap_sasl_maxssf (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:718 +#: sssd-ldap.5.xml:729 msgid "" "When communicating with an LDAP server using SASL, specify the maximal " "security level necessary to establish the connection. The values of this " @@ -7683,12 +7703,12 @@ msgstr "" "Значение этого параметра определяется OpenLDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:742 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:734 +#: sssd-ldap.5.xml:745 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -7700,7 +7720,7 @@ msgstr "" "для каждого из них по отдельности." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:740 +#: sssd-ldap.5.xml:751 msgid "" "You can turn off dereference lookups completely by setting the value to 0. " "Please note that there are some codepaths in SSSD, like the IPA HBAC " @@ -7717,7 +7737,7 @@ msgstr "" "поддерживает его и объявляет управление разыменованием в объекте rootDSE." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:751 +#: sssd-ldap.5.xml:762 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -7730,7 +7750,7 @@ msgstr "" "OpenLDAP и Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 +#: sssd-ldap.5.xml:770 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -7741,12 +7761,12 @@ msgstr "" "независимо от значения этого параметра." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:783 msgid "ldap_ignore_unreadable_references (bool)" msgstr "ldap_ignore_unreadable_references (логическое значение)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 +#: sssd-ldap.5.xml:786 msgid "" "Ignore unreadable LDAP entries referenced in group's member attribute. If " "this parameter is set to false an error will be returned and the operation " @@ -7758,7 +7778,7 @@ msgstr "" "игнорирования нечитаемой записи." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:782 +#: sssd-ldap.5.xml:793 msgid "" "This parameter may be useful when using the AD provider and the computer " "account that sssd uses to connect to AD does not have access to a particular " @@ -7770,12 +7790,12 @@ msgstr "" "безопасности." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:795 +#: sssd-ldap.5.xml:806 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:798 +#: sssd-ldap.5.xml:809 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -7784,7 +7804,7 @@ msgstr "" "в сеансе TLS, если это требуется. Можно указать одно из следующих значений:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 +#: sssd-ldap.5.xml:815 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -7793,7 +7813,7 @@ msgstr "" "сертификаты сервера." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:808 +#: sssd-ldap.5.xml:819 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -7805,7 +7825,7 @@ msgstr "" "продолжится в обычном режиме." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:826 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -7816,7 +7836,7 @@ msgstr "" "предоставлен ошибочный сертификат, сеанс немедленно будет завершён." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:821 +#: sssd-ldap.5.xml:832 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -7827,22 +7847,22 @@ msgstr "" "немедленно будет завершён." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:838 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> = аналогично <quote>demand</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:831 +#: sssd-ldap.5.xml:842 msgid "Default: hard" msgstr "По умолчанию: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:837 +#: sssd-ldap.5.xml:848 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:840 +#: sssd-ldap.5.xml:851 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -7851,7 +7871,7 @@ msgstr "" "сертификации, которые распознаются <command>sssd</command>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 sssd-ldap.5.xml:864 sssd-ldap.5.xml:905 +#: sssd-ldap.5.xml:856 sssd-ldap.5.xml:875 sssd-ldap.5.xml:916 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -7860,12 +7880,12 @@ msgstr "" "хранятся в <filename>/etc/openldap/ldap.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:852 +#: sssd-ldap.5.xml:863 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:866 #, fuzzy #| msgid "" #| "Specifies the path of a directory that contains Certificate Authority " @@ -7886,32 +7906,32 @@ msgstr "" "использовать команду <command>cacertdir_rehash</command>, если она доступна." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:871 +#: sssd-ldap.5.xml:882 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:885 msgid "Specifies the file that contains the certificate for the client's key." msgstr "Позволяет указать файл, который содержит сертификат для ключа клиента." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 +#: sssd-ldap.5.xml:895 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:898 msgid "Specifies the file that contains the client's key." msgstr "Позволяет указать файл, который содержит ключ клиента." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:907 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:910 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -7923,12 +7943,12 @@ msgstr "" "<manvolnum>5</manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 +#: sssd-ldap.5.xml:923 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (логическое значение)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:926 msgid "" "Specifies that the id_provider connection must also use <systemitem " "class=\"protocol\">tls</systemitem> to protect the channel. <emphasis>true</" @@ -7940,12 +7960,12 @@ msgstr "" "<emphasis>true</emphasis>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:937 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (логическое значение)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:940 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -7957,19 +7977,19 @@ msgstr "" "ldap_group_gid_number." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:946 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" "В настоящее время эта функциональная возможность поддерживает только " "сопоставление objectSID Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:945 +#: sssd-ldap.5.xml:956 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "ldap_min_id, ldap_max_id (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:959 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -7989,17 +8009,17 @@ msgstr "" "другие диапазоны для сопоставления идентификаторов." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:960 +#: sssd-ldap.5.xml:971 msgid "Default: not set (both options are set to 0)" msgstr "По умолчанию: не задано (оба параметра установлены в значение 0)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:966 +#: sssd-ldap.5.xml:977 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:969 +#: sssd-ldap.5.xml:980 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " "tested and supported." @@ -8008,7 +8028,7 @@ msgstr "" "время протестированы и поддерживаются только GSSAPI и GSS-SPNEGO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 +#: sssd-ldap.5.xml:984 msgid "" "If the backend supports sub-domains the value of ldap_sasl_mech is " "automatically inherited to the sub-domains. If a different value is needed " @@ -8026,12 +8046,12 @@ msgstr "" "manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:989 +#: sssd-ldap.5.xml:1000 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1001 +#: sssd-ldap.5.xml:1012 #, no-wrap msgid "" "hostname@REALM\n" @@ -8051,7 +8071,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:992 +#: sssd-ldap.5.xml:1003 msgid "" "Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " "this represents the Kerberos principal used for authentication to the " @@ -8071,17 +8091,17 @@ msgstr "" "найдены, возвращается первый участник из таблицы ключей." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1012 +#: sssd-ldap.5.xml:1023 msgid "Default: host/hostname@REALM" msgstr "По умолчанию: host/hostname@REALM" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1018 +#: sssd-ldap.5.xml:1029 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1032 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -8092,17 +8112,17 @@ msgstr "" "ldap_sasl_authid также содержит область, этот параметр игнорируется." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1038 msgid "Default: the value of krb5_realm." msgstr "По умолчанию: значение krb5_realm." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 +#: sssd-ldap.5.xml:1044 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (логическое значение)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 +#: sssd-ldap.5.xml:1047 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." @@ -8112,36 +8132,36 @@ msgstr "" "привязки SASL." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1041 +#: sssd-ldap.5.xml:1052 msgid "Default: false;" msgstr "По умолчанию: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1047 +#: sssd-ldap.5.xml:1058 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1050 +#: sssd-ldap.5.xml:1061 msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" "Позволяет указать таблицу ключей, которую следует использовать при " "использовании проверки подлинности с помощью SASL/GSSAPI/GSS-SPNEGO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 sssd-krb5.5.xml:247 +#: sssd-ldap.5.xml:1070 sssd-krb5.5.xml:247 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "По умолчанию: системная таблица ключей, обычно <filename>/etc/krb5.keytab</" "filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 +#: sssd-ldap.5.xml:1076 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (логическое значение)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 +#: sssd-ldap.5.xml:1079 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -8152,12 +8172,12 @@ msgstr "" "используется SASL и выбран механизм GSSAPI или GSS-SPNEGO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1080 +#: sssd-ldap.5.xml:1091 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1094 msgid "" "Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" @@ -8165,17 +8185,17 @@ msgstr "" "GSS-SPNEGO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1092 sssd-ad.5.xml:1253 +#: sssd-ldap.5.xml:1103 sssd-ad.5.xml:1256 msgid "Default: 86400 (24 hours)" msgstr "По умолчанию: 86400 (24 часа)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1098 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1109 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1101 +#: sssd-ldap.5.xml:1112 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -8194,7 +8214,7 @@ msgstr "" "сведения доступны в разделе <quote>ОБНАРУЖЕНИЕ СЛУЖБ</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1113 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1124 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -8206,7 +8226,7 @@ msgstr "" "в которых в качестве протокола указан _tcp." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1118 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1129 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -8217,31 +8237,31 @@ msgstr "" "перейти на использование <quote>krb5_server</quote> в файлах конфигурации." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1127 sssd-ipa.5.xml:531 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1138 sssd-ipa.5.xml:595 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1130 +#: sssd-ldap.5.xml:1141 msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" "Позволяет указать область Kerberos (для проверки подлинности с помощью SASL/" "GSSAPI/GSS-SPNEGO)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1134 +#: sssd-ldap.5.xml:1145 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "По умолчанию: стандартные параметры системы, см. <filename>/etc/krb5.conf</" "filename>" #. type: Content of: <variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1140 include/krb5_options.xml:154 +#: sssd-ldap.5.xml:1151 include/krb5_options.xml:154 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (логическое значение)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1143 +#: sssd-ldap.5.xml:1154 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" @@ -8251,12 +8271,12 @@ msgstr "" ">= 1.7" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1155 sssd-krb5.5.xml:336 +#: sssd-ldap.5.xml:1166 sssd-krb5.5.xml:336 msgid "krb5_use_kdcinfo (boolean)" msgstr "krb5_use_kdcinfo (логическое значение)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1158 sssd-krb5.5.xml:339 +#: sssd-ldap.5.xml:1169 sssd-krb5.5.xml:339 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -8271,7 +8291,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 sssd-krb5.5.xml:350 +#: sssd-ldap.5.xml:1180 sssd-krb5.5.xml:350 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -8282,12 +8302,12 @@ msgstr "" "<manvolnum>8</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1183 +#: sssd-ldap.5.xml:1194 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1186 +#: sssd-ldap.5.xml:1197 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -8296,7 +8316,7 @@ msgstr "" "клиента. Допускаются следующие значения:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1202 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -8305,7 +8325,7 @@ msgstr "" "параметра нельзя отключить политики паролей на стороне сервера." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1196 +#: sssd-ldap.5.xml:1207 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -8318,7 +8338,7 @@ msgstr "" "пароля. См. также опцию «ldap_chpass_update_last_change»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1204 +#: sssd-ldap.5.xml:1215 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -8330,7 +8350,7 @@ msgstr "" "chpass_provider=krb5." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1213 +#: sssd-ldap.5.xml:1224 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." @@ -8340,18 +8360,18 @@ msgstr "" "этого параметра." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1232 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (логическое значение)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1235 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" "Позволяет указать, следует ли включить автоматическое прослеживание ссылок." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 +#: sssd-ldap.5.xml:1239 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -8360,7 +8380,7 @@ msgstr "" "случае, если сервис собран с OpenLDAP версии 2.4.13 или выше." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1233 +#: sssd-ldap.5.xml:1244 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -8382,29 +8402,29 @@ msgstr "" "домена AD, это не позволило бы получить дополнительные данные." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1263 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1255 +#: sssd-ldap.5.xml:1266 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "Позволяет указать имя службы, которое будет использоваться, когда включено " "обнаружение служб." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1259 +#: sssd-ldap.5.xml:1270 msgid "Default: ldap" msgstr "По умолчанию: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1265 +#: sssd-ldap.5.xml:1276 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1279 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -8413,17 +8433,17 @@ msgstr "" "менять пароль, когда включено обнаружение служб." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 +#: sssd-ldap.5.xml:1284 msgid "Default: not set, i.e. service discovery is disabled" msgstr "По умолчанию: не задано, то есть обнаружение служб отключено" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1290 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (логическое значение)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 +#: sssd-ldap.5.xml:1293 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." @@ -8432,7 +8452,7 @@ msgstr "" "данными о количестве дней с момента выполнения действия по смены пароля." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1288 +#: sssd-ldap.5.xml:1299 msgid "" "It is recommend to set this option explicitly if \"ldap_pwd_policy = " "shadow\" is used to let SSSD know if the LDAP server will update " @@ -8445,12 +8465,12 @@ msgstr "" "SSSD должен обновить его." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1313 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1305 +#: sssd-ldap.5.xml:1316 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -8479,12 +8499,12 @@ msgstr "" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1336 msgid "Example:" msgstr "Пример:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1328 +#: sssd-ldap.5.xml:1339 #, no-wrap msgid "" "access_provider = ldap\n" @@ -8496,7 +8516,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1332 +#: sssd-ldap.5.xml:1343 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." @@ -8505,7 +8525,7 @@ msgstr "" "атрибут employeeType которых установлен в значение «admin»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 +#: sssd-ldap.5.xml:1348 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -8520,17 +8540,17 @@ msgstr "" "в автономном режиме." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1345 sssd-ldap.5.xml:1401 +#: sssd-ldap.5.xml:1356 sssd-ldap.5.xml:1412 msgid "Default: Empty" msgstr "По умолчанию: пусто" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1351 +#: sssd-ldap.5.xml:1362 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1354 +#: sssd-ldap.5.xml:1365 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -8539,7 +8559,7 @@ msgstr "" "доступом на стороне клиента." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1358 +#: sssd-ldap.5.xml:1369 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -8550,12 +8570,12 @@ msgstr "" "соответствующим кодом ошибки, даже если пароль верен." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1365 +#: sssd-ldap.5.xml:1376 msgid "The following values are allowed:" msgstr "Допускаются следующие значения:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1368 +#: sssd-ldap.5.xml:1379 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -8564,7 +8584,7 @@ msgstr "" "для определения того, не истёк ли срок действия учётной записи." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1373 +#: sssd-ldap.5.xml:1384 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -8577,7 +8597,7 @@ msgstr "" "не истёк ли срок действия учётной записи." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1380 +#: sssd-ldap.5.xml:1391 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -8588,7 +8608,7 @@ msgstr "" "разрешён ли доступ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1386 +#: sssd-ldap.5.xml:1397 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -8601,7 +8621,7 @@ msgstr "" "Если все атрибуты отсутствуют, доступ предоставляется." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1394 +#: sssd-ldap.5.xml:1405 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -8612,24 +8632,24 @@ msgstr "" "использовать параметр ldap_account_expire_policy." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1407 +#: sssd-ldap.5.xml:1418 msgid "ldap_access_order (string)" msgstr "ldap_access_order (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1410 sssd-ipa.5.xml:356 +#: sssd-ldap.5.xml:1421 sssd-ipa.5.xml:420 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "Разделённый запятыми список параметров управления доступом. Допустимые " "значения:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 +#: sssd-ldap.5.xml:1425 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis>: использовать ldap_access_filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1417 +#: sssd-ldap.5.xml:1428 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -8645,7 +8665,7 @@ msgstr "" "«access_provider = ldap»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1427 +#: sssd-ldap.5.xml:1438 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" @@ -8655,7 +8675,7 @@ msgstr "" "следующей версии. </emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1434 +#: sssd-ldap.5.xml:1445 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -8678,12 +8698,12 @@ msgstr "" "возможности необходимо задать «access_provider = ldap»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1451 +#: sssd-ldap.5.xml:1462 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>expire</emphasis>: использовать ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 sssd-ipa.5.xml:364 +#: sssd-ldap.5.xml:1466 sssd-ipa.5.xml:428 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -8697,7 +8717,7 @@ msgstr "" "и для проверки подлинности используются не пароли, а, например, ключи SSH." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1465 sssd-ipa.5.xml:374 +#: sssd-ldap.5.xml:1476 sssd-ipa.5.xml:438 msgid "" "The difference between these options is the action taken if user password is " "expired:" @@ -8706,18 +8726,18 @@ msgstr "" "предпринимаются, если срок действия пароля пользователя истёк:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1470 sssd-ipa.5.xml:379 +#: sssd-ldap.5.xml:1481 sssd-ipa.5.xml:443 msgid "pwd_expire_policy_reject - user is denied to log in," msgstr "pwd_expire_policy_reject — пользователю отказано во входе в систему," #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1476 sssd-ipa.5.xml:385 +#: sssd-ldap.5.xml:1487 sssd-ipa.5.xml:449 msgid "pwd_expire_policy_warn - user is still able to log in," msgstr "" "pwd_expire_policy_warn — пользователь по-прежнему может войти в систему," #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1482 sssd-ipa.5.xml:391 +#: sssd-ldap.5.xml:1493 sssd-ipa.5.xml:455 msgid "" "pwd_expire_policy_renew - user is prompted to change their password " "immediately." @@ -8726,7 +8746,7 @@ msgstr "" "свой пароль." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1490 +#: sssd-ldap.5.xml:1501 #, fuzzy #| msgid "" #| "Please note that 'access_provider = ldap' must be set for this feature to " @@ -8742,7 +8762,7 @@ msgstr "" "паролей в качестве значения параметра «ldap_pwd_policy»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1507 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -8751,14 +8771,14 @@ msgstr "" "authorizedService для определения возможности доступа" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1501 +#: sssd-ldap.5.xml:1512 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis>: использовать атрибут host для определения " "возможности доступа" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1505 +#: sssd-ldap.5.xml:1516 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" @@ -8767,7 +8787,7 @@ msgstr "" "возможности доступа удалённого узла" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1520 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" @@ -8777,12 +8797,12 @@ msgstr "" "прежде чем включать этот параметр управления доступом" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1514 +#: sssd-ldap.5.xml:1525 msgid "Default: filter" msgstr "По умолчанию: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1528 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -8791,12 +8811,12 @@ msgstr "" "ошибкой конфигурации." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1524 +#: sssd-ldap.5.xml:1535 msgid "ldap_pwdlockout_dn (string)" msgstr "ldap_pwdlockout_dn (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 +#: sssd-ldap.5.xml:1538 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -8809,22 +8829,22 @@ msgstr "" "невозможности надлежащим образом проверить атрибуты ppolicy на сервере LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:1546 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "Пример: cn=ppolicy,ou=policies,dc=example,dc=com" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1538 +#: sssd-ldap.5.xml:1549 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "По умолчанию: cn=ppolicy,ou=policies,$ldap_search_base" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1555 msgid "ldap_deref (string)" msgstr "ldap_deref (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1558 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -8833,12 +8853,12 @@ msgstr "" "выполнении поиска. Допустимые варианты:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1563 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "<emphasis>never</emphasis>: разыменование псевдонимов не выполняется." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1556 +#: sssd-ldap.5.xml:1567 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -8848,7 +8868,7 @@ msgstr "" "объекта поиска." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1561 +#: sssd-ldap.5.xml:1572 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -8857,7 +8877,7 @@ msgstr "" "при определении расположения базового объекта поиска." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1566 +#: sssd-ldap.5.xml:1577 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -8866,7 +8886,7 @@ msgstr "" "поиске, так и при определении расположения базового объекта поиска." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 +#: sssd-ldap.5.xml:1582 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -8875,12 +8895,12 @@ msgstr "" "клиентскими библиотеками LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1579 +#: sssd-ldap.5.xml:1590 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (логическое значение)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1593 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." @@ -8889,7 +8909,7 @@ msgstr "" "серверов, которые используют схему RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1586 +#: sssd-ldap.5.xml:1597 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -8906,7 +8926,7 @@ msgstr "" "информацию о пользователе через вызовы getpw*() или initgroups()." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1597 +#: sssd-ldap.5.xml:1608 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -8918,12 +8938,12 @@ msgstr "" "группами LDAP." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1609 sssd-ifp.5.xml:152 +#: sssd-ldap.5.xml:1620 sssd-ifp.5.xml:152 msgid "wildcard_limit (integer)" msgstr "wildcard_limit (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1612 +#: sssd-ldap.5.xml:1623 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." @@ -8932,24 +8952,24 @@ msgstr "" "поиска с использованием подстановочных знаков." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1616 +#: sssd-ldap.5.xml:1627 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" "В настоящее время только ответчик InfoPipe поддерживает поиск с " "использованием подстановочных знаков." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1631 msgid "Default: 1000 (often the size of one page)" msgstr "По умолчанию: 1000 (часто размер одной страницы)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1626 +#: sssd-ldap.5.xml:1637 msgid "ldap_library_debug_level (integer)" msgstr "ldap_library_debug_level (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1629 +#: sssd-ldap.5.xml:1640 msgid "" "Switches on libldap debugging with the given level. The libldap debug " "messages will be written independent of the general debug_level." @@ -8958,7 +8978,7 @@ msgstr "" "записываются независимо от общего debug_level." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1634 +#: sssd-ldap.5.xml:1645 msgid "" "OpenLDAP uses a bitmap to enable debugging for specific components, -1 will " "enable full debug output." @@ -8967,17 +8987,17 @@ msgstr "" "компонентов, -1 включает полный отладочный вывод." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1639 +#: sssd-ldap.5.xml:1650 msgid "Default: 0 (libldap debugging disabled)" msgstr "По умолчанию: 0 (отладка libldap отключена)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1645 +#: sssd-ldap.5.xml:1656 msgid "ldap_use_ppolicy (boolean)" msgstr "ldap_use_ppolicy (логическое значение)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1659 msgid "" "Turns on requesting and relying on the server-side password policy controls. " "Disabling this allows interacting with services which send back invalid " @@ -8988,14 +9008,14 @@ msgstr "" "службами, отправляющими обратно недопустимое расширение ppolicy." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1671 #, fuzzy #| msgid "ldap_deref_threshold (integer)" msgid "ldap_ppolicy_pwd_change_threshold (integer)" msgstr "ldap_deref_threshold (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1663 +#: sssd-ldap.5.xml:1674 msgid "" "Forces a password change when server side password policy controls are " "enabled and remaining grace logins returned by the server after the " @@ -9026,12 +9046,12 @@ msgstr "" "</citerefentry>. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1683 +#: sssd-ldap.5.xml:1694 msgid "SUDO OPTIONS" msgstr "ПАРАМЕТРЫ SUDO" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1685 +#: sssd-ldap.5.xml:1696 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -9042,12 +9062,12 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 +#: sssd-ldap.5.xml:1707 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 +#: sssd-ldap.5.xml:1710 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." @@ -9056,7 +9076,7 @@ msgstr "" "загружаются все правила, которые хранятся на сервере)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1715 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" @@ -9065,7 +9085,7 @@ msgstr "" "<emphasis>ldap_sudo_smart_refresh_interval </emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1709 +#: sssd-ldap.5.xml:1720 msgid "" "You can disable full refresh by setting this option to 0. However, either " "smart or full refresh must be enabled." @@ -9074,17 +9094,17 @@ msgstr "" "Но должно быть включено либо интеллектуальное, либо полное обновление." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1725 msgid "Default: 21600 (6 hours)" msgstr "По умолчанию: 21600 (6 часов)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1720 +#: sssd-ldap.5.xml:1731 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1734 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest " @@ -9096,7 +9116,7 @@ msgstr "" "в настоящее время известно SSSD)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1740 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." @@ -9105,7 +9125,7 @@ msgstr "" "modifyTimestamp." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1733 +#: sssd-ldap.5.xml:1744 msgid "" "<emphasis>Note:</emphasis> the highest USN value can be updated by three " "tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " @@ -9121,7 +9141,7 @@ msgstr "" "<emphasis>ldap_connection_expire_timeout</emphasis>)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1744 +#: sssd-ldap.5.xml:1755 msgid "" "You can disable smart refresh by setting this option to 0. However, either " "smart or full refresh must be enabled." @@ -9131,12 +9151,12 @@ msgstr "" "обновление." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1755 +#: sssd-ldap.5.xml:1766 msgid "ldap_sudo_random_offset (integer)" msgstr "ldap_sudo_random_offset (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1758 +#: sssd-ldap.5.xml:1769 msgid "" "Random offset between 0 and configured value is added to smart and full " "refresh periods each time the periodic task is scheduled. The value is in " @@ -9147,7 +9167,7 @@ msgstr "" "периодического задания. Значение указывается в секундах." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 +#: sssd-ldap.5.xml:1775 msgid "" "Note that this random offset is also applied on the first SSSD start which " "delays the first sudo rules refresh. This prolongs the time when the sudo " @@ -9158,17 +9178,17 @@ msgstr "" "время, в течение которого правила sudo недоступны для использования." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1770 +#: sssd-ldap.5.xml:1781 msgid "You can disable this offset by setting the value to 0." msgstr "Можно отключить эту задержку, установив значение «0»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1780 +#: sssd-ldap.5.xml:1791 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (логическое значение)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1794 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." @@ -9178,12 +9198,12 @@ msgstr "" "адресов узлов/сетей в формате IPv4 или IPv6)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1794 +#: sssd-ldap.5.xml:1805 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1797 +#: sssd-ldap.5.xml:1808 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." @@ -9192,7 +9212,7 @@ msgstr "" "следует использовать для фильтрации правил." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1813 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." @@ -9201,8 +9221,8 @@ msgstr "" "обнаружить имя узла и полное доменное имя." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1807 sssd-ldap.5.xml:1830 sssd-ldap.5.xml:1848 -#: sssd-ldap.5.xml:1866 +#: sssd-ldap.5.xml:1818 sssd-ldap.5.xml:1841 sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1877 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." @@ -9211,17 +9231,17 @@ msgstr "" "<emphasis>false</emphasis>, этот параметр ни на что не влияет." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1812 sssd-ldap.5.xml:1835 +#: sssd-ldap.5.xml:1823 sssd-ldap.5.xml:1846 msgid "Default: not specified" msgstr "По умолчанию: не указано" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1818 +#: sssd-ldap.5.xml:1829 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1821 +#: sssd-ldap.5.xml:1832 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." @@ -9230,7 +9250,7 @@ msgstr "" "следует использовать для фильтрации правил." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1826 +#: sssd-ldap.5.xml:1837 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." @@ -9239,12 +9259,12 @@ msgstr "" "обнаружить адреса." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1841 +#: sssd-ldap.5.xml:1852 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "ldap_sudo_include_netgroups (логическое значение)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1855 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." @@ -9253,12 +9273,12 @@ msgstr "" "правила, которые содержат сетевую группу в атрибуте sudoHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1870 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (логическое значение)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1862 +#: sssd-ldap.5.xml:1873 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." @@ -9267,7 +9287,7 @@ msgstr "" "правила, которые содержат подстановочный знак в атрибуте sudoHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:1872 +#: sssd-ldap.5.xml:1883 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" @@ -9276,7 +9296,7 @@ msgstr "" "операция на стороне сервера LDAP!" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1884 +#: sssd-ldap.5.xml:1895 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -9289,12 +9309,12 @@ msgstr "" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1894 +#: sssd-ldap.5.xml:1905 msgid "AUTOFS OPTIONS" msgstr "ПАРАМЕТРЫ AUTOFS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1896 +#: sssd-ldap.5.xml:1907 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." @@ -9303,47 +9323,47 @@ msgstr "" "схемы LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1913 msgid "ldap_autofs_map_master_name (string)" msgstr "ldap_autofs_map_master_name (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1905 +#: sssd-ldap.5.xml:1916 msgid "The name of the automount master map in LDAP." msgstr "Имя основной карты автоматического монтирования в LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1919 msgid "Default: auto.master" msgstr "По умолчанию: auto.master" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1919 +#: sssd-ldap.5.xml:1930 msgid "ADVANCED OPTIONS" msgstr "ДОПОЛНИТЕЛЬНЫЕ ПАРАМЕТРЫ" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1926 +#: sssd-ldap.5.xml:1937 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1931 +#: sssd-ldap.5.xml:1942 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1936 +#: sssd-ldap.5.xml:1947 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:1941 +#: sssd-ldap.5.xml:1952 msgid "<note>" msgstr "<note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:1943 +#: sssd-ldap.5.xml:1954 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -9356,22 +9376,22 @@ msgstr "" "эту возможность, если имена групп отображаются некорректно." #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:1950 +#: sssd-ldap.5.xml:1961 msgid "</note>" msgstr "</note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:1963 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1968 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (строка)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1921 +#: sssd-ldap.5.xml:1932 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -9384,14 +9404,14 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"1\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1972 sssd-simple.5.xml:131 sssd-ipa.5.xml:930 -#: sssd-ad.5.xml:1392 sssd-krb5.5.xml:483 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:1983 sssd-simple.5.xml:131 sssd-ipa.5.xml:994 +#: sssd-ad.5.xml:1459 sssd-krb5.5.xml:483 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:155 sssd-session-recording.5.xml:176 msgid "EXAMPLE" msgstr "ПРИМЕР" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1974 +#: sssd-ldap.5.xml:1985 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -9402,7 +9422,7 @@ msgstr "" "<replaceable>[domains]</replaceable>." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1980 +#: sssd-ldap.5.xml:1991 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -9422,20 +9442,20 @@ msgstr "" "cache_credentials = true\n" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:1979 sssd-ldap.5.xml:1997 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:938 sssd-ad.5.xml:1400 sssd-sudo.5.xml:56 sssd-krb5.5.xml:492 -#: sssd-files.5.xml:162 sssd-files.5.xml:173 sssd-session-recording.5.xml:182 -#: include/ldap_id_mapping.xml:105 +#: sssd-ldap.5.xml:1990 sssd-ldap.5.xml:2008 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:1002 sssd-ad.5.xml:1467 sssd-sudo.5.xml:56 +#: sssd-krb5.5.xml:492 sssd-files.5.xml:162 sssd-files.5.xml:173 +#: sssd-session-recording.5.xml:182 include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1991 +#: sssd-ldap.5.xml:2002 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "ПРИМЕР ФИЛЬТРА ДОСТУПА LDAP" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1993 +#: sssd-ldap.5.xml:2004 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." @@ -9444,7 +9464,7 @@ msgstr "" "используется ldap_access_order=lockout." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1998 +#: sssd-ldap.5.xml:2009 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -9470,13 +9490,13 @@ msgstr "" "cache_credentials = true\n" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2013 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1415 sssd.8.xml:270 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2024 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1482 sssd.8.xml:270 sss_seed.8.xml:163 msgid "NOTES" msgstr "ПРИМЕЧАНИЯ" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2015 +#: sssd-ldap.5.xml:2026 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -12307,7 +12327,7 @@ msgstr "" "домене IPA. Имя узла должно быть полным." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 sssd-ad.5.xml:1182 +#: sssd-ipa.5.xml:129 sssd-ad.5.xml:1185 msgid "dyndns_update (boolean)" msgstr "dyndns_update (логическое значение)" @@ -12327,7 +12347,7 @@ msgstr "" "<quote>dyndns_iface</quote> не указано иное." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:141 sssd-ad.5.xml:1196 +#: sssd-ipa.5.xml:141 sssd-ad.5.xml:1199 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -12349,12 +12369,12 @@ msgstr "" "конфигурации." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:158 sssd-ad.5.xml:1207 +#: sssd-ipa.5.xml:158 sssd-ad.5.xml:1210 msgid "dyndns_ttl (integer)" msgstr "dyndns_ttl (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:161 sssd-ad.5.xml:1210 +#: sssd-ipa.5.xml:161 sssd-ad.5.xml:1213 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -12383,12 +12403,12 @@ msgid "Default: 1200 (seconds)" msgstr "По умолчанию: 1200 (секунд)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:178 sssd-ad.5.xml:1221 +#: sssd-ipa.5.xml:178 sssd-ad.5.xml:1224 msgid "dyndns_iface (string)" msgstr "dyndns_iface (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:181 sssd-ad.5.xml:1224 +#: sssd-ipa.5.xml:181 sssd-ad.5.xml:1227 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -12423,17 +12443,17 @@ msgstr "" "подключения LDAP IPA" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:198 sssd-ad.5.xml:1235 +#: sssd-ipa.5.xml:198 sssd-ad.5.xml:1238 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "Пример: dyndns_iface = em1, vnet1, vnet2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:204 sssd-ad.5.xml:1291 +#: sssd-ipa.5.xml:204 sssd-ad.5.xml:1294 msgid "dyndns_auth (string)" msgstr "dyndns_auth (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:207 sssd-ad.5.xml:1294 +#: sssd-ipa.5.xml:207 sssd-ad.5.xml:1297 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -12444,17 +12464,17 @@ msgstr "" "отправлять, установив этот параметр в значение «none»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:213 sssd-ad.5.xml:1300 +#: sssd-ipa.5.xml:213 sssd-ad.5.xml:1303 msgid "Default: GSS-TSIG" msgstr "По умолчанию: GSS-TSIG" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:219 sssd-ad.5.xml:1306 +#: sssd-ipa.5.xml:219 sssd-ad.5.xml:1309 msgid "dyndns_auth_ptr (string)" msgstr "dyndns_auth_ptr (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:222 sssd-ad.5.xml:1309 +#: sssd-ipa.5.xml:222 sssd-ad.5.xml:1312 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "PTR updates with the DNS server, insecure updates can be sent by setting " @@ -12465,7 +12485,7 @@ msgstr "" "отправлять, установив этот параметр в значение «none»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:228 sssd-ad.5.xml:1315 +#: sssd-ipa.5.xml:228 sssd-ad.5.xml:1318 msgid "Default: Same as dyndns_auth" msgstr "По умолчанию: то же, что и dyndns_auth" @@ -12501,7 +12521,7 @@ msgstr "" "использоваться в качестве резервных" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1241 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1244 msgid "dyndns_refresh_interval (integer)" msgstr "dyndns_refresh_interval (целое число)" @@ -12519,12 +12539,12 @@ msgstr "" "«true»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:276 sssd-ad.5.xml:1259 +#: sssd-ipa.5.xml:276 sssd-ad.5.xml:1262 msgid "dyndns_update_ptr (bool)" msgstr "dyndns_update_ptr (логическое значение)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 sssd-ad.5.xml:1262 +#: sssd-ipa.5.xml:279 sssd-ad.5.xml:1265 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -12544,7 +12564,7 @@ msgstr "" "автоматически при смене записей перенаправления." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:290 sssd-ad.5.xml:1267 +#: sssd-ipa.5.xml:290 sssd-ad.5.xml:1270 msgid "" "Note that <emphasis>dyndns_update_per_family</emphasis> parameter does not " "apply for PTR record updates. Those updates are always sent separately." @@ -12559,12 +12579,12 @@ msgid "Default: False (disabled)" msgstr "По умолчанию: false (отключено)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1278 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1281 msgid "dyndns_force_tcp (bool)" msgstr "dyndns_force_tcp (логическое значение)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:304 sssd-ad.5.xml:1281 +#: sssd-ipa.5.xml:304 sssd-ad.5.xml:1284 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." @@ -12573,17 +12593,17 @@ msgstr "" "с сервером DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:308 sssd-ad.5.xml:1285 +#: sssd-ipa.5.xml:308 sssd-ad.5.xml:1288 msgid "Default: False (let nsupdate choose the protocol)" msgstr "По умолчанию: false (разрешить nsupdate выбрать протокол)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:314 sssd-ad.5.xml:1321 +#: sssd-ipa.5.xml:314 sssd-ad.5.xml:1324 msgid "dyndns_server (string)" msgstr "dyndns_server (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1324 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1327 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." @@ -12593,36 +12613,61 @@ msgstr "" "параметра." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 sssd-ad.5.xml:1329 +#: sssd-ipa.5.xml:322 sssd-ad.5.xml:1332 +#, fuzzy +#| msgid "" +#| "Setting this option makes sense for environments where the DNS server is " +#| "different from the identity server." msgid "" "Setting this option makes sense for environments where the DNS server is " -"different from the identity server." +"different from the identity server or when we use encrypted DNS." msgstr "" "Установка этого параметра имеет смысл для сред, в которых сервер DNS " "отличается от сервера данных идентификации." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:327 sssd-ad.5.xml:1334 +#: sssd-ipa.5.xml:327 sssd-ad.5.xml:1337 +msgid "" +"The parameter can be a simple string containing DNS name or IP address. It " +"can also be an URI. The URI can look like <emphasis>dns://servername/</" +"emphasis> or <emphasis>dns+tls://1.2.3.4:853#servername/</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:334 sssd-ad.5.xml:1344 +msgid "" +"The second example enables DNS-over-TLS protocol for DNS updates. The " +"nsupdate utility must support DoT - check the <emphasis>man nsupdate</" +"emphasis> before enabling it in SSSD." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:340 sssd-ad.5.xml:1350 +#, fuzzy +#| msgid "" +#| "Please note that this option will be only used in fallback attempt when " +#| "previous attempt using autodetected settings failed." msgid "" "Please note that this option will be only used in fallback attempt when " -"previous attempt using autodetected settings failed." +"previous attempt using autodetected settings failed or when DNS-over-TLS is " +"enabled." msgstr "" "Обратите внимание, что этот параметр используется только для резервной " "попытки, которая выполняется тогда, когда предыдущая попытка с " "использованием автоматически определённых параметров завершилась неудачей." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:332 sssd-ad.5.xml:1339 +#: sssd-ipa.5.xml:346 sssd-ad.5.xml:1356 msgid "Default: None (let nsupdate choose the server)" msgstr "По умолчанию: none (разрешить nsupdate выбрать сервер)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:338 sssd-ad.5.xml:1345 +#: sssd-ipa.5.xml:352 sssd-ad.5.xml:1362 msgid "dyndns_update_per_family (boolean)" msgstr "dyndns_update_per_family (логическое значение)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:341 sssd-ad.5.xml:1348 +#: sssd-ipa.5.xml:355 sssd-ad.5.xml:1365 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -12633,19 +12678,85 @@ msgstr "" "обновление IPv4 и IPv6 за один шаг." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:353 +#: sssd-ipa.5.xml:367 sssd-ad.5.xml:1377 +#, fuzzy +#| msgid "dyndns_iface (string)" +msgid "dyndns_dot_cacert (string)" +msgstr "dyndns_iface (строка)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:370 sssd-ad.5.xml:1380 +msgid "" +"This option specifies the file of the certificate authorities certificates " +"(in PEM format) in order to verify the remote server TLS certificate when " +"using DoT." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:376 sssd-ad.5.xml:1386 +#, fuzzy +#| msgid "Default: None (let nsupdate choose the server)" +msgid "Default: None (use global certificate store)" +msgstr "По умолчанию: none (разрешить nsupdate выбрать сервер)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:382 sssd-ad.5.xml:1392 +#, fuzzy +#| msgid "dyndns_iface (string)" +msgid "dyndns_dot_cert (string)" +msgstr "dyndns_iface (строка)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:385 sssd-ad.5.xml:1395 +msgid "" +"This option sets the certificate(s) file for authentication for the DoT " +"transport to the remote server. The certificate chain file is expected to be " +"in PEM format." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:391 sssd-ad.5.xml:1401 +msgid "" +"The <emphasis>dyndns_dot_cert</emphasis> and <emphasis>dyndns_dot_key</" +"emphasis> options must be both set to achieve mutual TLS authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:396 sssd-ipa.5.xml:411 sssd-ad.5.xml:1406 sssd-ad.5.xml:1421 +#, fuzzy +#| msgid "Default: - (GSSAPI authentication is disabled)" +msgid "Default: None (Do not use TLS authentication)" +msgstr "По умолчанию: - (проверка подлинности с помощью GSSAPI отключена)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:402 sssd-ad.5.xml:1412 +#, fuzzy +#| msgid "dyndns_auth (string)" +msgid "dyndns_dot_key (string)" +msgstr "dyndns_auth (строка)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:405 sssd-ad.5.xml:1415 +msgid "" +"This option sets the key file for authenticated encryption for the DoT " +"transport to the remote server. The private key file is expected to be in " +"PEM format." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:417 msgid "ipa_access_order (string)" msgstr "ipa_access_order (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:360 +#: sssd-ipa.5.xml:424 msgid "<emphasis>expire</emphasis>: use IPA's account expiration policy." msgstr "" "<emphasis>expire</emphasis>: использовать политику истечения срока действия " "учетной записи IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:399 +#: sssd-ipa.5.xml:463 msgid "" "Please note that 'access_provider = ipa' must be set for this feature to " "work." @@ -12654,12 +12765,12 @@ msgstr "" "«access_provider = ipa»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:406 +#: sssd-ipa.5.xml:470 msgid "ipa_deskprofile_search_base (string)" msgstr "ipa_deskprofile_search_base (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:409 +#: sssd-ipa.5.xml:473 msgid "" "Optional. Use the given string as search base for Desktop Profile related " "objects." @@ -12668,17 +12779,17 @@ msgstr "" "объектов, связанных с профилями рабочего стола." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:413 sssd-ipa.5.xml:440 +#: sssd-ipa.5.xml:477 sssd-ipa.5.xml:504 msgid "Default: Use base DN" msgstr "По умолчанию: использовать base DN" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:419 +#: sssd-ipa.5.xml:483 msgid "ipa_subid_ranges_search_base (string)" msgstr "ipa_subid_ranges_search_base (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:422 +#: sssd-ipa.5.xml:486 msgid "" "Optional. Use the given string as search base for subordinate ranges related " "objects." @@ -12687,98 +12798,98 @@ msgstr "" "объектов, связанных с подчиненными диапазонами объектов." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:426 +#: sssd-ipa.5.xml:490 msgid "Default: the value of <emphasis>cn=subids,%basedn</emphasis>" msgstr "По умолчанию: значение <emphasis>cn=subids,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:433 +#: sssd-ipa.5.xml:497 msgid "ipa_hbac_search_base (string)" msgstr "ipa_hbac_search_base (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:436 +#: sssd-ipa.5.xml:500 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" "Необязательный параметр. Использовать указанную строку как базу поиска " "объектов, связанных с HBAC." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:446 +#: sssd-ipa.5.xml:510 msgid "ipa_host_search_base (string)" msgstr "ipa_host_search_base (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:449 +#: sssd-ipa.5.xml:513 msgid "Deprecated. Use ldap_host_search_base instead." msgstr "Не рекомендуется. Используйте ldap_host_search_base." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:455 +#: sssd-ipa.5.xml:519 msgid "ipa_selinux_search_base (string)" msgstr "ipa_selinux_search_base (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:458 +#: sssd-ipa.5.xml:522 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" "Необязательный параметр. Использовать указанную строку как базу поиска карт " "пользователей SELinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:474 +#: sssd-ipa.5.xml:538 msgid "ipa_subdomains_search_base (string)" msgstr "ipa_subdomains_search_base (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:477 +#: sssd-ipa.5.xml:541 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" "Необязательный параметр. Использовать указанную строку как базу поиска " "доверенных доменов." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 +#: sssd-ipa.5.xml:550 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "По умолчанию: значение <emphasis>cn=trusts,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:493 +#: sssd-ipa.5.xml:557 msgid "ipa_master_domain_search_base (string)" msgstr "ipa_master_domain_search_base (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:496 +#: sssd-ipa.5.xml:560 msgid "Optional. Use the given string as search base for master domain object." msgstr "" "Необязательный параметр. Использовать указанную строку как базу поиска " "объекта главного домена." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:505 +#: sssd-ipa.5.xml:569 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "По умолчанию: значение <emphasis>cn=ad,cn=etc,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 +#: sssd-ipa.5.xml:576 msgid "ipa_views_search_base (string)" msgstr "ipa_views_search_base (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 +#: sssd-ipa.5.xml:579 msgid "Optional. Use the given string as search base for views containers." msgstr "" "Необязательный параметр. Использовать указанную строку как базу поиска " "контейнеров просмотра." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:524 +#: sssd-ipa.5.xml:588 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "" "По умолчанию: значение <emphasis>cn=views,cn=accounts,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:534 +#: sssd-ipa.5.xml:598 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." @@ -12787,7 +12898,7 @@ msgstr "" "значение <quote>ipa_domain</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:538 +#: sssd-ipa.5.xml:602 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." @@ -12796,12 +12907,12 @@ msgstr "" "DN, которое следует использовать для выполнения действий LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:546 sssd-ad.5.xml:1363 +#: sssd-ipa.5.xml:610 sssd-ad.5.xml:1430 msgid "krb5_confd_path (string)" msgstr "krb5_confd_path (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:549 sssd-ad.5.xml:1366 +#: sssd-ipa.5.xml:613 sssd-ad.5.xml:1433 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." @@ -12810,7 +12921,7 @@ msgstr "" "конфигурации Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:553 sssd-ad.5.xml:1370 +#: sssd-ipa.5.xml:617 sssd-ad.5.xml:1437 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." @@ -12819,19 +12930,19 @@ msgstr "" "значение «none»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:557 sssd-ad.5.xml:1374 +#: sssd-ipa.5.xml:621 sssd-ad.5.xml:1441 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" "По умолчанию: не задано (подкаталог krb5.include.d каталога pubconf SSSD)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:564 +#: sssd-ipa.5.xml:628 msgid "ipa_deskprofile_refresh (integer)" msgstr "ipa_deskprofile_refresh (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:567 +#: sssd-ipa.5.xml:631 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server. This will reduce the latency and load on the IPA server if there " @@ -12842,17 +12953,17 @@ msgstr "" "короткое время поступает много запросов на профили рабочего стола." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:574 sssd-ipa.5.xml:604 sssd-ipa.5.xml:620 sssd-ad.5.xml:600 +#: sssd-ipa.5.xml:638 sssd-ipa.5.xml:668 sssd-ipa.5.xml:684 sssd-ad.5.xml:600 msgid "Default: 5 (seconds)" msgstr "По умолчанию: 5 (секунд)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:580 +#: sssd-ipa.5.xml:644 msgid "ipa_deskprofile_request_interval (integer)" msgstr "ipa_deskprofile_request_interval (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:583 +#: sssd-ipa.5.xml:647 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server in case the last request did not return any rule." @@ -12861,17 +12972,17 @@ msgstr "" "сервере IPA, если при последнем запросе не было возвращено ни одного правила." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:588 +#: sssd-ipa.5.xml:652 msgid "Default: 60 (minutes)" msgstr "По умолчанию: 60 (минут)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:594 +#: sssd-ipa.5.xml:658 msgid "ipa_hbac_refresh (integer)" msgstr "ipa_hbac_refresh (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:597 +#: sssd-ipa.5.xml:661 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -12882,12 +12993,12 @@ msgstr "" "поступает много запросов на управление доступом." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:610 +#: sssd-ipa.5.xml:674 msgid "ipa_hbac_selinux (integer)" msgstr "ipa_hbac_selinux (целое число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:613 +#: sssd-ipa.5.xml:677 msgid "" "The amount of time between lookups of the SELinux maps against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -12898,12 +13009,12 @@ msgstr "" "поступает много запросов на вход пользователей." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:626 +#: sssd-ipa.5.xml:690 msgid "ipa_server_mode (boolean)" msgstr "ipa_server_mode (логическое значение)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:629 +#: sssd-ipa.5.xml:693 msgid "" "This option will be set by the IPA installer (ipa-server-install) " "automatically and denotes if SSSD is running on an IPA server or not." @@ -12912,7 +13023,7 @@ msgstr "" "server-install). Оно определяет, работает SSSD на сервере IPA или нет." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:634 +#: sssd-ipa.5.xml:698 msgid "" "On an IPA server SSSD will lookup users and groups from trusted domains " "directly while on a client it will ask an IPA server." @@ -12921,7 +13032,7 @@ msgstr "" "доменов напрямую, но на клиенте SSSD отправит запрос серверу IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:639 +#: sssd-ipa.5.xml:703 msgid "" "NOTE: There are currently some assumptions that must be met when SSSD is " "running on an IPA server." @@ -12930,7 +13041,7 @@ msgstr "" "сервере IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:644 +#: sssd-ipa.5.xml:708 msgid "" "The <quote>ipa_server</quote> option must be configured to point to the IPA " "server itself. This is already the default set by the IPA installer, so no " @@ -12941,7 +13052,7 @@ msgstr "" "установщиком IPA, поэтому вносить изменения вручную не требуется." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:653 +#: sssd-ipa.5.xml:717 msgid "" "The <quote>full_name_format</quote> option must not be tweaked to only print " "short names for users from trusted domains." @@ -12951,54 +13062,54 @@ msgstr "" "доменов." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:668 +#: sssd-ipa.5.xml:732 msgid "ipa_automount_location (string)" msgstr "ipa_automount_location (строка)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:671 +#: sssd-ipa.5.xml:735 msgid "The automounter location this IPA client will be using" msgstr "" "Расположение автоматического монтирования, которое будет использовать этот " "клиент IPA" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:674 +#: sssd-ipa.5.xml:738 msgid "Default: The location named \"default\"" msgstr "По умолчанию: расположение с именем «default»" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:682 +#: sssd-ipa.5.xml:746 msgid "VIEWS AND OVERRIDES" msgstr "ПРЕДСТАВЛЕНИЯ И ПЕРЕОПРЕДЕЛЕНИЯ" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:691 +#: sssd-ipa.5.xml:755 msgid "ipa_view_class (string)" msgstr "ipa_view_class (строка)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:694 +#: sssd-ipa.5.xml:758 msgid "Objectclass of the view container." msgstr "Класс объектов контейнера просмотра." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:697 +#: sssd-ipa.5.xml:761 msgid "Default: nsContainer" msgstr "По умолчанию: nsContainer" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:703 +#: sssd-ipa.5.xml:767 msgid "ipa_view_name (string)" msgstr "ipa_view_name (строка)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:706 +#: sssd-ipa.5.xml:770 msgid "Name of the attribute holding the name of the view." msgstr "Имя атрибута, в котором хранится имя представления." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:710 sssd-ldap-attributes.5.xml:496 +#: sssd-ipa.5.xml:774 sssd-ldap-attributes.5.xml:496 #: sssd-ldap-attributes.5.xml:832 sssd-ldap-attributes.5.xml:913 #: sssd-ldap-attributes.5.xml:1010 sssd-ldap-attributes.5.xml:1068 #: sssd-ldap-attributes.5.xml:1226 sssd-ldap-attributes.5.xml:1271 @@ -13006,27 +13117,27 @@ msgid "Default: cn" msgstr "По умолчанию: cn" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:716 +#: sssd-ipa.5.xml:780 msgid "ipa_override_object_class (string)" msgstr "ipa_override_object_class (строка)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:719 +#: sssd-ipa.5.xml:783 msgid "Objectclass of the override objects." msgstr "Объектный класс переопределяемых объектов." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:722 +#: sssd-ipa.5.xml:786 msgid "Default: ipaOverrideAnchor" msgstr "По умолчанию: ipaOverrideAnchor" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:728 +#: sssd-ipa.5.xml:792 msgid "ipa_anchor_uuid (string)" msgstr "ipa_anchor_uuid (строка)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:731 +#: sssd-ipa.5.xml:795 msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." @@ -13034,17 +13145,17 @@ msgstr "" "Имя атрибута, содержащего ссылку на исходный объект в удалённом домене." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:735 +#: sssd-ipa.5.xml:799 msgid "Default: ipaAnchorUUID" msgstr "По умолчанию: ipaAnchorUUID" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:741 +#: sssd-ipa.5.xml:805 msgid "ipa_user_override_object_class (string)" msgstr "ipa_user_override_object_class (строка)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:744 +#: sssd-ipa.5.xml:808 msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." @@ -13054,58 +13165,58 @@ msgstr "" "или группой." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:749 +#: sssd-ipa.5.xml:813 msgid "User overrides can contain attributes given by" msgstr "" "Переопределения пользователя могут содержать атрибуты, указанные с помощью" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:752 +#: sssd-ipa.5.xml:816 msgid "ldap_user_name" msgstr "ldap_user_name" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:755 +#: sssd-ipa.5.xml:819 msgid "ldap_user_uid_number" msgstr "ldap_user_uid_number" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:758 +#: sssd-ipa.5.xml:822 msgid "ldap_user_gid_number" msgstr "ldap_user_gid_number" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:761 +#: sssd-ipa.5.xml:825 msgid "ldap_user_gecos" msgstr "ldap_user_gecos" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:764 +#: sssd-ipa.5.xml:828 msgid "ldap_user_home_directory" msgstr "ldap_user_home_directory" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:767 +#: sssd-ipa.5.xml:831 msgid "ldap_user_shell" msgstr "ldap_user_shell" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:770 +#: sssd-ipa.5.xml:834 msgid "ldap_user_ssh_public_key" msgstr "ldap_user_ssh_public_key" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:775 +#: sssd-ipa.5.xml:839 msgid "Default: ipaUserOverride" msgstr "По умолчанию: ipaUserOverride" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:781 +#: sssd-ipa.5.xml:845 msgid "ipa_group_override_object_class (string)" msgstr "ipa_group_override_object_class (строка)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:784 +#: sssd-ipa.5.xml:848 msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." @@ -13115,27 +13226,27 @@ msgstr "" "группой." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:789 +#: sssd-ipa.5.xml:853 msgid "Group overrides can contain attributes given by" msgstr "Переопределения группы могут содержать атрибуты, указанные с помощью" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:792 +#: sssd-ipa.5.xml:856 msgid "ldap_group_name" msgstr "ldap_group_name" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:795 +#: sssd-ipa.5.xml:859 msgid "ldap_group_gid_number" msgstr "ldap_group_gid_number" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:800 +#: sssd-ipa.5.xml:864 msgid "Default: ipaGroupOverride" msgstr "По умолчанию: ipaGroupOverride" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:684 +#: sssd-ipa.5.xml:748 msgid "" "SSSD can handle views and overrides which are offered by FreeIPA 4.1 and " "later version. Since all paths and objectclasses are fixed on the server " @@ -13150,12 +13261,12 @@ msgstr "" "их стандартные значения. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:812 +#: sssd-ipa.5.xml:876 msgid "SUBDOMAINS PROVIDER" msgstr "ПОСТАВЩИК ДАННЫХ ПОДДОМЕНОВ" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:814 +#: sssd-ipa.5.xml:878 msgid "" "The IPA subdomains provider behaves slightly differently if it is configured " "explicitly or implicitly." @@ -13164,7 +13275,7 @@ msgstr "" "неявным образом, его поведение будет немного отличаться." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:818 +#: sssd-ipa.5.xml:882 msgid "" "If the option 'subdomains_provider = ipa' is found in the domain section of " "sssd.conf, the IPA subdomains provider is configured explicitly, and all " @@ -13175,7 +13286,7 @@ msgstr "" "все запросы поддоменов отправляются серверу IPA." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:824 +#: sssd-ipa.5.xml:888 msgid "" "If the option 'subdomains_provider' is not set in the domain section of sssd." "conf but there is the option 'id_provider = ipa', the IPA subdomains " @@ -13194,12 +13305,12 @@ msgstr "" "сеть, поставщик данных поддоменов включается снова." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:835 +#: sssd-ipa.5.xml:899 msgid "TRUSTED DOMAINS CONFIGURATION" msgstr "КОНФИГУРАЦИЯ ДОВЕРЕННЫХ ДОМЕНОВ" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:843 +#: sssd-ipa.5.xml:907 #, no-wrap msgid "" "[domain/ipa.domain.com/ad.domain.com]\n" @@ -13209,7 +13320,7 @@ msgstr "" "ad_server = dc.ad.domain.com\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:837 +#: sssd-ipa.5.xml:901 msgid "" "Some configuration options can also be set for a trusted domain. A trusted " "domain configuration can be set using the trusted domain subsection as shown " @@ -13224,7 +13335,7 @@ msgstr "" "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:848 +#: sssd-ipa.5.xml:912 msgid "" "For more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." @@ -13234,7 +13345,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:855 +#: sssd-ipa.5.xml:919 msgid "" "Different configuration options are tunable for a trusted domain depending " "on whether you are configuring SSSD on an IPA server or an IPA client." @@ -13244,12 +13355,12 @@ msgstr "" "или на клиенте IPA." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:860 +#: sssd-ipa.5.xml:924 msgid "OPTIONS TUNABLE ON IPA MASTERS" msgstr "ПАРАМЕТРЫ, КОТОРЫЕ МОЖНО НАСТРОИТЬ НА ОСНОВНЫХ СЕРВЕРАХ IPA" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:862 +#: sssd-ipa.5.xml:926 msgid "" "The following options can be set in a subdomain section on an IPA master:" msgstr "" @@ -13257,49 +13368,49 @@ msgstr "" "параметры:" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:866 sssd-ipa.5.xml:896 +#: sssd-ipa.5.xml:930 sssd-ipa.5.xml:960 msgid "ad_server" msgstr "ad_server" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:869 +#: sssd-ipa.5.xml:933 msgid "ad_backup_server" msgstr "ad_backup_server" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:872 sssd-ipa.5.xml:899 +#: sssd-ipa.5.xml:936 sssd-ipa.5.xml:963 msgid "ad_site" msgstr "ad_site" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:875 +#: sssd-ipa.5.xml:939 msgid "ldap_search_base" msgstr "ldap_search_base" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:878 +#: sssd-ipa.5.xml:942 msgid "ldap_user_search_base" msgstr "ldap_user_search_base" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:881 +#: sssd-ipa.5.xml:945 msgid "ldap_group_search_base" msgstr "ldap_group_search_base" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:890 +#: sssd-ipa.5.xml:954 msgid "OPTIONS TUNABLE ON IPA CLIENTS" msgstr "ПАРАМЕТРЫ, КОТОРЫЕ МОЖНО НАСТРОИТЬ НА КЛИЕНТАХ IPA" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:892 +#: sssd-ipa.5.xml:956 msgid "" "The following options can be set in a subdomain section on an IPA client:" msgstr "" "В разделе поддомена на клиенте IPA можно настроить следующие параметры:" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:904 +#: sssd-ipa.5.xml:968 msgid "" "Note that if both options are set, only <quote>ad_server</quote> is " "evaluated." @@ -13308,7 +13419,7 @@ msgstr "" "<quote>ad_server</quote>." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:908 +#: sssd-ipa.5.xml:972 msgid "" "Since any request for a user or a group identity from a trusted domain " "triggered from an IPA client is resolved by the IPA server, the " @@ -13331,7 +13442,7 @@ msgstr "" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:932 +#: sssd-ipa.5.xml:996 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -13342,7 +13453,7 @@ msgstr "" "примере показаны только параметры, относящиеся к поставщику данных IPA." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:939 +#: sssd-ipa.5.xml:1003 #, no-wrap msgid "" "[domain/example.com]\n" @@ -14881,6 +14992,13 @@ msgstr "ad_allow_remote_domain_local_groups (логическое значени #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:1136 +#, fuzzy +#| msgid "This option can also be set per-domain." +msgid "This option is deprecated." +msgstr "Этот параметр также можно задать для каждого домена отдельно." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1139 msgid "" "If this option is set to <quote>true</quote> SSSD will not filter out Domain " "Local groups from remote domains in the AD forest. By default they are " @@ -14898,7 +15016,7 @@ msgstr "" "клиенте Linux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1146 +#: sssd-ad.5.xml:1149 msgid "" "Please note that setting this option to <quote>true</quote> will be against " "the intention of Domain Local group in Active Directory and <emphasis>SHOULD " @@ -14923,7 +15041,7 @@ msgstr "" "отсутствуют удалённые группы, локальные в домене." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1162 +#: sssd-ad.5.xml:1165 msgid "" "Given the comments above, if this option is set to <quote>true</quote> the " "tokenGroups request must be disabled by setting <quote>ldap_use_tokengroups</" @@ -14945,7 +15063,7 @@ msgstr "" "вложенности." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1185 +#: sssd-ad.5.xml:1188 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -14962,12 +15080,12 @@ msgstr "" "помощью параметра <quote>dyndns_iface</quote> не указано иное." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1215 +#: sssd-ad.5.xml:1218 msgid "Default: 3600 (seconds)" msgstr "По умолчанию: 3600 (секунд)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1231 +#: sssd-ad.5.xml:1234 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" @@ -14976,7 +15094,7 @@ msgstr "" "подключения LDAP AD" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1244 +#: sssd-ad.5.xml:1247 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -14993,7 +15111,7 @@ msgstr "" "допустимое значение (60 секунд)." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1394 +#: sssd-ad.5.xml:1461 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -15004,7 +15122,7 @@ msgstr "" "примере показаны только параметры, относящиеся к поставщику данных AD." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1401 +#: sssd-ad.5.xml:1468 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -15028,7 +15146,7 @@ msgstr "" "ad_domain = example.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1421 +#: sssd-ad.5.xml:1488 #, no-wrap msgid "" "access_provider = ldap\n" @@ -15040,7 +15158,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1417 +#: sssd-ad.5.xml:1484 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -15051,7 +15169,7 @@ msgstr "" "данных LDAP: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1427 +#: sssd-ad.5.xml:1494 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -15066,7 +15184,7 @@ msgstr "" "параметры подключения, такие как URI LDAP и параметры шифрования." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1435 +#: sssd-ad.5.xml:1502 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -21946,9 +22064,14 @@ msgstr "" #. type: Content of: <refsect1><refsect2><para> #: include/ldap_id_mapping.xml:67 +#, fuzzy +#| msgid "" +#| "The SSSD ID-mapping algorithm takes a range of available UIDs and divides " +#| "it into equally-sized component sections - called \"slices\"-. Each slice " +#| "represents the space available to an Active Directory domain." msgid "" "The SSSD ID-mapping algorithm takes a range of available UIDs and divides it " -"into equally-sized component sections - called \"slices\"-. Each slice " +"into equally-sized component sections - called \"slices\". Each slice " "represents the space available to an Active Directory domain." msgstr "" "Алгоритм сопоставления идентификаторов SSSD берёт диапазон доступных UID и " @@ -22143,11 +22266,18 @@ msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: include/ldap_id_mapping.xml:185 +#, fuzzy +#| msgid "" +#| "For example, if your most recently-added Active Directory user has " +#| "objectSid=S-1-5-21-2153326666-2176343378-3404031434-1107, " +#| "<quote>ldap_idmap_range_size</quote> must be at least 1108 as range size " +#| "is equal to maximal SID minus minimal SID plus one (e.g. 1108 = 1107 - 0 " +#| "+ 1)." msgid "" "For example, if your most recently-added Active Directory user has " "objectSid=S-1-5-21-2153326666-2176343378-3404031434-1107, " "<quote>ldap_idmap_range_size</quote> must be at least 1108 as range size is " -"equal to maximal SID minus minimal SID plus one (e.g. 1108 = 1107 - 0 + 1)." +"equal to maximal RID minus minimal RID plus one (e.g. 1108 = 1107 - 0 + 1)." msgstr "" "Например, если у последнего добавленного пользователя Active Directory " "objectSid=S-1-5-21-2153326666-2176343378-3404031434-1107, " @@ -23395,6 +23525,13 @@ msgstr "" "узла и участника-пользователя. Эта возможность доступна в MIT Kerberos 1.7 и " "выше." +#~ msgid "" +#~ "The RULE_NAME for the <quote>files</quote> provider which tries to find a " +#~ "user with the same name." +#~ msgstr "" +#~ "RULE_NAME для поставщика данных <quote>files</quote>, который пытается " +#~ "найти пользователя с таким же именем." + #~ msgid "reconnection_retries (integer)" #~ msgstr "reconnection_retries (целое число)" diff --git a/src/man/po/sssd-docs.pot b/src/man/po/sssd-docs.pot index c6efa998811..5da6f683ae1 100644 --- a/src/man/po/sssd-docs.pot +++ b/src/man/po/sssd-docs.pot @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 2.10.0\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2024-10-15 11:44+0200\n" +"POT-Creation-Date: 2024-12-10 14:33+0100\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Language-Team: LANGUAGE <LL@li.org>\n" @@ -114,17 +114,17 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:60 msgid "" -"<filename>sssd.conf</filename> must be a regular file that is owned, " -"readable, and writeable by the same user as configured to run SSSD service." +"<filename>sssd.conf</filename> must be a regular file that is accessible " +"only by the user used to run SSSD service or root." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:67 +#: sssd.conf.5.xml:66 msgid "CONFIGURATION SNIPPETS FROM INCLUDE DIRECTORY" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:70 +#: sssd.conf.5.xml:69 msgid "" "The configuration file <filename>sssd.conf</filename> will include " "configuration snippets using the include directory " @@ -132,7 +132,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:76 +#: sssd.conf.5.xml:75 msgid "" "Any file placed in <filename>conf.d</filename> that ends in " "<quote><filename>.conf</filename></quote> and does not begin with a dot " @@ -141,7 +141,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:84 +#: sssd.conf.5.xml:83 msgid "" "The configuration snippets from <filename>conf.d</filename> have higher " "priority than <filename>sssd.conf</filename> and will override " @@ -154,39 +154,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:98 +#: sssd.conf.5.xml:97 msgid "" "The snippet files require the same owner and permissions as " "<filename>sssd.conf</filename>." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:104 +#: sssd.conf.5.xml:103 msgid "GENERAL OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:106 +#: sssd.conf.5.xml:105 msgid "Following options are usable in more than one configuration sections." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:110 +#: sssd.conf.5.xml:109 msgid "Options usable in all sections" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:114 +#: sssd.conf.5.xml:113 msgid "debug_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:118 +#: sssd.conf.5.xml:117 msgid "debug (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:121 +#: sssd.conf.5.xml:120 msgid "" "SSSD 1.14 and later also includes the <replaceable>debug</replaceable> alias " "for <replaceable>debug_level</replaceable> as a convenience feature. If both " @@ -195,62 +195,62 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:131 +#: sssd.conf.5.xml:130 msgid "debug_timestamps (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:134 +#: sssd.conf.5.xml:133 msgid "" "Add a timestamp to the debug messages. If journald is enabled for SSSD " "debug logging this option is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 sssd.conf.5.xml:176 sssd.conf.5.xml:338 -#: sssd.conf.5.xml:698 sssd.conf.5.xml:713 sssd.conf.5.xml:923 -#: sssd.conf.5.xml:1041 sssd.conf.5.xml:2169 sssd-ldap.5.xml:920 -#: sssd-ldap.5.xml:1074 sssd-ldap.5.xml:1177 sssd-ldap.5.xml:1246 -#: sssd-ldap.5.xml:1654 sssd-ldap.5.xml:1788 sssd-ldap.5.xml:1853 -#: sssd-ipa.5.xml:347 sssd-ad.5.xml:252 sssd-ad.5.xml:367 sssd-ad.5.xml:1201 -#: sssd-ad.5.xml:1354 sssd-krb5.5.xml:358 +#: sssd.conf.5.xml:138 sssd.conf.5.xml:175 sssd.conf.5.xml:337 +#: sssd.conf.5.xml:701 sssd.conf.5.xml:716 sssd.conf.5.xml:926 +#: sssd.conf.5.xml:1044 sssd.conf.5.xml:2172 sssd-ldap.5.xml:931 +#: sssd-ldap.5.xml:1085 sssd-ldap.5.xml:1188 sssd-ldap.5.xml:1257 +#: sssd-ldap.5.xml:1665 sssd-ldap.5.xml:1799 sssd-ldap.5.xml:1864 +#: sssd-ipa.5.xml:361 sssd-ad.5.xml:252 sssd-ad.5.xml:367 sssd-ad.5.xml:1204 +#: sssd-ad.5.xml:1371 sssd-krb5.5.xml:358 msgid "Default: true" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:144 +#: sssd.conf.5.xml:143 msgid "debug_microseconds (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:147 +#: sssd.conf.5.xml:146 msgid "" "Add microseconds to the timestamp in debug messages. If journald is enabled " "for SSSD debug logging this option is ignored." msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:152 sssd.conf.5.xml:636 sssd.conf.5.xml:920 -#: sssd.conf.5.xml:2072 sssd.conf.5.xml:2139 sssd.conf.5.xml:4231 -#: sssd-ldap.5.xml:313 sssd-ldap.5.xml:939 sssd-ldap.5.xml:1149 -#: sssd-ldap.5.xml:1603 sssd-ldap.5.xml:1877 sssd-ipa.5.xml:152 -#: sssd-ipa.5.xml:254 sssd-ipa.5.xml:662 sssd-ad.5.xml:1107 sssd-krb5.5.xml:268 +#: sssd.conf.5.xml:151 sssd.conf.5.xml:639 sssd.conf.5.xml:923 +#: sssd.conf.5.xml:2075 sssd.conf.5.xml:2142 sssd.conf.5.xml:4234 +#: sssd-ldap.5.xml:324 sssd-ldap.5.xml:950 sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1888 sssd-ipa.5.xml:152 +#: sssd-ipa.5.xml:254 sssd-ipa.5.xml:726 sssd-ad.5.xml:1107 sssd-krb5.5.xml:268 #: sssd-krb5.5.xml:330 sssd-krb5.5.xml:432 include/krb5_options.xml:163 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:157 +#: sssd.conf.5.xml:156 msgid "debug_backtrace_enabled (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:160 +#: sssd.conf.5.xml:159 msgid "Enable debug backtrace." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:163 +#: sssd.conf.5.xml:162 msgid "" "In case SSSD is run with debug_level less than 9, everything is logged to a " "ring buffer in memory and flushed to a log file on any error up to and " @@ -260,15 +260,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:172 +#: sssd.conf.5.xml:171 msgid "" "Feature is only supported for `logger == files` (i.e. setting doesn't have " "effect for other logger types)." msgstr "" #. type: Content of: outside any tag (error?) -#: sssd.conf.5.xml:112 sssd.conf.5.xml:187 sssd-ldap.5.xml:1694 -#: sssd-ldap.5.xml:1900 sss-certmap.5.xml:645 sssd-systemtap.5.xml:82 +#: sssd.conf.5.xml:111 sssd.conf.5.xml:186 sssd-ldap.5.xml:1705 +#: sssd-ldap.5.xml:1911 sss-certmap.5.xml:645 sssd-systemtap.5.xml:82 #: sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 #: sssd-systemtap.5.xml:330 sssd-ldap-attributes.5.xml:40 #: sssd-ldap-attributes.5.xml:661 sssd-ldap-attributes.5.xml:803 @@ -280,17 +280,17 @@ msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:185 +#: sssd.conf.5.xml:184 msgid "Options usable in SERVICE and DOMAIN sections" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:189 +#: sssd.conf.5.xml:188 msgid "timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:192 +#: sssd.conf.5.xml:191 msgid "" "Timeout in seconds between heartbeats for this service. This is used to " "ensure that the process is alive and capable of answering requests. Note " @@ -298,33 +298,33 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:199 sssd.conf.5.xml:1261 sssd.conf.5.xml:1738 -#: sssd.conf.5.xml:4247 sssd-ldap.5.xml:766 include/ldap_id_mapping.xml:270 +#: sssd.conf.5.xml:198 sssd.conf.5.xml:1264 sssd.conf.5.xml:1741 +#: sssd.conf.5.xml:4250 sssd-ldap.5.xml:777 include/ldap_id_mapping.xml:270 msgid "Default: 10" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:209 +#: sssd.conf.5.xml:208 msgid "SPECIAL SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:212 +#: sssd.conf.5.xml:211 msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><title> -#: sssd.conf.5.xml:221 +#: sssd.conf.5.xml:220 msgid "Section parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:223 +#: sssd.conf.5.xml:222 msgid "services" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:226 +#: sssd.conf.5.xml:225 msgid "" "Comma separated list of services that are started when sssd itself starts. " "<phrase condition=\"have_systemd\"> The services' list is optional on " @@ -333,7 +333,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:235 +#: sssd.conf.5.xml:234 msgid "" "Supported services: nss, pam, ifp <phrase condition=\"with_sudo\">, " "sudo</phrase> <phrase condition=\"with_autofs\">, autofs</phrase> <phrase " @@ -342,7 +342,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:242 +#: sssd.conf.5.xml:241 msgid "" "<phrase condition=\"have_systemd\"> By default, all services are disabled " "and the administrator must enable the ones allowed to be used by executing: " @@ -350,12 +350,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:251 +#: sssd.conf.5.xml:250 msgid "domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:254 +#: sssd.conf.5.xml:253 msgid "" "A domain is a database containing user information. SSSD can use more " "domains at the same time, but at least one must be configured or SSSD won't " @@ -366,19 +366,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:267 sssd.conf.5.xml:3535 +#: sssd.conf.5.xml:266 sssd.conf.5.xml:3538 msgid "re_expression (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:270 +#: sssd.conf.5.xml:269 msgid "" "Default regular expression that describes how to parse the string containing " "user name and domain into these components." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:275 +#: sssd.conf.5.xml:274 msgid "" "Each domain can have an individual regular expression configured. For some " "ID providers there are also default regular expressions. See DOMAIN SECTIONS " @@ -386,12 +386,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:284 sssd.conf.5.xml:3592 +#: sssd.conf.5.xml:283 sssd.conf.5.xml:3595 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:3595 +#: sssd.conf.5.xml:286 sssd.conf.5.xml:3598 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> " "<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes " @@ -400,70 +400,70 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:298 sssd.conf.5.xml:3606 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:3609 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 sssd.conf.5.xml:3607 +#: sssd.conf.5.xml:298 sssd.conf.5.xml:3610 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:302 sssd.conf.5.xml:3610 +#: sssd.conf.5.xml:301 sssd.conf.5.xml:3613 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:305 sssd.conf.5.xml:3613 +#: sssd.conf.5.xml:304 sssd.conf.5.xml:3616 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:311 sssd.conf.5.xml:3619 +#: sssd.conf.5.xml:310 sssd.conf.5.xml:3622 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:314 sssd.conf.5.xml:3622 +#: sssd.conf.5.xml:313 sssd.conf.5.xml:3625 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:295 sssd.conf.5.xml:3603 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:3606 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:324 +#: sssd.conf.5.xml:323 msgid "" "Each domain can have an individual format string configured. See DOMAIN " "SECTIONS for more info on this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:330 +#: sssd.conf.5.xml:329 msgid "monitor_resolv_conf (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:333 +#: sssd.conf.5.xml:332 msgid "" "Controls if SSSD should monitor the state of resolv.conf to identify when it " "needs to update its internal DNS resolver." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:343 +#: sssd.conf.5.xml:342 msgid "try_inotify (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:346 +#: sssd.conf.5.xml:345 msgid "" "By default, SSSD will attempt to use inotify to monitor configuration files " "changes and will fall back to polling every five seconds if inotify cannot " @@ -471,7 +471,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:352 +#: sssd.conf.5.xml:351 msgid "" "There are some limited situations where it is preferred that we should skip " "even trying to use inotify. In these rare cases, this option should be set " @@ -479,52 +479,52 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:358 +#: sssd.conf.5.xml:357 msgid "" "Default: true on platforms where inotify is supported. False on other " "platforms." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:362 +#: sssd.conf.5.xml:361 msgid "" "Note: this option will have no effect on platforms where inotify is " "unavailable. On these platforms, polling will always be used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 +#: sssd.conf.5.xml:368 msgid "krb5_rcache_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 +#: sssd.conf.5.xml:371 msgid "" "Directory on the filesystem where SSSD should store Kerberos replay cache " "files." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:376 +#: sssd.conf.5.xml:375 msgid "" "This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " "SSSD to let libkrb5 decide the appropriate location for the replay cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:382 +#: sssd.conf.5.xml:381 msgid "" "Default: Distribution-specific and specified at " "build-time. (__LIBKRB5_DEFAULTS__ if not configured)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:389 +#: sssd.conf.5.xml:388 msgid "user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:392 +#: sssd.conf.5.xml:391 msgid "" "A legacy (deprecated) method to configure the user to drop the privileges to " "where appropriate to avoid running as the root user. The only supported " @@ -532,14 +532,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 +#: sssd.conf.5.xml:398 msgid "" "This option is ignored if main SSSD process is started under non-root user " "initially (preferred method)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:404 +#: sssd.conf.5.xml:403 msgid "" "This option doesn't apply to socket activated services, as in this case the " "user to run the processes is configured in systemd service files. Keep in " @@ -549,17 +549,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:415 +#: sssd.conf.5.xml:414 msgid "Default: not set, process will run as root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:420 +#: sssd.conf.5.xml:419 msgid "default_domain_suffix (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:423 +#: sssd.conf.5.xml:422 +msgid "" +"Please note that this option is deprecated and domain_resolution_order " +"should be used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:426 msgid "" "This string will be used as a default domain name for all names without a " "domain name component. The main use case is environments where the primary " @@ -569,7 +576,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 +#: sssd.conf.5.xml:436 msgid "" "Please note that if this option is set all users from the primary domain " "have to use their fully qualified name, e.g. user@domain.name, to log " @@ -583,8 +590,8 @@ msgid "" msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:450 sssd-ldap.5.xml:878 sssd-ldap.5.xml:890 -#: sssd-ldap.5.xml:983 sssd-ad.5.xml:921 sssd-ad.5.xml:996 sssd-krb5.5.xml:468 +#: sssd.conf.5.xml:453 sssd-ldap.5.xml:889 sssd-ldap.5.xml:901 +#: sssd-ldap.5.xml:994 sssd-ad.5.xml:921 sssd-ad.5.xml:996 sssd-krb5.5.xml:468 #: sssd-ldap-attributes.5.xml:470 sssd-ldap-attributes.5.xml:978 #: include/ldap_id_mapping.xml:211 include/ldap_id_mapping.xml:222 #: include/krb5_options.xml:148 @@ -592,12 +599,12 @@ msgid "Default: not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:455 +#: sssd.conf.5.xml:458 msgid "override_space (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:458 +#: sssd.conf.5.xml:461 msgid "" "This parameter will replace spaces (space bar) with the given character for " "user and group names. e.g. (_). User name "john doe" will be " @@ -607,7 +614,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:467 +#: sssd.conf.5.xml:470 msgid "" "Please note it is a configuration error to use a replacement character that " "might be used in user or group names. If a name contains the replacement " @@ -616,22 +623,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:475 +#: sssd.conf.5.xml:478 msgid "Default: not set (spaces will not be replaced)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:480 +#: sssd.conf.5.xml:483 msgid "certificate_verification (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:488 +#: sssd.conf.5.xml:491 msgid "no_ocsp" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:490 +#: sssd.conf.5.xml:493 msgid "" "Disables Online Certificate Status Protocol (OCSP) checks. This might be " "needed if the OCSP servers defined in the certificate are not reachable from " @@ -639,12 +646,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:498 +#: sssd.conf.5.xml:501 msgid "soft_ocsp" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:500 +#: sssd.conf.5.xml:503 msgid "" "If a connection cannot be established to an OCSP responder the OCSP check is " "skipped. This option should be used to allow authentication when the system " @@ -652,61 +659,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:510 +#: sssd.conf.5.xml:513 msgid "ocsp_dgst" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:512 +#: sssd.conf.5.xml:515 msgid "" "Digest (hash) function used to create the certificate ID for the OCSP " "request. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:516 +#: sssd.conf.5.xml:519 msgid "sha1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:517 +#: sssd.conf.5.xml:520 msgid "sha256" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:518 +#: sssd.conf.5.xml:521 msgid "sha384" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:519 +#: sssd.conf.5.xml:522 msgid "sha512" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:522 +#: sssd.conf.5.xml:525 msgid "Default: sha1 (to allow compatibility with RFC5019-compliant responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:528 +#: sssd.conf.5.xml:531 msgid "no_verification" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:530 +#: sssd.conf.5.xml:533 msgid "" "Disables verification completely. This option should only be used for " "testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:536 +#: sssd.conf.5.xml:539 msgid "partial_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:538 +#: sssd.conf.5.xml:541 msgid "" "Allow verification to succeed even if a <replaceable>complete</replaceable> " "chain cannot be built to a self-signed trust-anchor, provided it is possible " @@ -714,12 +721,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:547 +#: sssd.conf.5.xml:550 msgid "ocsp_default_responder=URL" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:549 +#: sssd.conf.5.xml:552 msgid "" "Sets the OCSP default responder which should be used instead of the one " "mentioned in the certificate. URL must be replaced with the URL of the OCSP " @@ -727,24 +734,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:559 +#: sssd.conf.5.xml:562 msgid "ocsp_default_responder_signing_cert=NAME" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:561 +#: sssd.conf.5.xml:564 msgid "" "This option is currently ignored. All needed certificates must be available " "in the PEM file given by pam_cert_db_path." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:569 +#: sssd.conf.5.xml:572 msgid "crl_file=/PATH/TO/CRL/FILE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:571 +#: sssd.conf.5.xml:574 msgid "" "Use the Certificate Revocation List (CRL) from the given file during the " "verification of the certificate. The CRL must be given in PEM format, see " @@ -753,12 +760,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:584 +#: sssd.conf.5.xml:587 msgid "soft_crl" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:587 +#: sssd.conf.5.xml:590 msgid "" "If a Certificate Revocation List (CRL) is expired ignore the expiration " "time of the CRL and check the related certificates with the expired " @@ -767,7 +774,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:483 +#: sssd.conf.5.xml:486 msgid "" "With this parameter the certificate verification can be tuned with a comma " "separated list of options. Supported options are: <placeholder " @@ -775,58 +782,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 +#: sssd.conf.5.xml:603 msgid "Unknown options are reported but ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:603 +#: sssd.conf.5.xml:606 msgid "Default: not set, i.e. do not restrict certificate verification" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:609 +#: sssd.conf.5.xml:612 msgid "disable_netlink (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:612 +#: sssd.conf.5.xml:615 msgid "" "SSSD hooks into the netlink interface to monitor changes to routes, " "addresses, links and trigger certain actions." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 +#: sssd.conf.5.xml:620 msgid "" "The SSSD state changes caused by netlink events may be undesirable and can " "be disabled by setting this option to 'true'" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:622 +#: sssd.conf.5.xml:625 msgid "Default: false (netlink changes are detected)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:627 +#: sssd.conf.5.xml:630 msgid "enable_files_domain (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:630 +#: sssd.conf.5.xml:633 msgid "" "When this option is enabled, SSSD prepends an implicit domain with " "<quote>id_provider=files</quote> before any explicitly configured domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:641 +#: sssd.conf.5.xml:644 msgid "domain_resolution_order" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:644 +#: sssd.conf.5.xml:647 msgid "" "Comma separated list of domains and subdomains representing the lookup order " "that will be followed. The list doesn't have to include all possible " @@ -837,7 +844,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:656 +#: sssd.conf.5.xml:659 msgid "" "Please, note that when this option is set the output format of all commands " "is always fully-qualified even when using short names for input <phrase " @@ -855,18 +862,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:684 sssd.conf.5.xml:1762 sssd.conf.5.xml:4297 +#: sssd.conf.5.xml:687 sssd.conf.5.xml:1765 sssd.conf.5.xml:4300 #: sssd-ad.5.xml:187 sssd-ad.5.xml:328 sssd-ad.5.xml:342 msgid "Default: Not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:692 msgid "implicit_pac_responder (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 +#: sssd.conf.5.xml:695 msgid "" "The PAC responder is enabled automatically for the IPA and AD provider to " "evaluate and check the PAC. If it has to be disabled set this option to " @@ -874,12 +881,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:703 +#: sssd.conf.5.xml:706 msgid "core_dumpable (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:706 +#: sssd.conf.5.xml:709 msgid "" "This option can be used for general system hardening: setting it to 'false' " "forbids core dumps for all SSSD processes to avoid leaking plain text " @@ -887,24 +894,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:718 +#: sssd.conf.5.xml:721 msgid "passkey_verification (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:726 +#: sssd.conf.5.xml:729 msgid "user_verification (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 +#: sssd.conf.5.xml:731 msgid "" "Enable or disable the user verification (i.e. PIN, fingerprint) during " "authentication. If enabled, the PIN will always be requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 +#: sssd.conf.5.xml:737 msgid "" "The default is that the key settings decide what to do. In the IPA or " "kerberos pre-authentication case, this value will be overwritten by the " @@ -912,7 +919,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:721 +#: sssd.conf.5.xml:724 msgid "" "With this parameter the passkey verification can be tuned with a comma " "separated list of options. Supported options are: <placeholder " @@ -920,7 +927,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:214 +#: sssd.conf.5.xml:213 msgid "" "Individual pieces of SSSD functionality are provided by special SSSD " "services that are started and stopped together with SSSD. The services are " @@ -931,12 +938,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:753 +#: sssd.conf.5.xml:756 msgid "SERVICES SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:755 +#: sssd.conf.5.xml:758 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -945,22 +952,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:762 +#: sssd.conf.5.xml:765 msgid "General service configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:764 +#: sssd.conf.5.xml:767 msgid "These options can be used to configure any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:768 +#: sssd.conf.5.xml:771 msgid "fd_limit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:771 +#: sssd.conf.5.xml:774 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -970,17 +977,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:780 +#: sssd.conf.5.xml:783 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:785 +#: sssd.conf.5.xml:788 msgid "client_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:788 +#: sssd.conf.5.xml:791 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " @@ -990,17 +997,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:797 +#: sssd.conf.5.xml:800 msgid "Default: 60, KCM: 300" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 +#: sssd.conf.5.xml:805 msgid "offline_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 +#: sssd.conf.5.xml:808 msgid "" "When SSSD switches to offline mode the amount of time before it tries to go " "back online will increase based upon the time spent disconnected. By " @@ -1011,14 +1018,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:816 sssd.conf.5.xml:872 +#: sssd.conf.5.xml:819 sssd.conf.5.xml:875 msgid "" "new_delay = Minimum(old_delay * 2, offline_timeout_max) + " "random[0...offline_timeout_random_offset]" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:822 msgid "" "The offline_timeout default value is 60. The offline_timeout_max default " "value is 3600. The offline_timeout_random_offset default value is 30. The " @@ -1026,44 +1033,44 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:825 +#: sssd.conf.5.xml:828 msgid "" "Note that the maximum length of each interval is defined by " "offline_timeout_max (apart of random part)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:829 sssd.conf.5.xml:1172 sssd.conf.5.xml:1555 -#: sssd.conf.5.xml:1851 sssd-ldap.5.xml:495 +#: sssd.conf.5.xml:832 sssd.conf.5.xml:1175 sssd.conf.5.xml:1558 +#: sssd.conf.5.xml:1854 sssd-ldap.5.xml:506 msgid "Default: 60" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:834 +#: sssd.conf.5.xml:837 msgid "offline_timeout_max (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:837 +#: sssd.conf.5.xml:840 msgid "" "Controls by how much the time between attempts to go online can be " "incremented following unsuccessful attempts to go online." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:842 +#: sssd.conf.5.xml:845 msgid "A value of 0 disables the incrementing behaviour." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:845 +#: sssd.conf.5.xml:848 msgid "" "The value of this parameter should be set in correlation to offline_timeout " "parameter value." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:849 +#: sssd.conf.5.xml:852 msgid "" "With offline_timeout set to 60 (default value) there is no point in setting " "offlinet_timeout_max to less than 120 as it will saturate instantly. General " @@ -1072,58 +1079,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:858 msgid "" "Although a value between 0 and offline_timeout may be specified, it has the " "effect of overriding the offline_timeout value so is of little use." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:863 msgid "Default: 3600" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:865 +#: sssd.conf.5.xml:868 msgid "offline_timeout_random_offset (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:868 +#: sssd.conf.5.xml:871 msgid "" "When SSSD is in offline mode it keeps probing backend servers in specified " "time intervals:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:875 +#: sssd.conf.5.xml:878 msgid "" "This parameter controls the value of the random offset used for the above " "equation. Final random_offset value will be random number in range:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:880 +#: sssd.conf.5.xml:883 msgid "[0 - offline_timeout_random_offset]" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:883 +#: sssd.conf.5.xml:886 msgid "A value of 0 disables the random offset addition." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:886 +#: sssd.conf.5.xml:889 msgid "Default: 30" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:894 msgid "responder_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:894 +#: sssd.conf.5.xml:897 msgid "" "This option specifies the number of seconds that an SSSD responder process " "can be up without being used. This value is limited in order to avoid " @@ -1135,59 +1142,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:908 sssd.conf.5.xml:1185 sssd.conf.5.xml:2304 -#: sssd-ldap.5.xml:332 +#: sssd.conf.5.xml:911 sssd.conf.5.xml:1188 sssd.conf.5.xml:2307 +#: sssd-ldap.5.xml:343 msgid "Default: 300" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:913 +#: sssd.conf.5.xml:916 msgid "cache_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:916 +#: sssd.conf.5.xml:919 msgid "" "This option specifies whether the responder should query all caches before " "querying the Data Providers." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:934 msgid "NSS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:933 +#: sssd.conf.5.xml:936 msgid "" "These options can be used to configure the Name Service Switch (NSS) " "service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:938 +#: sssd.conf.5.xml:941 msgid "enum_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:941 +#: sssd.conf.5.xml:944 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:945 +#: sssd.conf.5.xml:948 msgid "Default: 120" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:950 +#: sssd.conf.5.xml:953 msgid "entry_cache_nowait_percentage (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:956 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -1195,7 +1202,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:959 +#: sssd.conf.5.xml:962 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -1205,7 +1212,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:969 +#: sssd.conf.5.xml:972 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -1214,17 +1221,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:977 sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:980 sssd.conf.5.xml:2096 msgid "Default: 50" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:985 msgid "entry_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:985 +#: sssd.conf.5.xml:988 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -1232,17 +1239,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:991 sssd.conf.5.xml:1750 sssd.conf.5.xml:2117 +#: sssd.conf.5.xml:994 sssd.conf.5.xml:1753 sssd.conf.5.xml:2120 msgid "Default: 15" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:996 +#: sssd.conf.5.xml:999 msgid "local_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:999 +#: sssd.conf.5.xml:1002 msgid "" "Specifies for how many seconds nss_sss should keep local users and groups in " "negative cache before trying to look it up in the back end again. Setting " @@ -1250,17 +1257,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1005 +#: sssd.conf.5.xml:1008 msgid "Default: 14400 (4 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1013 msgid "filter_users, filter_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1013 +#: sssd.conf.5.xml:1016 msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " @@ -1269,7 +1276,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1024 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1278,39 +1285,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1029 +#: sssd.conf.5.xml:1032 msgid "Default: root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1037 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1037 +#: sssd.conf.5.xml:1040 msgid "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1048 +#: sssd.conf.5.xml:1051 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 +#: sssd.conf.5.xml:1054 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1056 +#: sssd.conf.5.xml:1059 msgid "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1062 +#: sssd.conf.5.xml:1065 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1318,23 +1325,23 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 sssd.conf.5.xml:1622 sssd.conf.5.xml:1641 -#: sssd.conf.5.xml:1718 sssd-krb5.5.xml:451 include/override_homedir.xml:66 +#: sssd.conf.5.xml:1063 sssd.conf.5.xml:1625 sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1721 sssd-krb5.5.xml:451 include/override_homedir.xml:66 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1069 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1072 +#: sssd.conf.5.xml:1075 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 +#: sssd.conf.5.xml:1078 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1342,46 +1349,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1084 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1090 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1093 msgid "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:1096 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1097 +#: sssd.conf.5.xml:1100 msgid "" "2. If the shell is in the allowed_shells list but not in " "<quote>/etc/shells</quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1105 msgid "" "3. If the shell is not in the allowed_shells list and not in " "<quote>/etc/shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 +#: sssd.conf.5.xml:1110 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1110 +#: sssd.conf.5.xml:1113 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1389,56 +1396,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1117 +#: sssd.conf.5.xml:1120 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1123 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1127 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1132 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1132 +#: sssd.conf.5.xml:1135 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1140 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1143 msgid "" "The default shell to use if an allowed shell is not installed on the " "machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1147 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1152 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1155 msgid "" "The default shell to use if the provider does not return one during " "lookup. This option can be specified globally in the [nss] section or " @@ -1446,58 +1453,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1161 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 sssd.conf.5.xml:1548 +#: sssd.conf.5.xml:1168 sssd.conf.5.xml:1551 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 sssd.conf.5.xml:1551 +#: sssd.conf.5.xml:1171 sssd.conf.5.xml:1554 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1180 msgid "memcache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1180 +#: sssd.conf.5.xml:1183 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1191 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 sssd.conf.5.xml:1219 sssd.conf.5.xml:1244 -#: sssd.conf.5.xml:1269 sssd.conf.5.xml:1296 +#: sssd.conf.5.xml:1197 sssd.conf.5.xml:1222 sssd.conf.5.xml:1247 +#: sssd.conf.5.xml:1272 sssd.conf.5.xml:1299 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1202 +#: sssd.conf.5.xml:1205 msgid "memcache_size_passwd (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1205 +#: sssd.conf.5.xml:1208 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for passwd requests. Setting the size to 0 will disable the passwd " @@ -1505,25 +1512,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:2963 sssd-ldap.5.xml:549 +#: sssd.conf.5.xml:1214 sssd.conf.5.xml:2966 sssd-ldap.5.xml:560 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1214 sssd.conf.5.xml:1239 sssd.conf.5.xml:1264 -#: sssd.conf.5.xml:1291 +#: sssd.conf.5.xml:1217 sssd.conf.5.xml:1242 sssd.conf.5.xml:1267 +#: sssd.conf.5.xml:1294 msgid "" "WARNING: Disabled or too small in-memory cache can have significant negative " "impact on SSSD's performance." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1230 msgid "memcache_size_group (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1233 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for group requests. Setting the size to 0 will disable the group in-memory " @@ -1531,19 +1538,19 @@ msgid "" msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1236 sssd.conf.5.xml:1288 sssd.conf.5.xml:3724 -#: sssd-ldap.5.xml:474 sssd-ldap.5.xml:526 include/failover.xml:116 +#: sssd.conf.5.xml:1239 sssd.conf.5.xml:1291 sssd.conf.5.xml:3727 +#: sssd-ldap.5.xml:485 sssd-ldap.5.xml:537 include/failover.xml:116 #: include/krb5_options.xml:11 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1252 +#: sssd.conf.5.xml:1255 msgid "memcache_size_initgroups (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1255 +#: sssd.conf.5.xml:1258 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for initgroups requests. Setting the size to 0 will disable the initgroups " @@ -1551,12 +1558,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 +#: sssd.conf.5.xml:1280 msgid "memcache_size_sid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 +#: sssd.conf.5.xml:1283 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for SID related requests. Only SID-by-ID and ID-by-SID requests are " @@ -1565,12 +1572,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1304 sssd-ifp.5.xml:90 +#: sssd.conf.5.xml:1307 sssd-ifp.5.xml:90 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1307 +#: sssd.conf.5.xml:1310 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1582,43 +1589,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1320 +#: sssd.conf.5.xml:1323 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1325 +#: sssd.conf.5.xml:1328 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1330 +#: sssd.conf.5.xml:1333 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1336 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1341 msgid "Default: <quote>*</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1341 +#: sssd.conf.5.xml:1344 msgid "" "Note: This option can also be set per-domain which overwrites the value in " "[nss] section." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1348 msgid "" "Default: <quote>not set</quote> (remote domains), <phrase " "condition=\"with_files_provider\"> <quote>x</quote> (the files domain), " @@ -1627,60 +1634,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1360 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1359 +#: sssd.conf.5.xml:1362 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1364 +#: sssd.conf.5.xml:1367 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1367 +#: sssd.conf.5.xml:1370 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1372 sssd.conf.5.xml:1385 +#: sssd.conf.5.xml:1375 sssd.conf.5.xml:1388 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1381 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1384 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1391 +#: sssd.conf.5.xml:1394 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1394 +#: sssd.conf.5.xml:1397 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1399 +#: sssd.conf.5.xml:1402 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1688,59 +1695,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1405 sssd.conf.5.xml:1515 +#: sssd.conf.5.xml:1408 sssd.conf.5.xml:1518 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1411 +#: sssd.conf.5.xml:1414 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1414 +#: sssd.conf.5.xml:1417 msgid "" "Controls what kind of messages are shown to the user during " "authentication. The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1422 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1422 +#: sssd.conf.5.xml:1425 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1425 +#: sssd.conf.5.xml:1428 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1432 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1435 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1436 sssd.8.xml:63 +#: sssd.conf.5.xml:1439 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1442 +#: sssd.conf.5.xml:1445 msgid "pam_response_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:1448 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1749,51 +1756,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1453 +#: sssd.conf.5.xml:1456 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1463 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1461 +#: sssd.conf.5.xml:1464 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1464 +#: sssd.conf.5.xml:1467 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1465 +#: sssd.conf.5.xml:1468 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:1472 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1470 +#: sssd.conf.5.xml:1473 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1458 +#: sssd.conf.5.xml:1461 msgid "" "Currently the following filters are supported: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1477 +#: sssd.conf.5.xml:1480 msgid "" "The list of strings can either be the list of filters which would set this " "list of filters and overwrite the defaults. Or each element of the list can " @@ -1804,22 +1811,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1488 +#: sssd.conf.5.xml:1491 msgid "Default: ENV:KRB5CCNAME:sudo, ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1491 +#: sssd.conf.5.xml:1494 msgid "Example: -ENV:KRB5CCNAME:sudo-i will remove the filter from the default list" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1498 +#: sssd.conf.5.xml:1501 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1501 +#: sssd.conf.5.xml:1504 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1827,7 +1834,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1507 +#: sssd.conf.5.xml:1510 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a " @@ -1837,17 +1844,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1521 +#: sssd.conf.5.xml:1524 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1524 sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:1527 sssd.conf.5.xml:2990 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1527 +#: sssd.conf.5.xml:1530 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1855,7 +1862,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1533 sssd.conf.5.xml:2990 +#: sssd.conf.5.xml:1536 sssd.conf.5.xml:2993 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be " @@ -1863,25 +1870,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1541 msgid "" "This setting can be overridden by setting " "<emphasis>pwd_expiration_warning</emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1543 sssd.conf.5.xml:3990 sssd-ldap.5.xml:607 -#: sssd-ldap.5.xml:1673 sssd.8.xml:79 +#: sssd.conf.5.xml:1546 sssd.conf.5.xml:3993 sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:1684 sssd.8.xml:79 msgid "Default: 0" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1560 +#: sssd.conf.5.xml:1563 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1563 +#: sssd.conf.5.xml:1566 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1891,74 +1898,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1573 +#: sssd.conf.5.xml:1576 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1577 +#: sssd.conf.5.xml:1580 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1584 +#: sssd.conf.5.xml:1587 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1587 +#: sssd.conf.5.xml:1590 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1591 +#: sssd.conf.5.xml:1594 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1595 +#: sssd.conf.5.xml:1598 msgid "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1602 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1603 sssd.conf.5.xml:1628 sssd.conf.5.xml:1647 -#: sssd.conf.5.xml:1884 sssd.conf.5.xml:2725 sssd.conf.5.xml:3919 -#: sssd-ldap.5.xml:1210 +#: sssd.conf.5.xml:1606 sssd.conf.5.xml:1631 sssd.conf.5.xml:1650 +#: sssd.conf.5.xml:1887 sssd.conf.5.xml:2728 sssd.conf.5.xml:3922 +#: sssd-ldap.5.xml:1221 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1611 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1611 +#: sssd.conf.5.xml:1614 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1616 +#: sssd.conf.5.xml:1619 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1627 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1966,19 +1973,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1633 +#: sssd.conf.5.xml:1636 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1639 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1643 +#: sssd.conf.5.xml:1646 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1986,46 +1993,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1652 +#: sssd.conf.5.xml:1655 msgid "pam_passkey_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1655 +#: sssd.conf.5.xml:1658 msgid "Enable passkey device based authentication." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1658 sssd.conf.5.xml:1970 sssd-ad.5.xml:1272 +#: sssd.conf.5.xml:1661 sssd.conf.5.xml:1973 sssd-ad.5.xml:1275 #: sss_rpcidmapd.5.xml:76 sssd-files.5.xml:145 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1663 +#: sssd.conf.5.xml:1666 msgid "passkey_debug_libfido2 (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1666 +#: sssd.conf.5.xml:1669 msgid "Enable libfido2 library debug messages." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1669 sssd.conf.5.xml:1683 sssd-ldap.5.xml:672 -#: sssd-ldap.5.xml:693 sssd-ldap.5.xml:789 sssd-ldap.5.xml:1296 -#: sssd-ad.5.xml:506 sssd-ad.5.xml:582 sssd-ad.5.xml:1127 sssd-ad.5.xml:1176 +#: sssd.conf.5.xml:1672 sssd.conf.5.xml:1686 sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:704 sssd-ldap.5.xml:800 sssd-ldap.5.xml:1307 +#: sssd-ad.5.xml:506 sssd-ad.5.xml:582 sssd-ad.5.xml:1127 sssd-ad.5.xml:1179 #: include/ldap_id_mapping.xml:250 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1674 +#: sssd.conf.5.xml:1677 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1677 +#: sssd.conf.5.xml:1680 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -2033,34 +2040,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1688 +#: sssd.conf.5.xml:1691 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1691 +#: sssd.conf.5.xml:1694 msgid "The path to the certificate database." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1694 sssd.conf.5.xml:2219 sssd.conf.5.xml:4411 +#: sssd.conf.5.xml:1697 sssd.conf.5.xml:2222 sssd.conf.5.xml:4414 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1696 sssd.conf.5.xml:2221 +#: sssd.conf.5.xml:1699 sssd.conf.5.xml:2224 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (path to a file with trusted CA " "certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:1709 msgid "pam_cert_verification (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:1712 msgid "" "With this parameter the PAM certificate verification can be tuned with a " "comma separated list of options that override the " @@ -2070,7 +2077,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:1723 #, no-wrap msgid "" "pam_cert_verification = partial_chain\n" @@ -2078,58 +2085,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:1727 msgid "" "Default: not set, i.e. use default <quote>certificate_verification</quote> " "option defined in <quote>[sssd]</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1731 +#: sssd.conf.5.xml:1734 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1734 +#: sssd.conf.5.xml:1737 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1743 +#: sssd.conf.5.xml:1746 msgid "passkey_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 +#: sssd.conf.5.xml:1749 msgid "How many seconds will the PAM responder wait for passkey_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1758 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1761 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1767 +#: sssd.conf.5.xml:1770 msgid "pam_p11_allowed_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1770 +#: sssd.conf.5.xml:1773 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1785 +#: sssd.conf.5.xml:1788 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -2137,7 +2144,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1774 +#: sssd.conf.5.xml:1777 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -2149,63 +2156,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1789 sssd-ad.5.xml:645 sssd-ad.5.xml:754 sssd-ad.5.xml:812 +#: sssd.conf.5.xml:1792 sssd-ad.5.xml:645 sssd-ad.5.xml:754 sssd-ad.5.xml:812 #: sssd-ad.5.xml:870 sssd-ad.5.xml:948 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1794 sssd-ad.5.xml:649 +#: sssd.conf.5.xml:1797 sssd-ad.5.xml:649 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1799 sssd-ad.5.xml:654 +#: sssd.conf.5.xml:1802 sssd-ad.5.xml:654 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1804 sssd-ad.5.xml:659 +#: sssd.conf.5.xml:1807 sssd-ad.5.xml:659 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1809 sssd-ad.5.xml:674 +#: sssd.conf.5.xml:1812 sssd-ad.5.xml:674 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1814 sssd-ad.5.xml:669 +#: sssd.conf.5.xml:1817 sssd-ad.5.xml:669 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1819 sssd-ad.5.xml:679 +#: sssd.conf.5.xml:1822 sssd-ad.5.xml:679 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1824 sssd-ad.5.xml:957 +#: sssd.conf.5.xml:1827 sssd-ad.5.xml:957 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1829 sssd-ad.5.xml:962 +#: sssd.conf.5.xml:1832 sssd-ad.5.xml:962 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1837 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1845 msgid "p11_wait_for_card_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1845 +#: sssd.conf.5.xml:1848 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2213,12 +2220,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1856 +#: sssd.conf.5.xml:1859 msgid "p11_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1859 +#: sssd.conf.5.xml:1862 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " @@ -2229,7 +2236,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1872 +#: sssd.conf.5.xml:1875 #, no-wrap msgid "" "p11_uri = pkcs11:slot-description=My%20Smartcard%20Reader\n" @@ -2237,7 +2244,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1876 +#: sssd.conf.5.xml:1879 #, no-wrap msgid "" "p11_uri = " @@ -2246,7 +2253,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1870 +#: sssd.conf.5.xml:1873 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2255,46 +2262,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1892 msgid "pam_initgroups_scheme" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1897 +#: sssd.conf.5.xml:1900 msgid "always" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1898 +#: sssd.conf.5.xml:1901 msgid "Always do an online lookup, please note that pam_id_timeout still applies" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1902 +#: sssd.conf.5.xml:1905 msgid "no_session" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1903 +#: sssd.conf.5.xml:1906 msgid "" "Only do an online lookup if there is no active session of the user, i.e. if " "the user is currently not logged in" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1908 +#: sssd.conf.5.xml:1911 msgid "never" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1909 +#: sssd.conf.5.xml:1912 msgid "" "Never force an online lookup, use the data from the cache as long as they " "are not expired" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1892 +#: sssd.conf.5.xml:1895 msgid "" "The PAM responder can force an online lookup to get the current group " "memberships of the user trying to log in. This option controls when this " @@ -2303,31 +2310,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1916 +#: sssd.conf.5.xml:1919 msgid "Default: no_session" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1921 sssd.conf.5.xml:4350 +#: sssd.conf.5.xml:1924 sssd.conf.5.xml:4353 msgid "pam_gssapi_services" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1924 +#: sssd.conf.5.xml:1927 msgid "" "Comma separated list of PAM services that are allowed to try GSSAPI " "authentication using pam_sss_gss.so module." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:1932 msgid "" "To disable GSSAPI authentication, set this option to <quote>-</quote> " "(dash)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1933 sssd.conf.5.xml:1964 sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:1936 sssd.conf.5.xml:1967 sssd.conf.5.xml:2005 msgid "" "Note: This option can also be set per-domain which overwrites the value in " "[pam] section. It can also be set for trusted domain which overwrites the " @@ -2335,7 +2342,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1941 +#: sssd.conf.5.xml:1944 #, no-wrap msgid "" "pam_gssapi_services = sudo, sudo-i\n" @@ -2343,22 +2350,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1939 sssd.conf.5.xml:3913 +#: sssd.conf.5.xml:1942 sssd.conf.5.xml:3916 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1945 +#: sssd.conf.5.xml:1948 msgid "Default: - (GSSAPI authentication is disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1950 sssd.conf.5.xml:4351 +#: sssd.conf.5.xml:1953 sssd.conf.5.xml:4354 msgid "pam_gssapi_check_upn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1953 +#: sssd.conf.5.xml:1956 msgid "" "If True, SSSD will require that the Kerberos user principal that " "successfully authenticated through GSSAPI can be associated with the user " @@ -2366,19 +2373,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1960 +#: sssd.conf.5.xml:1963 msgid "" "If False, every user that is able to obtained required service ticket will " "be authenticated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:1978 msgid "pam_gssapi_indicators_map" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1978 +#: sssd.conf.5.xml:1981 msgid "" "Comma separated list of authentication indicators required to be present in " "a Kerberos ticket to access a PAM service that is allowed to try GSSAPI " @@ -2386,7 +2393,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1984 +#: sssd.conf.5.xml:1987 msgid "" "Each element of the list can be either an authentication indicator name or a " "pair <quote>service:indicator</quote>. Indicators not prefixed with the PAM " @@ -2401,7 +2408,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1997 +#: sssd.conf.5.xml:2000 msgid "" "To disable GSSAPI authentication indicator check, set this option to " "<quote>-</quote> (dash). To disable the check for a specific PAM service, " @@ -2409,45 +2416,45 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2008 +#: sssd.conf.5.xml:2011 msgid "" "Following authentication indicators are supported by IPA Kerberos " "deployments:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2011 +#: sssd.conf.5.xml:2014 msgid "" "pkinit -- pre-authentication using X.509 certificates -- whether stored in " "files or on smart cards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2014 +#: sssd.conf.5.xml:2017 msgid "" "hardened -- SPAKE pre-authentication or any pre-authentication wrapped in a " "FAST channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2017 +#: sssd.conf.5.xml:2020 msgid "radius -- pre-authentication with the help of a RADIUS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2020 +#: sssd.conf.5.xml:2023 msgid "" "otp -- pre-authentication using integrated two-factor authentication (2FA or " "one-time password, OTP) in IPA." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2023 +#: sssd.conf.5.xml:2026 msgid "idp -- pre-authentication using external identity provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2033 +#: sssd.conf.5.xml:2036 #, no-wrap msgid "" "pam_gssapi_indicators_map = sudo:pkinit, sudo-i:pkinit\n" @@ -2455,7 +2462,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2028 +#: sssd.conf.5.xml:2031 msgid "" "Example: to require access to SUDO services only for users which obtained " "their Kerberos tickets with a X.509 certificate pre-authentication (PKINIT), " @@ -2463,17 +2470,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2037 +#: sssd.conf.5.xml:2040 msgid "Default: not set (use of authentication indicators is not required)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2048 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2047 +#: sssd.conf.5.xml:2050 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> " @@ -2485,24 +2492,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2064 +#: sssd.conf.5.xml:2067 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2067 +#: sssd.conf.5.xml:2070 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2079 +#: sssd.conf.5.xml:2082 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2082 +#: sssd.conf.5.xml:2085 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2513,22 +2520,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2101 +#: sssd.conf.5.xml:2104 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2103 +#: sssd.conf.5.xml:2106 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2107 +#: sssd.conf.5.xml:2110 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2110 +#: sssd.conf.5.xml:2113 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2536,51 +2543,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2126 +#: sssd.conf.5.xml:2129 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2128 +#: sssd.conf.5.xml:2131 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:2135 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2135 +#: sssd.conf.5.xml:2138 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2144 +#: sssd.conf.5.xml:2147 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2147 +#: sssd.conf.5.xml:2150 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2154 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2156 +#: sssd.conf.5.xml:2159 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2159 +#: sssd.conf.5.xml:2162 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2590,12 +2597,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2174 +#: sssd.conf.5.xml:2177 msgid "ssh_use_certificate_matching_rules (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2177 +#: sssd.conf.5.xml:2180 msgid "" "By default the ssh responder will use all available certificate matching " "rules to filter the certificates so that ssh keys are only derived from the " @@ -2605,7 +2612,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2186 +#: sssd.conf.5.xml:2189 msgid "" "There are two special key words 'all_rules' and 'no_rules' which will enable " "all or no rules, respectively. The latter means that no certificates will be " @@ -2613,7 +2620,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2193 +#: sssd.conf.5.xml:2196 msgid "" "If no rules are configured using 'all_rules' will enable a default rule " "which enables all certificates suitable for client authentication. This is " @@ -2622,38 +2629,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2200 +#: sssd.conf.5.xml:2203 msgid "" "A non-existing rule name is considered an error. If as a result no rule is " "selected all certificates will be ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2205 +#: sssd.conf.5.xml:2208 msgid "" "Default: not set, equivalent to 'all_rules', all found rules or the default " "rule are used" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2211 +#: sssd.conf.5.xml:2214 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2214 +#: sssd.conf.5.xml:2217 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2234 +#: sssd.conf.5.xml:2237 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2239 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2664,7 +2671,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2245 +#: sssd.conf.5.xml:2248 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2675,24 +2682,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2253 +#: sssd.conf.5.xml:2256 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2259 +#: sssd.conf.5.xml:2262 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2263 sssd-ifp.5.xml:66 +#: sssd.conf.5.xml:2266 sssd-ifp.5.xml:66 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2266 +#: sssd.conf.5.xml:2269 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2700,19 +2707,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2272 +#: sssd.conf.5.xml:2275 msgid "" "Default: 0, &sssd_user_name; (only root and SSSD service users are allowed " "to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2279 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2280 +#: sssd.conf.5.xml:2283 msgid "" "Please note that defaults will be overwritten with this option. If you still " "want to allow the root and/or '&sssd_user_name;' user to access the PAC " @@ -2721,7 +2728,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2287 +#: sssd.conf.5.xml:2290 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2730,24 +2737,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2296 +#: sssd.conf.5.xml:2299 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2299 +#: sssd.conf.5.xml:2302 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2309 +#: sssd.conf.5.xml:2312 msgid "pac_check (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2312 +#: sssd.conf.5.xml:2315 msgid "" "Apply additional checks on the PAC of the Kerberos ticket which is available " "in Active Directory and FreeIPA domains, if configured. Please note that " @@ -2758,24 +2765,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2326 +#: sssd.conf.5.xml:2329 msgid "no_check" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2328 +#: sssd.conf.5.xml:2331 msgid "" "The PAC must not be present and even if it is present no additional checks " "will be done." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2334 +#: sssd.conf.5.xml:2337 msgid "pac_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:2339 msgid "" "The PAC must be present in the service ticket which SSSD will request with " "the help of the user's TGT. If the PAC is not available the authentication " @@ -2783,24 +2790,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2344 +#: sssd.conf.5.xml:2347 msgid "check_upn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2346 +#: sssd.conf.5.xml:2349 msgid "" "If the PAC is present check if the user principal name (UPN) information is " "consistent." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2352 +#: sssd.conf.5.xml:2355 msgid "check_upn_allow_missing" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2357 msgid "" "This option should be used together with 'check_upn' and handles the case " "where a UPN is set on the server-side but is not read by SSSD. The typical " @@ -2812,7 +2819,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2366 +#: sssd.conf.5.xml:2369 msgid "" "Currently this option is set by default to avoid regressions in such " "environments. A log message will be added to the system log and SSSD's debug " @@ -2823,60 +2830,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2380 +#: sssd.conf.5.xml:2383 msgid "upn_dns_info_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2382 +#: sssd.conf.5.xml:2385 msgid "The PAC must contain the UPN-DNS-INFO buffer, implies 'check_upn'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2387 +#: sssd.conf.5.xml:2390 msgid "check_upn_dns_info_ex" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2389 +#: sssd.conf.5.xml:2392 msgid "" "If the PAC is present and the extension to the UPN-DNS-INFO buffer is " "available check if the information in the extension is consistent." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2396 +#: sssd.conf.5.xml:2399 msgid "upn_dns_info_ex_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2401 msgid "" "The PAC must contain the extension of the UPN-DNS-INFO buffer, implies " "'check_upn_dns_info_ex', 'upn_dns_info_present' and 'check_upn'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2325 msgid "" "The following options can be used alone or in a comma-separated list: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2408 +#: sssd.conf.5.xml:2411 msgid "" "Default: no_check (AD and IPA provider 'check_upn, check_upn_allow_missing, " "check_upn_dns_info_ex')" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2417 +#: sssd.conf.5.xml:2420 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2419 +#: sssd.conf.5.xml:2422 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> " @@ -2887,66 +2894,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2432 +#: sssd.conf.5.xml:2435 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2436 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:2439 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2443 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:2446 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2446 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:2449 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2451 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:2454 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2454 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:2457 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2463 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:2466 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2466 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:2469 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2439 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:2442 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:2476 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2478 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:2481 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2481 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:2484 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording " "enabled. Matches user names as returned by NSS. I.e. after the possible " @@ -2954,17 +2961,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2487 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:2490 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2492 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:2495 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2495 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:2498 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2972,7 +2979,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2501 sssd.conf.5.xml:2533 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:2504 sssd.conf.5.xml:2536 sssd-session-recording.5.xml:129 #: sssd-session-recording.5.xml:161 msgid "" "NOTE: using this option (having it set to anything) has a considerable " @@ -2981,57 +2988,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2508 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:2511 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2513 sssd-session-recording.5.xml:141 +#: sssd.conf.5.xml:2516 sssd-session-recording.5.xml:141 msgid "exclude_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2516 sssd-session-recording.5.xml:144 +#: sssd.conf.5.xml:2519 sssd-session-recording.5.xml:144 msgid "" "A comma-separated list of users to be excluded from recording, only " "applicable with 'scope=all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2520 sssd-session-recording.5.xml:148 +#: sssd.conf.5.xml:2523 sssd-session-recording.5.xml:148 msgid "Default: Empty. No users excluded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2525 sssd-session-recording.5.xml:153 +#: sssd.conf.5.xml:2528 sssd-session-recording.5.xml:153 msgid "exclude_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2528 sssd-session-recording.5.xml:156 +#: sssd.conf.5.xml:2531 sssd-session-recording.5.xml:156 msgid "" "A comma-separated list of groups, members of which should be excluded from " "recording. Only applicable with 'scope=all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2540 sssd-session-recording.5.xml:168 +#: sssd.conf.5.xml:2543 sssd-session-recording.5.xml:168 msgid "Default: Empty. No groups excluded." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:2550 +#: sssd.conf.5.xml:2553 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para> -#: sssd.conf.5.xml:2557 sssd.conf.5.xml:4041 sssd.conf.5.xml:4042 -#: sssd.conf.5.xml:4045 +#: sssd.conf.5.xml:2560 sssd.conf.5.xml:4044 sssd.conf.5.xml:4045 +#: sssd.conf.5.xml:4048 msgid "enabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2560 +#: sssd.conf.5.xml:2563 msgid "" "Explicitly enable or disable the domain. If <quote>true</quote>, the domain " "is always <quote>enabled</quote>. If <quote>false</quote>, the domain is " @@ -3041,12 +3048,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2572 +#: sssd.conf.5.xml:2575 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2578 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -3055,14 +3062,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2583 +#: sssd.conf.5.xml:2586 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2587 +#: sssd.conf.5.xml:2590 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -3071,38 +3078,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2595 +#: sssd.conf.5.xml:2598 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2602 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2603 +#: sssd.conf.5.xml:2606 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2609 +#: sssd.conf.5.xml:2612 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2615 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2617 +#: sssd.conf.5.xml:2620 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For " @@ -3111,24 +3118,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2627 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2631 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2637 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2637 +#: sssd.conf.5.xml:2640 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -3137,36 +3144,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:2648 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:2651 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2651 sssd.conf.5.xml:2942 sssd.conf.5.xml:3119 +#: sssd.conf.5.xml:2654 sssd.conf.5.xml:2945 sssd.conf.5.xml:3122 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2654 +#: sssd.conf.5.xml:2657 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2659 +#: sssd.conf.5.xml:2662 msgid "" "Feature is only supported for domains with id_provider = ldap or id_provider " "= proxy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2663 +#: sssd.conf.5.xml:2666 msgid "" "Note: Enabling enumeration has a severe performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -3180,14 +3187,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2678 +#: sssd.conf.5.xml:2681 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2683 +#: sssd.conf.5.xml:2686 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -3196,14 +3203,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2694 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2696 +#: sssd.conf.5.xml:2699 msgid "" "Note: the proxy provider is tested with open source modules like " "'libnss_files' and 'libnss_ldap'. 3rd party modules must follow the " @@ -3211,32 +3218,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2705 +#: sssd.conf.5.xml:2708 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2712 +#: sssd.conf.5.xml:2715 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2716 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2716 +#: sssd.conf.5.xml:2719 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2717 +#: sssd.conf.5.xml:2720 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2708 +#: sssd.conf.5.xml:2711 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -3245,19 +3252,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2731 +#: sssd.conf.5.xml:2734 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2734 +#: sssd.conf.5.xml:2737 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2738 +#: sssd.conf.5.xml:2741 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -3268,139 +3275,139 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2751 +#: sssd.conf.5.xml:2754 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2757 +#: sssd.conf.5.xml:2760 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2760 +#: sssd.conf.5.xml:2763 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2764 sssd.conf.5.xml:2777 sssd.conf.5.xml:2790 -#: sssd.conf.5.xml:2803 sssd.conf.5.xml:2817 sssd.conf.5.xml:2830 -#: sssd.conf.5.xml:2844 sssd.conf.5.xml:2858 sssd.conf.5.xml:2871 +#: sssd.conf.5.xml:2767 sssd.conf.5.xml:2780 sssd.conf.5.xml:2793 +#: sssd.conf.5.xml:2806 sssd.conf.5.xml:2820 sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2847 sssd.conf.5.xml:2861 sssd.conf.5.xml:2874 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2773 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2776 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2783 +#: sssd.conf.5.xml:2786 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2786 +#: sssd.conf.5.xml:2789 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2796 +#: sssd.conf.5.xml:2799 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2799 +#: sssd.conf.5.xml:2802 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2812 msgid "entry_cache_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2812 +#: sssd.conf.5.xml:2815 msgid "" "How many seconds should nss_sss consider hosts and networks entries valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:2826 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2826 +#: sssd.conf.5.xml:2829 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2836 +#: sssd.conf.5.xml:2839 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2839 +#: sssd.conf.5.xml:2842 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2850 +#: sssd.conf.5.xml:2853 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2853 +#: sssd.conf.5.xml:2856 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2867 msgid "entry_cache_computer_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2867 +#: sssd.conf.5.xml:2870 msgid "" "How many seconds to keep the local computer entry before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2877 +#: sssd.conf.5.xml:2880 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2880 +#: sssd.conf.5.xml:2883 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2885 +#: sssd.conf.5.xml:2888 msgid "" "The background refresh will process users, groups and netgroups in the " "cache. For users who have performed the initgroups (get group membership for " @@ -3409,17 +3416,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2893 +#: sssd.conf.5.xml:2896 msgid "This option is automatically inherited for all trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2897 +#: sssd.conf.5.xml:2900 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2901 +#: sssd.conf.5.xml:2904 msgid "" "Cache entry will be refreshed by background task when 2/3 of cache timeout " "has already passed. If there are existing cached entries, the background " @@ -3431,18 +3438,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2914 sssd-ldap.5.xml:361 sssd-ldap.5.xml:1774 +#: sssd.conf.5.xml:2917 sssd-ldap.5.xml:372 sssd-ldap.5.xml:1785 #: sssd-ipa.5.xml:270 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2920 +#: sssd.conf.5.xml:2923 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:2926 msgid "" "Determines if user credentials are also cached in the local LDB cache. The " "cached credentials refer to passwords, which includes the first (long term) " @@ -3453,7 +3460,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2934 +#: sssd.conf.5.xml:2937 msgid "" "Take a note that while credentials are stored as a salted SHA512 hash, this " "still potentially poses some security risk in case an attacker manages to " @@ -3462,12 +3469,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:2951 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2951 +#: sssd.conf.5.xml:2954 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -3475,19 +3482,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2958 +#: sssd.conf.5.xml:2961 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:2972 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:2975 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -3496,17 +3503,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2979 +#: sssd.conf.5.xml:2982 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:2987 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2995 +#: sssd.conf.5.xml:2998 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -3515,29 +3522,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3002 +#: sssd.conf.5.xml:3005 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3008 +#: sssd.conf.5.xml:3011 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3011 +#: sssd.conf.5.xml:3014 msgid "" "The identification provider used for the domain. Supported ID providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3015 +#: sssd.conf.5.xml:3018 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3018 +#: sssd.conf.5.xml:3021 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> " "<refentrytitle>sssd-files</refentrytitle> <manvolnum>5</manvolnum> " @@ -3546,7 +3553,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3026 +#: sssd.conf.5.xml:3029 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " @@ -3554,8 +3561,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3034 sssd.conf.5.xml:3145 sssd.conf.5.xml:3196 -#: sssd.conf.5.xml:3259 +#: sssd.conf.5.xml:3037 sssd.conf.5.xml:3148 sssd.conf.5.xml:3199 +#: sssd.conf.5.xml:3262 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Identity Management provider. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -3564,8 +3571,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3043 sssd.conf.5.xml:3154 sssd.conf.5.xml:3205 -#: sssd.conf.5.xml:3268 +#: sssd.conf.5.xml:3046 sssd.conf.5.xml:3157 sssd.conf.5.xml:3208 +#: sssd.conf.5.xml:3271 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> " @@ -3573,19 +3580,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3054 +#: sssd.conf.5.xml:3057 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3057 +#: sssd.conf.5.xml:3060 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3062 +#: sssd.conf.5.xml:3065 msgid "" "If set to TRUE, all requests to this domain must use fully qualified " "names. For example, if used in LOCAL domain that contains a \"test\" user, " @@ -3594,7 +3601,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3070 +#: sssd.conf.5.xml:3073 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -3602,24 +3609,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3077 +#: sssd.conf.5.xml:3080 msgid "" "Default: FALSE (TRUE for trusted domain/sub-domains or if " "default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3084 +#: sssd.conf.5.xml:3087 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3087 +#: sssd.conf.5.xml:3090 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3090 +#: sssd.conf.5.xml:3093 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -3631,7 +3638,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3111 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -3639,30 +3646,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3114 sssd.conf.5.xml:3835 sssd-ldap.5.xml:327 -#: sssd-ldap.5.xml:356 sssd-ldap.5.xml:409 sssd-ldap.5.xml:469 -#: sssd-ldap.5.xml:490 sssd-ldap.5.xml:521 sssd-ldap.5.xml:544 -#: sssd-ldap.5.xml:583 sssd-ldap.5.xml:602 sssd-ldap.5.xml:626 -#: sssd-ldap.5.xml:1054 sssd-ldap.5.xml:1087 +#: sssd.conf.5.xml:3117 sssd.conf.5.xml:3838 sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:367 sssd-ldap.5.xml:420 sssd-ldap.5.xml:480 +#: sssd-ldap.5.xml:501 sssd-ldap.5.xml:532 sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:594 sssd-ldap.5.xml:613 sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:1065 sssd-ldap.5.xml:1098 msgid "" "This option can be also set per subdomain or inherited via " "<emphasis>subdomain_inherit</emphasis>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3124 +#: sssd.conf.5.xml:3127 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3127 +#: sssd.conf.5.xml:3130 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3131 sssd.conf.5.xml:3189 +#: sssd.conf.5.xml:3134 sssd.conf.5.xml:3192 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " @@ -3670,7 +3677,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3138 +#: sssd.conf.5.xml:3141 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> " @@ -3678,29 +3685,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3162 +#: sssd.conf.5.xml:3165 msgid "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3168 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3168 +#: sssd.conf.5.xml:3171 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3174 +#: sssd.conf.5.xml:3177 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3177 +#: sssd.conf.5.xml:3180 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3708,19 +3715,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3183 +#: sssd.conf.5.xml:3186 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3186 +#: sssd.conf.5.xml:3189 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3213 +#: sssd.conf.5.xml:3216 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> " @@ -3729,7 +3736,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3223 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> " @@ -3738,29 +3745,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3227 +#: sssd.conf.5.xml:3230 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3230 +#: sssd.conf.5.xml:3233 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3235 +#: sssd.conf.5.xml:3238 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3238 +#: sssd.conf.5.xml:3241 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3243 +#: sssd.conf.5.xml:3246 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> " @@ -3769,7 +3776,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3251 +#: sssd.conf.5.xml:3254 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> " @@ -3777,34 +3784,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3276 +#: sssd.conf.5.xml:3279 msgid "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3280 +#: sssd.conf.5.xml:3283 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3283 +#: sssd.conf.5.xml:3286 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3290 +#: sssd.conf.5.xml:3293 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3293 +#: sssd.conf.5.xml:3296 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3297 +#: sssd.conf.5.xml:3300 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " @@ -3812,32 +3819,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3305 +#: sssd.conf.5.xml:3308 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3309 +#: sssd.conf.5.xml:3312 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3313 +#: sssd.conf.5.xml:3316 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3316 sssd.conf.5.xml:3402 sssd.conf.5.xml:3467 -#: sssd.conf.5.xml:3492 sssd.conf.5.xml:3528 +#: sssd.conf.5.xml:3319 sssd.conf.5.xml:3405 sssd.conf.5.xml:3470 +#: sssd.conf.5.xml:3495 sssd.conf.5.xml:3531 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3320 +#: sssd.conf.5.xml:3323 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3848,7 +3855,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3335 +#: sssd.conf.5.xml:3338 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3857,12 +3864,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3345 +#: sssd.conf.5.xml:3348 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3348 +#: sssd.conf.5.xml:3351 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3870,7 +3877,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3354 +#: sssd.conf.5.xml:3357 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -3879,31 +3886,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3362 +#: sssd.conf.5.xml:3365 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3365 +#: sssd.conf.5.xml:3368 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3371 +#: sssd.conf.5.xml:3374 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3374 +#: sssd.conf.5.xml:3377 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3380 +#: sssd.conf.5.xml:3383 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -3912,7 +3919,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3389 +#: sssd.conf.5.xml:3392 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3921,17 +3928,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3398 +#: sssd.conf.5.xml:3401 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3408 +#: sssd.conf.5.xml:3411 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3411 +#: sssd.conf.5.xml:3414 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3939,34 +3946,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3418 +#: sssd.conf.5.xml:3421 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3422 +#: sssd.conf.5.xml:3425 msgid "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3426 +#: sssd.conf.5.xml:3429 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3433 +#: sssd.conf.5.xml:3436 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3436 +#: sssd.conf.5.xml:3439 msgid "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3440 +#: sssd.conf.5.xml:3443 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " @@ -3974,7 +3981,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3447 +#: sssd.conf.5.xml:3450 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> " @@ -3982,7 +3989,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3455 +#: sssd.conf.5.xml:3458 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> " @@ -3990,24 +3997,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3464 +#: sssd.conf.5.xml:3467 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3474 +#: sssd.conf.5.xml:3477 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3477 +#: sssd.conf.5.xml:3480 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3481 +#: sssd.conf.5.xml:3484 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -4016,31 +4023,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3492 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3499 +#: sssd.conf.5.xml:3502 msgid "resolver_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3502 +#: sssd.conf.5.xml:3505 msgid "" "The provider which should handle hosts and networks lookups. Supported " "resolver providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3506 +#: sssd.conf.5.xml:3509 msgid "" "<quote>proxy</quote> to forward lookups to another NSS library. See " "<quote>proxy_resolver_lib_name</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3510 +#: sssd.conf.5.xml:3513 msgid "" "<quote>ldap</quote> to fetch hosts and networks stored in LDAP. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> " @@ -4049,7 +4056,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3517 +#: sssd.conf.5.xml:3520 msgid "" "<quote>ad</quote> to fetch hosts and networks stored in AD. See " "<citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -4058,12 +4065,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3525 +#: sssd.conf.5.xml:3528 msgid "<quote>none</quote> disallows fetching hosts and networks explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3538 +#: sssd.conf.5.xml:3541 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -4073,7 +4080,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3547 +#: sssd.conf.5.xml:3550 msgid "" "Default: " "<quote>^((?P<name>.+)@(?P<domain>[^@]*)|(?P<name>[^@]+))$</quote> " @@ -4081,17 +4088,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3552 sssd.conf.5.xml:3566 +#: sssd.conf.5.xml:3555 sssd.conf.5.xml:3569 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3555 sssd.conf.5.xml:3569 +#: sssd.conf.5.xml:3558 sssd.conf.5.xml:3572 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3560 +#: sssd.conf.5.xml:3563 msgid "" "Default for the AD and IPA provider: " "<quote>^(((?P<domain>[^\\\\]+)\\\\(?P<name>.+))|((?P<name>.+)@(?P<domain>[^@]+))|((?P<name>[^@\\\\]+)))$</quote> " @@ -4099,19 +4106,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3572 +#: sssd.conf.5.xml:3575 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3575 +#: sssd.conf.5.xml:3578 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3580 +#: sssd.conf.5.xml:3583 msgid "" "The default re_expression uses the <quote>@</quote> character as a separator " "between the name and the domain. As a result of this setting the default " @@ -4121,88 +4128,88 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3632 +#: sssd.conf.5.xml:3635 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3638 +#: sssd.conf.5.xml:3641 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3641 +#: sssd.conf.5.xml:3644 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3645 +#: sssd.conf.5.xml:3648 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3648 +#: sssd.conf.5.xml:3651 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3651 +#: sssd.conf.5.xml:3654 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3654 +#: sssd.conf.5.xml:3657 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3657 +#: sssd.conf.5.xml:3660 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3660 +#: sssd.conf.5.xml:3663 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3666 +#: sssd.conf.5.xml:3669 msgid "dns_resolver_server_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3669 +#: sssd.conf.5.xml:3672 msgid "" "Defines the amount of time (in milliseconds) SSSD would try to talk to DNS " "server before trying next DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3674 +#: sssd.conf.5.xml:3677 msgid "The AD provider will use this option for the CLDAP ping timeouts as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3678 sssd.conf.5.xml:3698 sssd.conf.5.xml:3719 +#: sssd.conf.5.xml:3681 sssd.conf.5.xml:3701 sssd.conf.5.xml:3722 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3683 sssd-ldap.5.xml:645 include/failover.xml:84 +#: sssd.conf.5.xml:3686 sssd-ldap.5.xml:656 include/failover.xml:84 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3689 +#: sssd.conf.5.xml:3692 msgid "dns_resolver_op_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3692 +#: sssd.conf.5.xml:3695 msgid "" "Defines the amount of time (in seconds) to wait to resolve single DNS query " "(e.g. resolution of a hostname or an SRV record) before trying the next " @@ -4210,17 +4217,17 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3703 include/failover.xml:100 +#: sssd.conf.5.xml:3706 include/failover.xml:100 msgid "Default: 3" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3709 +#: sssd.conf.5.xml:3712 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3712 +#: sssd.conf.5.xml:3715 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is " @@ -4229,12 +4236,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3730 +#: sssd.conf.5.xml:3733 msgid "dns_resolver_use_search_list (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3733 +#: sssd.conf.5.xml:3736 msgid "" "Normally, the DNS resolver searches the domain list defined in the " "\"search\" directive from the resolv.conf file. This can lead to delays in " @@ -4242,7 +4249,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3739 +#: sssd.conf.5.xml:3742 msgid "" "If fully qualified domain names (or _srv_) are used in the SSSD " "configuration, setting this option to FALSE can prevent unnecessary DNS " @@ -4250,34 +4257,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3745 +#: sssd.conf.5.xml:3748 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3751 +#: sssd.conf.5.xml:3754 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3754 +#: sssd.conf.5.xml:3757 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3758 +#: sssd.conf.5.xml:3761 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3764 +#: sssd.conf.5.xml:3767 msgid "failover_primary_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3767 +#: sssd.conf.5.xml:3770 msgid "" "When no primary server is available, SSSD fails over to a backup " "server. This option defines the number of seconds SSSD waits before " @@ -4285,57 +4292,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3774 +#: sssd.conf.5.xml:3777 msgid "Note: The minimum value is 31." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3777 +#: sssd.conf.5.xml:3780 msgid "Default: 31" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3783 +#: sssd.conf.5.xml:3786 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3786 +#: sssd.conf.5.xml:3789 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3792 +#: sssd.conf.5.xml:3795 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3799 +#: sssd.conf.5.xml:3802 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3802 +#: sssd.conf.5.xml:3805 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3808 +#: sssd.conf.5.xml:3811 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3810 +#: sssd.conf.5.xml:3813 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3814 +#: sssd.conf.5.xml:3817 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3817 +#: sssd.conf.5.xml:3820 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -4343,31 +4350,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3825 +#: sssd.conf.5.xml:3828 msgid "" "If you want to set this value for trusted domain with IPA provider, you need " "to set it on both the client and SSSD on the server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3795 +#: sssd.conf.5.xml:3798 msgid "" "Treat user and group names as case sensitive. Possible option values are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3840 +#: sssd.conf.5.xml:3843 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3846 +#: sssd.conf.5.xml:3849 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3849 +#: sssd.conf.5.xml:3852 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -4375,104 +4382,104 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3855 +#: sssd.conf.5.xml:3858 msgid "ldap_search_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3858 +#: sssd.conf.5.xml:3861 msgid "ldap_network_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3861 +#: sssd.conf.5.xml:3864 msgid "ldap_opt_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3864 +#: sssd.conf.5.xml:3867 msgid "ldap_offline_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3867 +#: sssd.conf.5.xml:3870 msgid "ldap_enumeration_refresh_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3870 +#: sssd.conf.5.xml:3873 msgid "ldap_enumeration_refresh_offset" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3873 +#: sssd.conf.5.xml:3876 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3876 +#: sssd.conf.5.xml:3879 msgid "ldap_purge_cache_offset" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3879 +#: sssd.conf.5.xml:3882 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3883 +#: sssd.conf.5.xml:3886 msgid "ldap_krb5_ticket_lifetime" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3886 +#: sssd.conf.5.xml:3889 msgid "ldap_enumeration_search_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3889 +#: sssd.conf.5.xml:3892 msgid "ldap_connection_expire_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3892 +#: sssd.conf.5.xml:3895 msgid "ldap_connection_expire_offset" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3895 +#: sssd.conf.5.xml:3898 msgid "ldap_connection_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3898 sssd-ldap.5.xml:401 +#: sssd.conf.5.xml:3901 sssd-ldap.5.xml:412 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3901 +#: sssd.conf.5.xml:3904 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3904 +#: sssd.conf.5.xml:3907 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3907 +#: sssd.conf.5.xml:3910 msgid "auto_private_groups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3910 +#: sssd.conf.5.xml:3913 msgid "case_sensitive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3915 +#: sssd.conf.5.xml:3918 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -4480,27 +4487,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3922 +#: sssd.conf.5.xml:3925 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3929 +#: sssd.conf.5.xml:3932 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3940 +#: sssd.conf.5.xml:3943 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3941 +#: sssd.conf.5.xml:3944 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3932 +#: sssd.conf.5.xml:3935 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -4510,32 +4517,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3946 +#: sssd.conf.5.xml:3949 msgid "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3950 +#: sssd.conf.5.xml:3953 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3955 +#: sssd.conf.5.xml:3958 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3958 +#: sssd.conf.5.xml:3961 msgid "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3964 +#: sssd.conf.5.xml:3967 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3967 +#: sssd.conf.5.xml:3970 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -4544,19 +4551,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3975 +#: sssd.conf.5.xml:3978 msgid "" "This option's value is inherited by all trusted domains. At the moment it is " "not possible to set a different value per trusted domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3980 +#: sssd.conf.5.xml:3983 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3984 +#: sssd.conf.5.xml:3987 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -4564,12 +4571,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3995 +#: sssd.conf.5.xml:3998 msgid "local_auth_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3998 +#: sssd.conf.5.xml:4001 msgid "" "Local authentication methods policy. Some backends (i.e. LDAP, proxy " "provider) only support a password based authentication, while others can " @@ -4581,7 +4588,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4010 +#: sssd.conf.5.xml:4013 msgid "" "There are three possible values for this option: match, only, " "enable. <quote>match</quote> is used to match offline and online states for " @@ -4593,7 +4600,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4023 +#: sssd.conf.5.xml:4026 msgid "" "The following table shows which authentication methods, if configured " "properly, are currently enabled or disabled for each backend, with the " @@ -4601,42 +4608,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4036 +#: sssd.conf.5.xml:4039 msgid "local_auth_policy = match (default)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4037 +#: sssd.conf.5.xml:4040 msgid "Passkey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4038 +#: sssd.conf.5.xml:4041 msgid "Smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4041 sssd-ldap.5.xml:189 +#: sssd.conf.5.xml:4044 sssd-ldap.5.xml:189 msgid "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4044 sssd-ldap.5.xml:194 +#: sssd.conf.5.xml:4047 sssd-ldap.5.xml:194 msgid "AD" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para> -#: sssd.conf.5.xml:4044 sssd.conf.5.xml:4047 sssd.conf.5.xml:4048 +#: sssd.conf.5.xml:4047 sssd.conf.5.xml:4050 sssd.conf.5.xml:4051 msgid "disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry> -#: sssd.conf.5.xml:4047 +#: sssd.conf.5.xml:4050 msgid "LDAP" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4052 +#: sssd.conf.5.xml:4055 msgid "" "Please note that if local Smartcard authentication is enabled and a " "Smartcard is present, Smartcard authentication will be preferred over the " @@ -4645,7 +4652,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4064 +#: sssd.conf.5.xml:4067 #, no-wrap msgid "" "[domain/shadowutils]\n" @@ -4656,7 +4663,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4060 +#: sssd.conf.5.xml:4063 msgid "" "The following configuration example allows local users to authenticate " "locally using any enabled method (i.e. smartcard, passkey). <placeholder " @@ -4664,36 +4671,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4072 +#: sssd.conf.5.xml:4075 msgid "" "It is expected that the <quote>files</quote> provider ignores the " "local_auth_policy option and supports Smartcard authentication by default." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4077 +#: sssd.conf.5.xml:4080 msgid "Default: match" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4082 +#: sssd.conf.5.xml:4085 msgid "auto_private_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4088 +#: sssd.conf.5.xml:4091 msgid "true" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4091 +#: sssd.conf.5.xml:4094 msgid "" "Create user's private group unconditionally from user's UID number. The GID " "number is ignored in this case." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4095 +#: sssd.conf.5.xml:4098 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -4702,24 +4709,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4104 +#: sssd.conf.5.xml:4107 msgid "false" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4107 +#: sssd.conf.5.xml:4110 msgid "" "Always use the user's primary GID number. The GID number must refer to a " "group object in the LDAP database." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4113 +#: sssd.conf.5.xml:4116 msgid "hybrid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4116 +#: sssd.conf.5.xml:4119 msgid "" "A primary group is autogenerated for user entries whose UID and GID numbers " "have the same value and at the same time the GID number does not correspond " @@ -4729,14 +4736,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4129 +#: sssd.conf.5.xml:4132 msgid "" "If the UID and GID of a user are different, then the GID must correspond to " "a group entry, otherwise the GID is simply not resolvable." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4136 +#: sssd.conf.5.xml:4139 msgid "" "This feature is useful for environments that wish to stop maintaining a " "separate group objects for the user private groups, but also wish to retain " @@ -4744,21 +4751,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4085 +#: sssd.conf.5.xml:4088 msgid "" "This option takes any of three available values: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4148 +#: sssd.conf.5.xml:4151 msgid "" "For subdomains, the default value is False for subdomains that use assigned " "POSIX IDs and True for subdomains that use automatic ID-mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4156 +#: sssd.conf.5.xml:4159 #, no-wrap msgid "" "[domain/forest.domain/sub.domain]\n" @@ -4766,7 +4773,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4162 +#: sssd.conf.5.xml:4165 #, no-wrap msgid "" "[domain/forest.domain]\n" @@ -4775,7 +4782,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4153 +#: sssd.conf.5.xml:4156 msgid "" "The value of auto_private_groups can either be set per subdomains in a " "subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " @@ -4784,7 +4791,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2552 +#: sssd.conf.5.xml:2555 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called " @@ -4793,17 +4800,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4177 +#: sssd.conf.5.xml:4180 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4180 +#: sssd.conf.5.xml:4183 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4183 +#: sssd.conf.5.xml:4186 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here. As an alternative you can " @@ -4811,12 +4818,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4193 +#: sssd.conf.5.xml:4196 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4196 +#: sssd.conf.5.xml:4199 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -4824,12 +4831,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4206 +#: sssd.conf.5.xml:4209 msgid "proxy_resolver_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4209 +#: sssd.conf.5.xml:4212 msgid "" "The name of the NSS library to use for hosts and networks lookups in proxy " "domains. The NSS functions searched for in the library are in the form of " @@ -4837,12 +4844,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4220 +#: sssd.conf.5.xml:4223 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4223 +#: sssd.conf.5.xml:4226 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -4851,12 +4858,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4237 +#: sssd.conf.5.xml:4240 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4240 +#: sssd.conf.5.xml:4243 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -4864,19 +4871,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4173 +#: sssd.conf.5.xml:4176 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" " "id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:4256 +#: sssd.conf.5.xml:4259 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4258 +#: sssd.conf.5.xml:4261 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> " "<refentrytitle>sssd-ifp</refentrytitle> <manvolnum>5</manvolnum> " @@ -4894,7 +4901,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4278 +#: sssd.conf.5.xml:4281 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -4902,17 +4909,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:4284 +#: sssd.conf.5.xml:4287 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4286 +#: sssd.conf.5.xml:4289 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4289 +#: sssd.conf.5.xml:4292 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -4921,7 +4928,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4303 +#: sssd.conf.5.xml:4306 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -4931,7 +4938,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:4311 +#: sssd.conf.5.xml:4314 #, no-wrap msgid "" "[sssd]\n" @@ -4951,12 +4958,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4331 +#: sssd.conf.5.xml:4334 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4333 +#: sssd.conf.5.xml:4336 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called " @@ -4967,69 +4974,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4340 +#: sssd.conf.5.xml:4343 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4341 +#: sssd.conf.5.xml:4344 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4342 +#: sssd.conf.5.xml:4345 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4343 +#: sssd.conf.5.xml:4346 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4344 +#: sssd.conf.5.xml:4347 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4345 +#: sssd.conf.5.xml:4348 msgid "ldap_sasl_mech," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4346 +#: sssd.conf.5.xml:4349 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4347 +#: sssd.conf.5.xml:4350 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4348 +#: sssd.conf.5.xml:4351 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4349 sssd-ipa.5.xml:884 +#: sssd.conf.5.xml:4352 sssd-ipa.5.xml:948 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4353 +#: sssd.conf.5.xml:4356 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4359 +#: sssd.conf.5.xml:4362 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4361 +#: sssd.conf.5.xml:4364 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -5043,7 +5050,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4375 +#: sssd.conf.5.xml:4378 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -5051,7 +5058,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4384 +#: sssd.conf.5.xml:4387 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like " @@ -5060,55 +5067,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4391 +#: sssd.conf.5.xml:4394 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4394 +#: sssd.conf.5.xml:4397 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4398 +#: sssd.conf.5.xml:4401 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4405 +#: sssd.conf.5.xml:4408 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4408 +#: sssd.conf.5.xml:4411 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4414 +#: sssd.conf.5.xml:4417 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4420 +#: sssd.conf.5.xml:4423 msgid "" -"The RULE_NAME for the <quote>files</quote> provider which tries to find a " -"user with the same name." +"If maprule is not set and provider is <quote>proxy</quote><phrase " +"condition=\"with_files_provider\">  or <quote>files</quote></phrase>, " +"the RULE_NAME name is assumed to be the name of the matching user." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4429 +#: sssd.conf.5.xml:4434 msgid "domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4432 +#: sssd.conf.5.xml:4437 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -5117,17 +5125,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4439 +#: sssd.conf.5.xml:4444 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4444 +#: sssd.conf.5.xml:4449 msgid "priority (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4447 +#: sssd.conf.5.xml:4452 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -5135,26 +5143,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4453 +#: sssd.conf.5.xml:4458 msgid "Default: the lowest priority" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4459 +#: sssd.conf.5.xml:4464 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4465 +#: sssd.conf.5.xml:4470 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4471 +#: sssd.conf.5.xml:4476 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like " @@ -5163,17 +5171,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4480 +#: sssd.conf.5.xml:4485 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4488 +#: sssd.conf.5.xml:4493 msgid "PROMPTING CONFIGURATION SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4490 +#: sssd.conf.5.xml:4495 msgid "" "If a special file " "(<filename>/var/lib/sss/pubconf/pam_preauth_available</filename>) exists " @@ -5183,7 +5191,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4498 +#: sssd.conf.5.xml:4503 msgid "" "With the growing number of authentication methods and the possibility that " "there are multiple ones for a single user the heuristic used by pam_sss to " @@ -5192,59 +5200,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4510 +#: sssd.conf.5.xml:4515 msgid "[prompting/password]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4513 +#: sssd.conf.5.xml:4518 msgid "password_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4514 +#: sssd.conf.5.xml:4519 msgid "to change the string of the password prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4512 +#: sssd.conf.5.xml:4517 msgid "" "to configure password prompting, allowed options are: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4522 +#: sssd.conf.5.xml:4527 msgid "[prompting/2fa]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4526 +#: sssd.conf.5.xml:4531 msgid "first_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4527 +#: sssd.conf.5.xml:4532 msgid "to change the string of the prompt for the first factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4530 +#: sssd.conf.5.xml:4535 msgid "second_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4531 +#: sssd.conf.5.xml:4536 msgid "to change the string of the prompt for the second factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4534 +#: sssd.conf.5.xml:4539 msgid "single_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4535 +#: sssd.conf.5.xml:4540 msgid "" "boolean value, if True there will be only a single prompt using the value of " "first_prompt where it is expected that both factors are entered as a single " @@ -5253,7 +5261,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4524 +#: sssd.conf.5.xml:4529 msgid "" "to configure two-factor authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/> If the second factor is " @@ -5262,7 +5270,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4548 +#: sssd.conf.5.xml:4553 msgid "" "Some clients, such as SSH with 'PasswordAuthentication yes', generate their " "own prompts and do not use prompts provided by SSSD or other PAM " @@ -5273,17 +5281,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4563 +#: sssd.conf.5.xml:4568 msgid "[prompting/passkey]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4569 sssd-ad.5.xml:1022 +#: sssd.conf.5.xml:4574 sssd-ad.5.xml:1022 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4571 +#: sssd.conf.5.xml:4576 msgid "" "boolean value, if True prompt a message and wait before testing the presence " "of a passkey device. Recommended if your device doesn’t have a tactile " @@ -5291,46 +5299,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4579 +#: sssd.conf.5.xml:4584 msgid "interactive_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4581 +#: sssd.conf.5.xml:4586 msgid "to change the message of the interactive prompt." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4586 +#: sssd.conf.5.xml:4591 msgid "touch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4588 +#: sssd.conf.5.xml:4593 msgid "" "boolean value, if True prompt a message to remind the user to touch the " "device." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4594 +#: sssd.conf.5.xml:4599 msgid "touch_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4596 +#: sssd.conf.5.xml:4601 msgid "to change the message of the touch prompt." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4565 +#: sssd.conf.5.xml:4570 msgid "" "to configure passkey authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4505 +#: sssd.conf.5.xml:4510 msgid "" "Each supported authentication method has its own configuration subsection " "under <quote>[prompting/...]</quote>. Currently there are: <placeholder " @@ -5339,7 +5347,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4607 +#: sssd.conf.5.xml:4612 msgid "" "It is possible to add a subsection for specific PAM services, " "e.g. <quote>[prompting/password/sshd]</quote> to individual change the " @@ -5347,12 +5355,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4614 pam_sss_gss.8.xml:157 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:4619 pam_sss_gss.8.xml:157 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4620 +#: sssd.conf.5.xml:4625 #, no-wrap msgid "" "[sssd]\n" @@ -5381,7 +5389,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4616 +#: sssd.conf.5.xml:4621 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -5390,7 +5398,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4652 +#: sssd.conf.5.xml:4657 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -5398,7 +5406,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4646 +#: sssd.conf.5.xml:4651 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -5409,7 +5417,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4663 +#: sssd.conf.5.xml:4668 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -5420,7 +5428,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4657 +#: sssd.conf.5.xml:4662 msgid "" "3. The following example shows the configuration of a certificate mapping " "rule. It is valid for the configured domain <quote>my.domain</quote> and " @@ -5691,8 +5699,17 @@ msgstr "" msgid "ldap_modify - Direct modification of userPassword (not recommended)." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:239 +msgid "" +"exop_force - Try Password Modify Extended Operation (RFC 3062) even if there " +"are no grace logins left. Depending on the type and configuration of the " +"LDAP server the password change might fail because an authenticated bind is " +"not possible." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:240 +#: sssd-ldap.5.xml:251 msgid "" "Note: First, a new connection is established to verify current password by " "binding as the user that requested password change. If successful, this " @@ -5701,74 +5718,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:248 +#: sssd-ldap.5.xml:259 msgid "Default: exop" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:265 msgid "ldap_default_bind_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:268 msgid "The default bind DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:264 +#: sssd-ldap.5.xml:275 msgid "ldap_default_authtok_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:267 +#: sssd-ldap.5.xml:278 msgid "The type of the authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:271 +#: sssd-ldap.5.xml:282 msgid "The two mechanisms currently supported are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:274 +#: sssd-ldap.5.xml:285 msgid "password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:288 msgid "obfuscated_password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:291 msgid "Default: password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:283 +#: sssd-ldap.5.xml:294 msgid "" "See the <citerefentry> <refentrytitle>sss_obfuscate</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> manual page for more information." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:294 +#: sssd-ldap.5.xml:305 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 +#: sssd-ldap.5.xml:308 msgid "The authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:314 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:317 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -5777,24 +5794,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:319 +#: sssd-ldap.5.xml:330 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:322 +#: sssd-ldap.5.xml:333 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:349 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:341 +#: sssd-ldap.5.xml:352 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -5802,7 +5819,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:358 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -5811,12 +5828,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:367 +#: sssd-ldap.5.xml:378 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:370 +#: sssd-ldap.5.xml:381 msgid "" "If ldap_schema is set to a schema format that supports nested groups " "(e.g. RFC2307bis), then this option controls how many levels of nesting SSSD " @@ -5824,7 +5841,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:377 +#: sssd-ldap.5.xml:388 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5834,7 +5851,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:397 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5844,67 +5861,67 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:395 +#: sssd-ldap.5.xml:406 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 +#: sssd-ldap.5.xml:415 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:414 +#: sssd-ldap.5.xml:425 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:420 +#: sssd-ldap.5.xml:431 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:423 +#: sssd-ldap.5.xml:434 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:427 sssd-ipa.5.xml:462 sssd-ipa.5.xml:481 sssd-ipa.5.xml:500 -#: sssd-ipa.5.xml:519 +#: sssd-ldap.5.xml:438 sssd-ipa.5.xml:526 sssd-ipa.5.xml:545 sssd-ipa.5.xml:564 +#: sssd-ipa.5.xml:583 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " "multiple search bases." msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:432 sssd-ipa.5.xml:467 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:443 sssd-ipa.5.xml:531 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:450 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:444 +#: sssd-ldap.5.xml:455 msgid "ldap_iphost_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:449 +#: sssd-ldap.5.xml:460 msgid "ldap_ipnetwork_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:465 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:468 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5912,7 +5929,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:463 +#: sssd-ldap.5.xml:474 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5920,12 +5937,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:480 +#: sssd-ldap.5.xml:491 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:483 +#: sssd-ldap.5.xml:494 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5933,12 +5950,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:501 +#: sssd-ldap.5.xml:512 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:504 +#: sssd-ldap.5.xml:515 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> " @@ -5949,12 +5966,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:532 +#: sssd-ldap.5.xml:543 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:546 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5963,12 +5980,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:566 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:569 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5977,7 +5994,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:577 msgid "" "If the connection is idle (not actively running an operation) within " "<emphasis>ldap_opt_timeout</emphasis> seconds of expiration, then it will be " @@ -5988,36 +6005,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:578 +#: sssd-ldap.5.xml:589 msgid "" "This timeout can be extended of a random value specified by " "<emphasis>ldap_connection_expire_offset</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:588 sssd-ldap.5.xml:631 sssd-ldap.5.xml:1749 +#: sssd-ldap.5.xml:599 sssd-ldap.5.xml:642 sssd-ldap.5.xml:1760 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:594 +#: sssd-ldap.5.xml:605 msgid "ldap_connection_expire_offset (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:597 +#: sssd-ldap.5.xml:608 msgid "" "Random offset between 0 and configured value is added to " "<emphasis>ldap_connection_expire_timeout</emphasis>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:624 msgid "ldap_connection_idle_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 +#: sssd-ldap.5.xml:627 msgid "" "Specifies a timeout (in seconds) that an idle connection to an LDAP server " "will be maintained. If the connection is idle for more than this time then " @@ -6025,29 +6042,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:622 +#: sssd-ldap.5.xml:633 msgid "You can disable this timeout by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:648 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:651 msgid "" "Specify the number of records to retrieve from LDAP in a single " "request. Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:662 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:654 +#: sssd-ldap.5.xml:665 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -6055,7 +6072,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:660 +#: sssd-ldap.5.xml:671 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use " @@ -6063,7 +6080,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:666 +#: sssd-ldap.5.xml:677 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -6071,17 +6088,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:678 +#: sssd-ldap.5.xml:689 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:681 +#: sssd-ldap.5.xml:692 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:684 +#: sssd-ldap.5.xml:695 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -6091,12 +6108,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:699 +#: sssd-ldap.5.xml:710 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 +#: sssd-ldap.5.xml:713 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -6104,17 +6121,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:708 sssd-ldap.5.xml:724 +#: sssd-ldap.5.xml:719 sssd-ldap.5.xml:735 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:715 +#: sssd-ldap.5.xml:726 msgid "ldap_sasl_maxssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:718 +#: sssd-ldap.5.xml:729 msgid "" "When communicating with an LDAP server using SASL, specify the maximal " "security level necessary to establish the connection. The values of this " @@ -6122,12 +6139,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:742 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:734 +#: sssd-ldap.5.xml:745 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -6135,7 +6152,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:740 +#: sssd-ldap.5.xml:751 msgid "" "You can turn off dereference lookups completely by setting the value to " "0. Please note that there are some codepaths in SSSD, like the IPA HBAC " @@ -6146,7 +6163,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:751 +#: sssd-ldap.5.xml:762 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -6155,7 +6172,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 +#: sssd-ldap.5.xml:770 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -6163,12 +6180,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:783 msgid "ldap_ignore_unreadable_references (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 +#: sssd-ldap.5.xml:786 msgid "" "Ignore unreadable LDAP entries referenced in group's member attribute. If " "this parameter is set to false an error will be returned and the operation " @@ -6176,7 +6193,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:782 +#: sssd-ldap.5.xml:793 msgid "" "This parameter may be useful when using the AD provider and the computer " "account that sssd uses to connect to AD does not have access to a particular " @@ -6184,26 +6201,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:795 +#: sssd-ldap.5.xml:806 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:798 +#: sssd-ldap.5.xml:809 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 +#: sssd-ldap.5.xml:815 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:808 +#: sssd-ldap.5.xml:819 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6211,7 +6228,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:826 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6219,7 +6236,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:821 +#: sssd-ldap.5.xml:832 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -6227,41 +6244,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:838 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:831 +#: sssd-ldap.5.xml:842 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:837 +#: sssd-ldap.5.xml:848 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:840 +#: sssd-ldap.5.xml:851 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 sssd-ldap.5.xml:864 sssd-ldap.5.xml:905 +#: sssd-ldap.5.xml:856 sssd-ldap.5.xml:875 sssd-ldap.5.xml:916 msgid "" "Default: use OpenLDAP defaults, typically in " "<filename>/etc/openldap/ldap.conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:852 +#: sssd-ldap.5.xml:863 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:866 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -6271,32 +6288,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:871 +#: sssd-ldap.5.xml:882 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:885 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 +#: sssd-ldap.5.xml:895 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:898 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:907 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:910 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -6304,12 +6321,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 +#: sssd-ldap.5.xml:923 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:926 msgid "" "Specifies that the id_provider connection must also use <systemitem " "class=\"protocol\">tls</systemitem> to protect the channel. " @@ -6317,12 +6334,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:937 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:940 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -6330,17 +6347,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:946 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:945 +#: sssd-ldap.5.xml:956 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:959 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -6351,24 +6368,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:960 +#: sssd-ldap.5.xml:971 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:966 +#: sssd-ldap.5.xml:977 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:969 +#: sssd-ldap.5.xml:980 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " "tested and supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 +#: sssd-ldap.5.xml:984 msgid "" "If the backend supports sub-domains the value of ldap_sasl_mech is " "automatically inherited to the sub-domains. If a different value is needed " @@ -6379,12 +6396,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:989 +#: sssd-ldap.5.xml:1000 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1001 +#: sssd-ldap.5.xml:1012 #, no-wrap msgid "" "hostname@REALM\n" @@ -6397,7 +6414,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:992 +#: sssd-ldap.5.xml:1003 msgid "" "Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " "this represents the Kerberos principal used for authentication to the " @@ -6409,17 +6426,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1012 +#: sssd-ldap.5.xml:1023 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1018 +#: sssd-ldap.5.xml:1029 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1032 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6427,49 +6444,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1038 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 +#: sssd-ldap.5.xml:1044 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 +#: sssd-ldap.5.xml:1047 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1041 +#: sssd-ldap.5.xml:1052 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1047 +#: sssd-ldap.5.xml:1058 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1050 +#: sssd-ldap.5.xml:1061 msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 sssd-krb5.5.xml:247 +#: sssd-ldap.5.xml:1070 sssd-krb5.5.xml:247 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 +#: sssd-ldap.5.xml:1076 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 +#: sssd-ldap.5.xml:1079 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -6477,29 +6494,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1080 +#: sssd-ldap.5.xml:1091 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1094 msgid "" "Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is " "used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1092 sssd-ad.5.xml:1253 +#: sssd-ldap.5.xml:1103 sssd-ad.5.xml:1256 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1098 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1109 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1101 +#: sssd-ldap.5.xml:1112 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of " @@ -6511,7 +6528,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1113 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1124 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6519,7 +6536,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1118 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1129 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of " "SSSD. While the legacy name is recognized for the time being, users are " @@ -6528,39 +6545,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1127 sssd-ipa.5.xml:531 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1138 sssd-ipa.5.xml:595 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1130 +#: sssd-ldap.5.xml:1141 msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1134 +#: sssd-ldap.5.xml:1145 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1140 include/krb5_options.xml:154 +#: sssd-ldap.5.xml:1151 include/krb5_options.xml:154 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1143 +#: sssd-ldap.5.xml:1154 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1155 sssd-krb5.5.xml:336 +#: sssd-ldap.5.xml:1166 sssd-krb5.5.xml:336 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1158 sssd-krb5.5.xml:339 +#: sssd-ldap.5.xml:1169 sssd-krb5.5.xml:339 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -6570,7 +6587,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 sssd-krb5.5.xml:350 +#: sssd-ldap.5.xml:1180 sssd-krb5.5.xml:350 msgid "" "See the <citerefentry> " "<refentrytitle>sssd_krb5_locator_plugin</refentrytitle> " @@ -6579,26 +6596,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1183 +#: sssd-ldap.5.xml:1194 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1186 +#: sssd-ldap.5.xml:1197 msgid "" "Select the policy to evaluate the password expiration on the client " "side. The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1202 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1196 +#: sssd-ldap.5.xml:1207 msgid "" "<emphasis>shadow</emphasis> - Use " "<citerefentry><refentrytitle>shadow</refentrytitle> " @@ -6608,7 +6625,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1204 +#: sssd-ldap.5.xml:1215 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -6616,31 +6633,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1213 +#: sssd-ldap.5.xml:1224 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1232 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1235 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 +#: sssd-ldap.5.xml:1239 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1233 +#: sssd-ldap.5.xml:1244 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6653,51 +6670,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1263 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1255 +#: sssd-ldap.5.xml:1266 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1259 +#: sssd-ldap.5.xml:1270 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1265 +#: sssd-ldap.5.xml:1276 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1279 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 +#: sssd-ldap.5.xml:1284 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1290 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 +#: sssd-ldap.5.xml:1293 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1288 +#: sssd-ldap.5.xml:1299 msgid "" "It is recommend to set this option explicitly if \"ldap_pwd_policy = " "shadow\" is used to let SSSD know if the LDAP server will update " @@ -6706,12 +6723,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1313 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1305 +#: sssd-ldap.5.xml:1316 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6728,12 +6745,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1336 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1328 +#: sssd-ldap.5.xml:1339 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6742,14 +6759,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1332 +#: sssd-ldap.5.xml:1343 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 +#: sssd-ldap.5.xml:1348 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6758,24 +6775,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1345 sssd-ldap.5.xml:1401 +#: sssd-ldap.5.xml:1356 sssd-ldap.5.xml:1412 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1351 +#: sssd-ldap.5.xml:1362 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1354 +#: sssd-ldap.5.xml:1365 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1358 +#: sssd-ldap.5.xml:1369 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6783,19 +6800,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1365 +#: sssd-ldap.5.xml:1376 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1368 +#: sssd-ldap.5.xml:1379 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1373 +#: sssd-ldap.5.xml:1384 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6804,7 +6821,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1380 +#: sssd-ldap.5.xml:1391 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, " "<emphasis>389ds</emphasis>: use the value of ldap_ns_account_lock to check " @@ -6812,7 +6829,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1386 +#: sssd-ldap.5.xml:1397 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6821,7 +6838,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1394 +#: sssd-ldap.5.xml:1405 msgid "" "Please note that the ldap_access_order configuration option " "<emphasis>must</emphasis> include <quote>expire</quote> in order for the " @@ -6829,22 +6846,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1407 +#: sssd-ldap.5.xml:1418 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1410 sssd-ipa.5.xml:356 +#: sssd-ldap.5.xml:1421 sssd-ipa.5.xml:420 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 +#: sssd-ldap.5.xml:1425 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1417 +#: sssd-ldap.5.xml:1428 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6854,7 +6871,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1427 +#: sssd-ldap.5.xml:1438 msgid "" "<emphasis> Please note that this option is superseded by the " "<quote>ppolicy</quote> option and might be removed in a future release. " @@ -6862,7 +6879,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1434 +#: sssd-ldap.5.xml:1445 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6875,12 +6892,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1451 +#: sssd-ldap.5.xml:1462 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 sssd-ipa.5.xml:364 +#: sssd-ldap.5.xml:1466 sssd-ipa.5.xml:428 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6890,31 +6907,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1465 sssd-ipa.5.xml:374 +#: sssd-ldap.5.xml:1476 sssd-ipa.5.xml:438 msgid "" "The difference between these options is the action taken if user password is " "expired:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1470 sssd-ipa.5.xml:379 +#: sssd-ldap.5.xml:1481 sssd-ipa.5.xml:443 msgid "pwd_expire_policy_reject - user is denied to log in," msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1476 sssd-ipa.5.xml:385 +#: sssd-ldap.5.xml:1487 sssd-ipa.5.xml:449 msgid "pwd_expire_policy_warn - user is still able to log in," msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1482 sssd-ipa.5.xml:391 +#: sssd-ldap.5.xml:1493 sssd-ipa.5.xml:455 msgid "" "pwd_expire_policy_renew - user is prompted to change their password " "immediately." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1490 +#: sssd-ldap.5.xml:1501 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to shadow or mit_kerberos, these " @@ -6922,26 +6939,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1507 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1501 +#: sssd-ldap.5.xml:1512 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1505 +#: sssd-ldap.5.xml:1516 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1520 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control " @@ -6949,24 +6966,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1514 +#: sssd-ldap.5.xml:1525 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1528 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1524 +#: sssd-ldap.5.xml:1535 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 +#: sssd-ldap.5.xml:1538 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6975,74 +6992,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:1546 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1538 +#: sssd-ldap.5.xml:1549 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1555 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1558 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1563 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1556 +#: sssd-ldap.5.xml:1567 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1561 +#: sssd-ldap.5.xml:1572 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1566 +#: sssd-ldap.5.xml:1577 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 +#: sssd-ldap.5.xml:1582 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1579 +#: sssd-ldap.5.xml:1590 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1593 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1586 +#: sssd-ldap.5.xml:1597 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -7053,7 +7070,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1597 +#: sssd-ldap.5.xml:1608 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -7061,58 +7078,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1609 sssd-ifp.5.xml:152 +#: sssd-ldap.5.xml:1620 sssd-ifp.5.xml:152 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1612 +#: sssd-ldap.5.xml:1623 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1616 +#: sssd-ldap.5.xml:1627 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1631 msgid "Default: 1000 (often the size of one page)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1626 +#: sssd-ldap.5.xml:1637 msgid "ldap_library_debug_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1629 +#: sssd-ldap.5.xml:1640 msgid "" "Switches on libldap debugging with the given level. The libldap debug " "messages will be written independent of the general debug_level." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1634 +#: sssd-ldap.5.xml:1645 msgid "" "OpenLDAP uses a bitmap to enable debugging for specific components, -1 will " "enable full debug output." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1639 +#: sssd-ldap.5.xml:1650 msgid "Default: 0 (libldap debugging disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1645 +#: sssd-ldap.5.xml:1656 msgid "ldap_use_ppolicy (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1659 msgid "" "Turns on requesting and relying on the server-side password policy " "controls. Disabling this allows interacting with services which send back " @@ -7120,12 +7137,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1671 msgid "ldap_ppolicy_pwd_change_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1663 +#: sssd-ldap.5.xml:1674 msgid "" "Forces a password change when server side password policy controls are " "enabled and remaining grace logins returned by the server after the " @@ -7148,12 +7165,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1683 +#: sssd-ldap.5.xml:1694 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1685 +#: sssd-ldap.5.xml:1696 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -7161,43 +7178,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 +#: sssd-ldap.5.xml:1707 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 +#: sssd-ldap.5.xml:1710 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1715 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval " "</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1709 +#: sssd-ldap.5.xml:1720 msgid "" "You can disable full refresh by setting this option to 0. However, either " "smart or full refresh must be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1725 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1720 +#: sssd-ldap.5.xml:1731 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1734 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest " @@ -7205,14 +7222,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1740 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1733 +#: sssd-ldap.5.xml:1744 msgid "" "<emphasis>Note:</emphasis> the highest USN value can be updated by three " "tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " @@ -7222,19 +7239,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1744 +#: sssd-ldap.5.xml:1755 msgid "" "You can disable smart refresh by setting this option to 0. However, either " "smart or full refresh must be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1755 +#: sssd-ldap.5.xml:1766 msgid "ldap_sudo_random_offset (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1758 +#: sssd-ldap.5.xml:1769 msgid "" "Random offset between 0 and configured value is added to smart and full " "refresh periods each time the periodic task is scheduled. The value is in " @@ -7242,7 +7259,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 +#: sssd-ldap.5.xml:1775 msgid "" "Note that this random offset is also applied on the first SSSD start which " "delays the first sudo rules refresh. This prolongs the time when the sudo " @@ -7250,106 +7267,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1770 +#: sssd-ldap.5.xml:1781 msgid "You can disable this offset by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1780 +#: sssd-ldap.5.xml:1791 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1794 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1794 +#: sssd-ldap.5.xml:1805 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1797 +#: sssd-ldap.5.xml:1808 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1813 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1807 sssd-ldap.5.xml:1830 sssd-ldap.5.xml:1848 -#: sssd-ldap.5.xml:1866 +#: sssd-ldap.5.xml:1818 sssd-ldap.5.xml:1841 sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1877 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is " "<emphasis>false</emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1812 sssd-ldap.5.xml:1835 +#: sssd-ldap.5.xml:1823 sssd-ldap.5.xml:1846 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1818 +#: sssd-ldap.5.xml:1829 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1821 +#: sssd-ldap.5.xml:1832 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1826 +#: sssd-ldap.5.xml:1837 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1841 +#: sssd-ldap.5.xml:1852 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1855 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1870 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1862 +#: sssd-ldap.5.xml:1873 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:1872 +#: sssd-ldap.5.xml:1883 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1884 +#: sssd-ldap.5.xml:1895 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7358,59 +7375,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1894 +#: sssd-ldap.5.xml:1905 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1896 +#: sssd-ldap.5.xml:1907 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1913 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1905 +#: sssd-ldap.5.xml:1916 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1919 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1919 +#: sssd-ldap.5.xml:1930 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1926 +#: sssd-ldap.5.xml:1937 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1931 +#: sssd-ldap.5.xml:1942 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1936 +#: sssd-ldap.5.xml:1947 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:1941 +#: sssd-ldap.5.xml:1952 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:1943 +#: sssd-ldap.5.xml:1954 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -7419,22 +7436,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:1950 +#: sssd-ldap.5.xml:1961 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:1963 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1968 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1921 +#: sssd-ldap.5.xml:1932 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -7443,14 +7460,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1972 sssd-simple.5.xml:131 sssd-ipa.5.xml:930 -#: sssd-ad.5.xml:1392 sssd-krb5.5.xml:483 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:1983 sssd-simple.5.xml:131 sssd-ipa.5.xml:994 +#: sssd-ad.5.xml:1459 sssd-krb5.5.xml:483 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:155 sssd-session-recording.5.xml:176 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1974 +#: sssd-ldap.5.xml:1985 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -7458,7 +7475,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1980 +#: sssd-ldap.5.xml:1991 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7471,27 +7488,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:1979 sssd-ldap.5.xml:1997 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:938 sssd-ad.5.xml:1400 sssd-sudo.5.xml:56 sssd-krb5.5.xml:492 -#: sssd-files.5.xml:162 sssd-files.5.xml:173 sssd-session-recording.5.xml:182 -#: include/ldap_id_mapping.xml:105 +#: sssd-ldap.5.xml:1990 sssd-ldap.5.xml:2008 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:1002 sssd-ad.5.xml:1467 sssd-sudo.5.xml:56 +#: sssd-krb5.5.xml:492 sssd-files.5.xml:162 sssd-files.5.xml:173 +#: sssd-session-recording.5.xml:182 include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1991 +#: sssd-ldap.5.xml:2002 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1993 +#: sssd-ldap.5.xml:2004 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1998 +#: sssd-ldap.5.xml:2009 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7507,13 +7524,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2013 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1415 sssd.8.xml:270 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2024 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1482 sssd.8.xml:270 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2015 +#: sssd-ldap.5.xml:2026 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -9758,7 +9775,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 sssd-ad.5.xml:1182 +#: sssd-ipa.5.xml:129 sssd-ad.5.xml:1185 msgid "dyndns_update (boolean)" msgstr "" @@ -9773,7 +9790,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:141 sssd-ad.5.xml:1196 +#: sssd-ipa.5.xml:141 sssd-ad.5.xml:1199 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -9788,12 +9805,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:158 sssd-ad.5.xml:1207 +#: sssd-ipa.5.xml:158 sssd-ad.5.xml:1210 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:161 sssd-ad.5.xml:1210 +#: sssd-ipa.5.xml:161 sssd-ad.5.xml:1213 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -9814,12 +9831,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:178 sssd-ad.5.xml:1221 +#: sssd-ipa.5.xml:178 sssd-ad.5.xml:1224 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:181 sssd-ad.5.xml:1224 +#: sssd-ipa.5.xml:181 sssd-ad.5.xml:1227 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -9843,17 +9860,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:198 sssd-ad.5.xml:1235 +#: sssd-ipa.5.xml:198 sssd-ad.5.xml:1238 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:204 sssd-ad.5.xml:1291 +#: sssd-ipa.5.xml:204 sssd-ad.5.xml:1294 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:207 sssd-ad.5.xml:1294 +#: sssd-ipa.5.xml:207 sssd-ad.5.xml:1297 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -9861,17 +9878,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:213 sssd-ad.5.xml:1300 +#: sssd-ipa.5.xml:213 sssd-ad.5.xml:1303 msgid "Default: GSS-TSIG" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:219 sssd-ad.5.xml:1306 +#: sssd-ipa.5.xml:219 sssd-ad.5.xml:1309 msgid "dyndns_auth_ptr (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:222 sssd-ad.5.xml:1309 +#: sssd-ipa.5.xml:222 sssd-ad.5.xml:1312 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "PTR updates with the DNS server, insecure updates can be sent by setting " @@ -9879,7 +9896,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:228 sssd-ad.5.xml:1315 +#: sssd-ipa.5.xml:228 sssd-ad.5.xml:1318 msgid "Default: Same as dyndns_auth" msgstr "" @@ -9907,7 +9924,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1241 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1244 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -9920,12 +9937,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:276 sssd-ad.5.xml:1259 +#: sssd-ipa.5.xml:276 sssd-ad.5.xml:1262 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 sssd-ad.5.xml:1262 +#: sssd-ipa.5.xml:279 sssd-ad.5.xml:1265 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -9939,7 +9956,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:290 sssd-ad.5.xml:1267 +#: sssd-ipa.5.xml:290 sssd-ad.5.xml:1270 msgid "" "Note that <emphasis>dyndns_update_per_family</emphasis> parameter does not " "apply for PTR record updates. Those updates are always sent separately." @@ -9951,60 +9968,78 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1278 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1281 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:304 sssd-ad.5.xml:1281 +#: sssd-ipa.5.xml:304 sssd-ad.5.xml:1284 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:308 sssd-ad.5.xml:1285 +#: sssd-ipa.5.xml:308 sssd-ad.5.xml:1288 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:314 sssd-ad.5.xml:1321 +#: sssd-ipa.5.xml:314 sssd-ad.5.xml:1324 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1324 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1327 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 sssd-ad.5.xml:1329 +#: sssd-ipa.5.xml:322 sssd-ad.5.xml:1332 msgid "" "Setting this option makes sense for environments where the DNS server is " -"different from the identity server." +"different from the identity server or when we use encrypted DNS." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:327 sssd-ad.5.xml:1337 +msgid "" +"The parameter can be a simple string containing DNS name or IP address. It " +"can also be an URI. The URI can look like " +"<emphasis>dns://servername/</emphasis> or " +"<emphasis>dns+tls://1.2.3.4:853#servername/</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:334 sssd-ad.5.xml:1344 +msgid "" +"The second example enables DNS-over-TLS protocol for DNS updates. The " +"nsupdate utility must support DoT - check the <emphasis>man " +"nsupdate</emphasis> before enabling it in SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:327 sssd-ad.5.xml:1334 +#: sssd-ipa.5.xml:340 sssd-ad.5.xml:1350 msgid "" "Please note that this option will be only used in fallback attempt when " -"previous attempt using autodetected settings failed." +"previous attempt using autodetected settings failed or when DNS-over-TLS is " +"enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:332 sssd-ad.5.xml:1339 +#: sssd-ipa.5.xml:346 sssd-ad.5.xml:1356 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:338 sssd-ad.5.xml:1345 +#: sssd-ipa.5.xml:352 sssd-ad.5.xml:1362 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:341 sssd-ad.5.xml:1348 +#: sssd-ipa.5.xml:355 sssd-ad.5.xml:1365 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -10012,176 +10047,233 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:353 +#: sssd-ipa.5.xml:367 sssd-ad.5.xml:1377 +msgid "dyndns_dot_cacert (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:370 sssd-ad.5.xml:1380 +msgid "" +"This option specifies the file of the certificate authorities certificates " +"(in PEM format) in order to verify the remote server TLS certificate when " +"using DoT." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:376 sssd-ad.5.xml:1386 +msgid "Default: None (use global certificate store)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:382 sssd-ad.5.xml:1392 +msgid "dyndns_dot_cert (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:385 sssd-ad.5.xml:1395 +msgid "" +"This option sets the certificate(s) file for authentication for the DoT " +"transport to the remote server. The certificate chain file is expected to be " +"in PEM format." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:391 sssd-ad.5.xml:1401 +msgid "" +"The <emphasis>dyndns_dot_cert</emphasis> and " +"<emphasis>dyndns_dot_key</emphasis> options must be both set to achieve " +"mutual TLS authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:396 sssd-ipa.5.xml:411 sssd-ad.5.xml:1406 sssd-ad.5.xml:1421 +msgid "Default: None (Do not use TLS authentication)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:402 sssd-ad.5.xml:1412 +msgid "dyndns_dot_key (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:405 sssd-ad.5.xml:1415 +msgid "" +"This option sets the key file for authenticated encryption for the DoT " +"transport to the remote server. The private key file is expected to be in " +"PEM format." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:417 msgid "ipa_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:360 +#: sssd-ipa.5.xml:424 msgid "<emphasis>expire</emphasis>: use IPA's account expiration policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:399 +#: sssd-ipa.5.xml:463 msgid "" "Please note that 'access_provider = ipa' must be set for this feature to " "work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:406 +#: sssd-ipa.5.xml:470 msgid "ipa_deskprofile_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:409 +#: sssd-ipa.5.xml:473 msgid "" "Optional. Use the given string as search base for Desktop Profile related " "objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:413 sssd-ipa.5.xml:440 +#: sssd-ipa.5.xml:477 sssd-ipa.5.xml:504 msgid "Default: Use base DN" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:419 +#: sssd-ipa.5.xml:483 msgid "ipa_subid_ranges_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:422 +#: sssd-ipa.5.xml:486 msgid "" "Optional. Use the given string as search base for subordinate ranges related " "objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:426 +#: sssd-ipa.5.xml:490 msgid "Default: the value of <emphasis>cn=subids,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:433 +#: sssd-ipa.5.xml:497 msgid "ipa_hbac_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:436 +#: sssd-ipa.5.xml:500 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:446 +#: sssd-ipa.5.xml:510 msgid "ipa_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:449 +#: sssd-ipa.5.xml:513 msgid "Deprecated. Use ldap_host_search_base instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:455 +#: sssd-ipa.5.xml:519 msgid "ipa_selinux_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:458 +#: sssd-ipa.5.xml:522 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:474 +#: sssd-ipa.5.xml:538 msgid "ipa_subdomains_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:477 +#: sssd-ipa.5.xml:541 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 +#: sssd-ipa.5.xml:550 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:493 +#: sssd-ipa.5.xml:557 msgid "ipa_master_domain_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:496 +#: sssd-ipa.5.xml:560 msgid "Optional. Use the given string as search base for master domain object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:505 +#: sssd-ipa.5.xml:569 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 +#: sssd-ipa.5.xml:576 msgid "ipa_views_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 +#: sssd-ipa.5.xml:579 msgid "Optional. Use the given string as search base for views containers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:524 +#: sssd-ipa.5.xml:588 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:534 +#: sssd-ipa.5.xml:598 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:538 +#: sssd-ipa.5.xml:602 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:546 sssd-ad.5.xml:1363 +#: sssd-ipa.5.xml:610 sssd-ad.5.xml:1430 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:549 sssd-ad.5.xml:1366 +#: sssd-ipa.5.xml:613 sssd-ad.5.xml:1433 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:553 sssd-ad.5.xml:1370 +#: sssd-ipa.5.xml:617 sssd-ad.5.xml:1437 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:557 sssd-ad.5.xml:1374 +#: sssd-ipa.5.xml:621 sssd-ad.5.xml:1441 msgid "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:564 +#: sssd-ipa.5.xml:628 msgid "ipa_deskprofile_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:567 +#: sssd-ipa.5.xml:631 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server. This will reduce the latency and load on the IPA server if there " @@ -10189,34 +10281,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:574 sssd-ipa.5.xml:604 sssd-ipa.5.xml:620 sssd-ad.5.xml:600 +#: sssd-ipa.5.xml:638 sssd-ipa.5.xml:668 sssd-ipa.5.xml:684 sssd-ad.5.xml:600 msgid "Default: 5 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:580 +#: sssd-ipa.5.xml:644 msgid "ipa_deskprofile_request_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:583 +#: sssd-ipa.5.xml:647 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server in case the last request did not return any rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:588 +#: sssd-ipa.5.xml:652 msgid "Default: 60 (minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:594 +#: sssd-ipa.5.xml:658 msgid "ipa_hbac_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:597 +#: sssd-ipa.5.xml:661 msgid "" "The amount of time between lookups of the HBAC rules against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -10224,12 +10316,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:610 +#: sssd-ipa.5.xml:674 msgid "ipa_hbac_selinux (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:613 +#: sssd-ipa.5.xml:677 msgid "" "The amount of time between lookups of the SELinux maps against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -10237,33 +10329,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:626 +#: sssd-ipa.5.xml:690 msgid "ipa_server_mode (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:629 +#: sssd-ipa.5.xml:693 msgid "" "This option will be set by the IPA installer (ipa-server-install) " "automatically and denotes if SSSD is running on an IPA server or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:634 +#: sssd-ipa.5.xml:698 msgid "" "On an IPA server SSSD will lookup users and groups from trusted domains " "directly while on a client it will ask an IPA server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:639 +#: sssd-ipa.5.xml:703 msgid "" "NOTE: There are currently some assumptions that must be met when SSSD is " "running on an IPA server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:644 +#: sssd-ipa.5.xml:708 msgid "" "The <quote>ipa_server</quote> option must be configured to point to the IPA " "server itself. This is already the default set by the IPA installer, so no " @@ -10271,59 +10363,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:653 +#: sssd-ipa.5.xml:717 msgid "" "The <quote>full_name_format</quote> option must not be tweaked to only print " "short names for users from trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:668 +#: sssd-ipa.5.xml:732 msgid "ipa_automount_location (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:671 +#: sssd-ipa.5.xml:735 msgid "The automounter location this IPA client will be using" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:674 +#: sssd-ipa.5.xml:738 msgid "Default: The location named \"default\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:682 +#: sssd-ipa.5.xml:746 msgid "VIEWS AND OVERRIDES" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:691 +#: sssd-ipa.5.xml:755 msgid "ipa_view_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:694 +#: sssd-ipa.5.xml:758 msgid "Objectclass of the view container." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:697 +#: sssd-ipa.5.xml:761 msgid "Default: nsContainer" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:703 +#: sssd-ipa.5.xml:767 msgid "ipa_view_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:706 +#: sssd-ipa.5.xml:770 msgid "Name of the attribute holding the name of the view." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:710 sssd-ldap-attributes.5.xml:496 +#: sssd-ipa.5.xml:774 sssd-ldap-attributes.5.xml:496 #: sssd-ldap-attributes.5.xml:832 sssd-ldap-attributes.5.xml:913 #: sssd-ldap-attributes.5.xml:1010 sssd-ldap-attributes.5.xml:1068 #: sssd-ldap-attributes.5.xml:1226 sssd-ldap-attributes.5.xml:1271 @@ -10331,128 +10423,128 @@ msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:716 +#: sssd-ipa.5.xml:780 msgid "ipa_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:719 +#: sssd-ipa.5.xml:783 msgid "Objectclass of the override objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:722 +#: sssd-ipa.5.xml:786 msgid "Default: ipaOverrideAnchor" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:728 +#: sssd-ipa.5.xml:792 msgid "ipa_anchor_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:731 +#: sssd-ipa.5.xml:795 msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:735 +#: sssd-ipa.5.xml:799 msgid "Default: ipaAnchorUUID" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:741 +#: sssd-ipa.5.xml:805 msgid "ipa_user_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:744 +#: sssd-ipa.5.xml:808 msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:749 +#: sssd-ipa.5.xml:813 msgid "User overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:752 +#: sssd-ipa.5.xml:816 msgid "ldap_user_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:755 +#: sssd-ipa.5.xml:819 msgid "ldap_user_uid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:758 +#: sssd-ipa.5.xml:822 msgid "ldap_user_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:761 +#: sssd-ipa.5.xml:825 msgid "ldap_user_gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:764 +#: sssd-ipa.5.xml:828 msgid "ldap_user_home_directory" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:767 +#: sssd-ipa.5.xml:831 msgid "ldap_user_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:770 +#: sssd-ipa.5.xml:834 msgid "ldap_user_ssh_public_key" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:775 +#: sssd-ipa.5.xml:839 msgid "Default: ipaUserOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:781 +#: sssd-ipa.5.xml:845 msgid "ipa_group_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:784 +#: sssd-ipa.5.xml:848 msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:789 +#: sssd-ipa.5.xml:853 msgid "Group overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:792 +#: sssd-ipa.5.xml:856 msgid "ldap_group_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:795 +#: sssd-ipa.5.xml:859 msgid "ldap_group_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:800 +#: sssd-ipa.5.xml:864 msgid "Default: ipaGroupOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:684 +#: sssd-ipa.5.xml:748 msgid "" "SSSD can handle views and overrides which are offered by FreeIPA 4.1 and " "later version. Since all paths and objectclasses are fixed on the server " @@ -10462,19 +10554,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:812 +#: sssd-ipa.5.xml:876 msgid "SUBDOMAINS PROVIDER" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:814 +#: sssd-ipa.5.xml:878 msgid "" "The IPA subdomains provider behaves slightly differently if it is configured " "explicitly or implicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:818 +#: sssd-ipa.5.xml:882 msgid "" "If the option 'subdomains_provider = ipa' is found in the domain section of " "sssd.conf, the IPA subdomains provider is configured explicitly, and all " @@ -10482,7 +10574,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:824 +#: sssd-ipa.5.xml:888 msgid "" "If the option 'subdomains_provider' is not set in the domain section of " "sssd.conf but there is the option 'id_provider = ipa', the IPA subdomains " @@ -10494,12 +10586,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:835 +#: sssd-ipa.5.xml:899 msgid "TRUSTED DOMAINS CONFIGURATION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:843 +#: sssd-ipa.5.xml:907 #, no-wrap msgid "" "[domain/ipa.domain.com/ad.domain.com]\n" @@ -10507,7 +10599,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:837 +#: sssd-ipa.5.xml:901 msgid "" "Some configuration options can also be set for a trusted domain. A trusted " "domain configuration can be set using the trusted domain subsection as shown " @@ -10517,7 +10609,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:848 +#: sssd-ipa.5.xml:912 msgid "" "For more details, see the <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> " @@ -10525,71 +10617,71 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:855 +#: sssd-ipa.5.xml:919 msgid "" "Different configuration options are tunable for a trusted domain depending " "on whether you are configuring SSSD on an IPA server or an IPA client." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:860 +#: sssd-ipa.5.xml:924 msgid "OPTIONS TUNABLE ON IPA MASTERS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:862 +#: sssd-ipa.5.xml:926 msgid "The following options can be set in a subdomain section on an IPA master:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:866 sssd-ipa.5.xml:896 +#: sssd-ipa.5.xml:930 sssd-ipa.5.xml:960 msgid "ad_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:869 +#: sssd-ipa.5.xml:933 msgid "ad_backup_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:872 sssd-ipa.5.xml:899 +#: sssd-ipa.5.xml:936 sssd-ipa.5.xml:963 msgid "ad_site" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:875 +#: sssd-ipa.5.xml:939 msgid "ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:878 +#: sssd-ipa.5.xml:942 msgid "ldap_user_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:881 +#: sssd-ipa.5.xml:945 msgid "ldap_group_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:890 +#: sssd-ipa.5.xml:954 msgid "OPTIONS TUNABLE ON IPA CLIENTS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:892 +#: sssd-ipa.5.xml:956 msgid "The following options can be set in a subdomain section on an IPA client:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:904 +#: sssd-ipa.5.xml:968 msgid "" "Note that if both options are set, only <quote>ad_server</quote> is " "evaluated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:908 +#: sssd-ipa.5.xml:972 msgid "" "Since any request for a user or a group identity from a trusted domain " "triggered from an IPA client is resolved by the IPA server, the " @@ -10604,7 +10696,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:932 +#: sssd-ipa.5.xml:996 msgid "" "The following example assumes that SSSD is correctly configured and " "example.com is one of the domains in the <replaceable>[sssd]</replaceable> " @@ -10612,7 +10704,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:939 +#: sssd-ipa.5.xml:1003 #, no-wrap msgid "" "[domain/example.com]\n" @@ -11738,6 +11830,11 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:1136 +msgid "This option is deprecated." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1139 msgid "" "If this option is set to <quote>true</quote> SSSD will not filter out Domain " "Local groups from remote domains in the AD forest. By default they are " @@ -11748,7 +11845,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1146 +#: sssd-ad.5.xml:1149 msgid "" "Please note that setting this option to <quote>true</quote> will be against " "the intention of Domain Local group in Active Directory and <emphasis>SHOULD " @@ -11763,7 +11860,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1162 +#: sssd-ad.5.xml:1165 msgid "" "Given the comments above, if this option is set to <quote>true</quote> the " "tokenGroups request must be disabled by setting " @@ -11776,7 +11873,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1185 +#: sssd-ad.5.xml:1188 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -11787,19 +11884,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1215 +#: sssd-ad.5.xml:1218 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1231 +#: sssd-ad.5.xml:1234 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1244 +#: sssd-ad.5.xml:1247 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -11809,7 +11906,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1394 +#: sssd-ad.5.xml:1461 msgid "" "The following example assumes that SSSD is correctly configured and " "example.com is one of the domains in the <replaceable>[sssd]</replaceable> " @@ -11817,7 +11914,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1401 +#: sssd-ad.5.xml:1468 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -11832,7 +11929,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1421 +#: sssd-ad.5.xml:1488 #, no-wrap msgid "" "access_provider = ldap\n" @@ -11841,7 +11938,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1417 +#: sssd-ad.5.xml:1484 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -11849,7 +11946,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1427 +#: sssd-ad.5.xml:1494 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -11859,7 +11956,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1435 +#: sssd-ad.5.xml:1502 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -17444,7 +17541,7 @@ msgstr "" #: include/ldap_id_mapping.xml:67 msgid "" "The SSSD ID-mapping algorithm takes a range of available UIDs and divides it " -"into equally-sized component sections - called \"slices\"-. Each slice " +"into equally-sized component sections - called \"slices\". Each slice " "represents the space available to an Active Directory domain." msgstr "" @@ -17590,7 +17687,7 @@ msgid "" "For example, if your most recently-added Active Directory user has " "objectSid=S-1-5-21-2153326666-2176343378-3404031434-1107, " "<quote>ldap_idmap_range_size</quote> must be at least 1108 as range size is " -"equal to maximal SID minus minimal SID plus one (e.g. 1108 = 1107 - 0 + 1)." +"equal to maximal RID minus minimal RID plus one (e.g. 1108 = 1107 - 0 + 1)." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> diff --git a/src/man/po/sv.po b/src/man/po/sv.po index fc288f200e5..bf4444e61ab 100644 --- a/src/man/po/sv.po +++ b/src/man/po/sv.po @@ -6,7 +6,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 2.3.0\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2024-10-15 11:44+0200\n" +"POT-Creation-Date: 2024-12-10 14:33+0100\n" "PO-Revision-Date: 2024-09-02 11:38+0000\n" "Last-Translator: Göran Uddeborg <goeran@uddeborg.se>\n" "Language-Team: Swedish <https://translate.fedoraproject.org/projects/sssd/" @@ -130,21 +130,26 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:60 +#, fuzzy +#| msgid "" +#| "<filename>sssd.conf</filename> must be a regular file that is owned, " +#| "readable, and writeable by the same user as configured to run SSSD " +#| "service." msgid "" -"<filename>sssd.conf</filename> must be a regular file that is owned, " -"readable, and writeable by the same user as configured to run SSSD service." +"<filename>sssd.conf</filename> must be a regular file that is accessible " +"only by the user used to run SSSD service or root." msgstr "" "<filename>sssd.conf</filename> måste vara en normal fil, som ägs av, är " "läsbar och skrivbar av samma användare som är konfigurerad att köra tjänsten " "SSSD." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:67 +#: sssd.conf.5.xml:66 msgid "CONFIGURATION SNIPPETS FROM INCLUDE DIRECTORY" msgstr "KONFIGURATIONSSNUTTAR FRÅN EN INCLUDE-KATALOG" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:70 +#: sssd.conf.5.xml:69 msgid "" "The configuration file <filename>sssd.conf</filename> will include " "configuration snippets using the include directory <filename>conf.d</" @@ -154,7 +159,7 @@ msgstr "" "konfigurationssnuttar från include-katalogen <filename>conf.d</filename>." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:76 +#: sssd.conf.5.xml:75 msgid "" "Any file placed in <filename>conf.d</filename> that ends in " "<quote><filename>.conf</filename></quote> and does not begin with a dot " @@ -167,7 +172,7 @@ msgstr "" "konfigurera SSSD." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:84 +#: sssd.conf.5.xml:83 msgid "" "The configuration snippets from <filename>conf.d</filename> have higher " "priority than <filename>sssd.conf</filename> and will override " @@ -188,7 +193,7 @@ msgstr "" "prioritet)." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:98 +#: sssd.conf.5.xml:97 msgid "" "The snippet files require the same owner and permissions as <filename>sssd." "conf</filename>." @@ -197,32 +202,32 @@ msgstr "" "filename>." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:104 +#: sssd.conf.5.xml:103 msgid "GENERAL OPTIONS" msgstr "ALLMÄNNA FLAGGOR" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:106 +#: sssd.conf.5.xml:105 msgid "Following options are usable in more than one configuration sections." msgstr "Följande flaggor är användbara i mer än en konfigurationssektion." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:110 +#: sssd.conf.5.xml:109 msgid "Options usable in all sections" msgstr "Flaggor användbara i alla sektioner" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:114 +#: sssd.conf.5.xml:113 msgid "debug_level (integer)" msgstr "debug_level (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:118 +#: sssd.conf.5.xml:117 msgid "debug (integer)" msgstr "debug (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:121 +#: sssd.conf.5.xml:120 msgid "" "SSSD 1.14 and later also includes the <replaceable>debug</replaceable> alias " "for <replaceable>debug_level</replaceable> as a convenience feature. If both " @@ -235,12 +240,12 @@ msgstr "" "replaceable> användas." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:131 +#: sssd.conf.5.xml:130 msgid "debug_timestamps (bool)" msgstr "debug_timestamps (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:134 +#: sssd.conf.5.xml:133 msgid "" "Add a timestamp to the debug messages. If journald is enabled for SSSD " "debug logging this option is ignored." @@ -249,23 +254,23 @@ msgstr "" "aktiverat för SSSD-felsökningsloggning ignoreras denna flagga." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 sssd.conf.5.xml:176 sssd.conf.5.xml:338 -#: sssd.conf.5.xml:698 sssd.conf.5.xml:713 sssd.conf.5.xml:923 -#: sssd.conf.5.xml:1041 sssd.conf.5.xml:2169 sssd-ldap.5.xml:920 -#: sssd-ldap.5.xml:1074 sssd-ldap.5.xml:1177 sssd-ldap.5.xml:1246 -#: sssd-ldap.5.xml:1654 sssd-ldap.5.xml:1788 sssd-ldap.5.xml:1853 -#: sssd-ipa.5.xml:347 sssd-ad.5.xml:252 sssd-ad.5.xml:367 sssd-ad.5.xml:1201 -#: sssd-ad.5.xml:1354 sssd-krb5.5.xml:358 +#: sssd.conf.5.xml:138 sssd.conf.5.xml:175 sssd.conf.5.xml:337 +#: sssd.conf.5.xml:701 sssd.conf.5.xml:716 sssd.conf.5.xml:926 +#: sssd.conf.5.xml:1044 sssd.conf.5.xml:2172 sssd-ldap.5.xml:931 +#: sssd-ldap.5.xml:1085 sssd-ldap.5.xml:1188 sssd-ldap.5.xml:1257 +#: sssd-ldap.5.xml:1665 sssd-ldap.5.xml:1799 sssd-ldap.5.xml:1864 +#: sssd-ipa.5.xml:361 sssd-ad.5.xml:252 sssd-ad.5.xml:367 sssd-ad.5.xml:1204 +#: sssd-ad.5.xml:1371 sssd-krb5.5.xml:358 msgid "Default: true" msgstr "Standard: true" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:144 +#: sssd.conf.5.xml:143 msgid "debug_microseconds (bool)" msgstr "debug_microseconds (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:147 +#: sssd.conf.5.xml:146 msgid "" "Add microseconds to the timestamp in debug messages. If journald is enabled " "for SSSD debug logging this option is ignored." @@ -274,27 +279,27 @@ msgstr "" "journald är aktiverat för SSSD-felsökningsloggning ignoreras denna flagga." #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:152 sssd.conf.5.xml:636 sssd.conf.5.xml:920 -#: sssd.conf.5.xml:2072 sssd.conf.5.xml:2139 sssd.conf.5.xml:4231 -#: sssd-ldap.5.xml:313 sssd-ldap.5.xml:939 sssd-ldap.5.xml:1149 -#: sssd-ldap.5.xml:1603 sssd-ldap.5.xml:1877 sssd-ipa.5.xml:152 -#: sssd-ipa.5.xml:254 sssd-ipa.5.xml:662 sssd-ad.5.xml:1107 sssd-krb5.5.xml:268 +#: sssd.conf.5.xml:151 sssd.conf.5.xml:639 sssd.conf.5.xml:923 +#: sssd.conf.5.xml:2075 sssd.conf.5.xml:2142 sssd.conf.5.xml:4234 +#: sssd-ldap.5.xml:324 sssd-ldap.5.xml:950 sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1888 sssd-ipa.5.xml:152 +#: sssd-ipa.5.xml:254 sssd-ipa.5.xml:726 sssd-ad.5.xml:1107 sssd-krb5.5.xml:268 #: sssd-krb5.5.xml:330 sssd-krb5.5.xml:432 include/krb5_options.xml:163 msgid "Default: false" msgstr "Standard: false" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:157 +#: sssd.conf.5.xml:156 msgid "debug_backtrace_enabled (bool)" msgstr "debug_backtrace_enabled (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:160 +#: sssd.conf.5.xml:159 msgid "Enable debug backtrace." msgstr "Aktivera felsökningsspårning." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:163 +#: sssd.conf.5.xml:162 msgid "" "In case SSSD is run with debug_level less than 9, everything is logged to a " "ring buffer in memory and flushed to a log file on any error up to and " @@ -309,7 +314,7 @@ msgstr "" "annars upp till 2)." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:172 +#: sssd.conf.5.xml:171 msgid "" "Feature is only supported for `logger == files` (i.e. setting doesn't have " "effect for other logger types)." @@ -318,8 +323,8 @@ msgstr "" "ingen effekt för andra loggningstyper)." #. type: Content of: outside any tag (error?) -#: sssd.conf.5.xml:112 sssd.conf.5.xml:187 sssd-ldap.5.xml:1694 -#: sssd-ldap.5.xml:1900 sss-certmap.5.xml:645 sssd-systemtap.5.xml:82 +#: sssd.conf.5.xml:111 sssd.conf.5.xml:186 sssd-ldap.5.xml:1705 +#: sssd-ldap.5.xml:1911 sss-certmap.5.xml:645 sssd-systemtap.5.xml:82 #: sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 #: sssd-systemtap.5.xml:330 sssd-ldap-attributes.5.xml:40 #: sssd-ldap-attributes.5.xml:661 sssd-ldap-attributes.5.xml:803 @@ -331,17 +336,17 @@ msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:185 +#: sssd.conf.5.xml:184 msgid "Options usable in SERVICE and DOMAIN sections" msgstr "Flaggor användbara i sektionerna SERVICE och DOMAIN" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:189 +#: sssd.conf.5.xml:188 msgid "timeout (integer)" msgstr "timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:192 +#: sssd.conf.5.xml:191 msgid "" "Timeout in seconds between heartbeats for this service. This is used to " "ensure that the process is alive and capable of answering requests. Note " @@ -352,33 +357,33 @@ msgstr "" "att efter tre missade hjärtslag kommer processen avsluta sig själv." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:199 sssd.conf.5.xml:1261 sssd.conf.5.xml:1738 -#: sssd.conf.5.xml:4247 sssd-ldap.5.xml:766 include/ldap_id_mapping.xml:270 +#: sssd.conf.5.xml:198 sssd.conf.5.xml:1264 sssd.conf.5.xml:1741 +#: sssd.conf.5.xml:4250 sssd-ldap.5.xml:777 include/ldap_id_mapping.xml:270 msgid "Default: 10" msgstr "Standard: 10" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:209 +#: sssd.conf.5.xml:208 msgid "SPECIAL SECTIONS" msgstr "SPECIALSEKTIONER" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:212 +#: sssd.conf.5.xml:211 msgid "The [sssd] section" msgstr "Sektionen [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><title> -#: sssd.conf.5.xml:221 +#: sssd.conf.5.xml:220 msgid "Section parameters" msgstr "Sektionsparametrar" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:223 +#: sssd.conf.5.xml:222 msgid "services" msgstr "services" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:226 +#: sssd.conf.5.xml:225 msgid "" "Comma separated list of services that are started when sssd itself starts. " "<phrase condition=\"have_systemd\"> The services' list is optional on " @@ -391,7 +396,7 @@ msgstr "" "eller D-Bus-aktiverade vid behov. </phrase>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:235 +#: sssd.conf.5.xml:234 #, fuzzy #| msgid "" #| "Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</" @@ -412,7 +417,7 @@ msgstr "" "condition=\"with_ifp\">, ifp</phrase>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:242 +#: sssd.conf.5.xml:241 msgid "" "<phrase condition=\"have_systemd\"> By default, all services are disabled " "and the administrator must enable the ones allowed to be used by executing: " @@ -423,12 +428,12 @@ msgstr "" "”systemctl enable sssd-@service@.socket\". </phrase>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:251 +#: sssd.conf.5.xml:250 msgid "domains" msgstr "domains" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:254 +#: sssd.conf.5.xml:253 msgid "" "A domain is a database containing user information. SSSD can use more " "domains at the same time, but at least one must be configured or SSSD won't " @@ -445,12 +450,12 @@ msgstr "" "understrykningstecken. Tecknet ”/” är förbjudet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:267 sssd.conf.5.xml:3535 +#: sssd.conf.5.xml:266 sssd.conf.5.xml:3538 msgid "re_expression (string)" msgstr "re_expression (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:270 +#: sssd.conf.5.xml:269 msgid "" "Default regular expression that describes how to parse the string containing " "user name and domain into these components." @@ -459,7 +464,7 @@ msgstr "" "innehåller användarnamnet och domänen in i dessa komponenter." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:275 +#: sssd.conf.5.xml:274 msgid "" "Each domain can have an individual regular expression configured. For some " "ID providers there are also default regular expressions. See DOMAIN SECTIONS " @@ -470,12 +475,12 @@ msgstr "" "för mer information om dessa reguljära uttryck." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:284 sssd.conf.5.xml:3592 +#: sssd.conf.5.xml:283 sssd.conf.5.xml:3595 msgid "full_name_format (string)" msgstr "full_name_format (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:3595 +#: sssd.conf.5.xml:286 sssd.conf.5.xml:3598 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -486,32 +491,32 @@ msgstr "" "samman ett fullständigt kvalificerat namn från namn- och domänkomponenter." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:298 sssd.conf.5.xml:3606 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:3609 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 sssd.conf.5.xml:3607 +#: sssd.conf.5.xml:298 sssd.conf.5.xml:3610 msgid "user name" msgstr "användarnamn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:302 sssd.conf.5.xml:3610 +#: sssd.conf.5.xml:301 sssd.conf.5.xml:3613 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:305 sssd.conf.5.xml:3613 +#: sssd.conf.5.xml:304 sssd.conf.5.xml:3616 msgid "domain name as specified in the SSSD config file." msgstr "domännamn som det anges i SSSD-konfigurationsfilen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:311 sssd.conf.5.xml:3619 +#: sssd.conf.5.xml:310 sssd.conf.5.xml:3622 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:314 sssd.conf.5.xml:3622 +#: sssd.conf.5.xml:313 sssd.conf.5.xml:3625 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." @@ -520,7 +525,7 @@ msgstr "" "direkt konfigurerade eller hittade via IPA-förtroenden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:295 sssd.conf.5.xml:3603 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:3606 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -528,7 +533,7 @@ msgstr "" "Följande utvidgningar stödjs: <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:324 +#: sssd.conf.5.xml:323 msgid "" "Each domain can have an individual format string configured. See DOMAIN " "SECTIONS for more info on this option." @@ -537,12 +542,12 @@ msgstr "" "mer information om detta alternativ." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:330 +#: sssd.conf.5.xml:329 msgid "monitor_resolv_conf (boolean)" msgstr "monitor_resolv_conf (boolean)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:333 +#: sssd.conf.5.xml:332 msgid "" "Controls if SSSD should monitor the state of resolv.conf to identify when it " "needs to update its internal DNS resolver." @@ -551,12 +556,12 @@ msgstr "" "när den behöver uppdatera sin interna DNS-uppslagare." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:343 +#: sssd.conf.5.xml:342 msgid "try_inotify (boolean)" msgstr "try_inotify (boolean)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:346 +#: sssd.conf.5.xml:345 msgid "" "By default, SSSD will attempt to use inotify to monitor configuration files " "changes and will fall back to polling every five seconds if inotify cannot " @@ -567,7 +572,7 @@ msgstr "" "sekund om inotify inte kan användas." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:352 +#: sssd.conf.5.xml:351 msgid "" "There are some limited situations where it is preferred that we should skip " "even trying to use inotify. In these rare cases, this option should be set " @@ -578,7 +583,7 @@ msgstr "" "alternativ sättas till ”false”" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:358 +#: sssd.conf.5.xml:357 msgid "" "Default: true on platforms where inotify is supported. False on other " "platforms." @@ -586,7 +591,7 @@ msgstr "" "Standard: true på plattformar där inotify stödjs. False på andra plattformar." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:362 +#: sssd.conf.5.xml:361 msgid "" "Note: this option will have no effect on platforms where inotify is " "unavailable. On these platforms, polling will always be used." @@ -595,12 +600,12 @@ msgstr "" "inte är tillgängligt. På dessa plattformar kommer pollning alltid användas." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 +#: sssd.conf.5.xml:368 msgid "krb5_rcache_dir (string)" msgstr "krb5_rcache_dir (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 +#: sssd.conf.5.xml:371 msgid "" "Directory on the filesystem where SSSD should store Kerberos replay cache " "files." @@ -609,7 +614,7 @@ msgstr "" "återuppspelning." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:376 +#: sssd.conf.5.xml:375 msgid "" "This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " "SSSD to let libkrb5 decide the appropriate location for the replay cache." @@ -619,7 +624,7 @@ msgstr "" "cachefilerna för återuppspelning." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:382 +#: sssd.conf.5.xml:381 msgid "" "Default: Distribution-specific and specified at build-time. " "(__LIBKRB5_DEFAULTS__ if not configured)" @@ -628,12 +633,12 @@ msgstr "" "(__LIBKRB5_DEFAULTS__ om inte konfigurerat)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:389 +#: sssd.conf.5.xml:388 msgid "user (string)" msgstr "user (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:392 +#: sssd.conf.5.xml:391 msgid "" "A legacy (deprecated) method to configure the user to drop the privileges to " "where appropriate to avoid running as the root user. The only supported " @@ -644,7 +649,7 @@ msgstr "" "användaren. Det enda värdet som stödjs ”&sssd_user_name;”." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 +#: sssd.conf.5.xml:398 msgid "" "This option is ignored if main SSSD process is started under non-root user " "initially (preferred method)." @@ -653,7 +658,7 @@ msgstr "" "användare en root initialt (den rekommenderade metoden)." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:404 +#: sssd.conf.5.xml:403 msgid "" "This option doesn't apply to socket activated services, as in this case the " "user to run the processes is configured in systemd service files. Keep in " @@ -668,17 +673,24 @@ msgstr "" "köra antingen som ”&sssd_user_name;” eller ”root”." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:415 +#: sssd.conf.5.xml:414 msgid "Default: not set, process will run as root" msgstr "Standard: inte angivet, processer kommer köra som root" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:420 +#: sssd.conf.5.xml:419 msgid "default_domain_suffix (string)" msgstr "default_domain_suffix (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:423 +#: sssd.conf.5.xml:422 +msgid "" +"Please note that this option is deprecated and domain_resolution_order " +"should be used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:426 msgid "" "This string will be used as a default domain name for all names without a " "domain name component. The main use case is environments where the primary " @@ -693,7 +705,7 @@ msgstr "" "in med bara sitt användarnamn utan att dessutom ange ett domännamn." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 +#: sssd.conf.5.xml:436 msgid "" "Please note that if this option is set all users from the primary domain " "have to use their fully qualified name, e.g. user@domain.name, to log in. " @@ -715,8 +727,8 @@ msgstr "" "default_domain_suffix används. </phrase>" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:450 sssd-ldap.5.xml:878 sssd-ldap.5.xml:890 -#: sssd-ldap.5.xml:983 sssd-ad.5.xml:921 sssd-ad.5.xml:996 sssd-krb5.5.xml:468 +#: sssd.conf.5.xml:453 sssd-ldap.5.xml:889 sssd-ldap.5.xml:901 +#: sssd-ldap.5.xml:994 sssd-ad.5.xml:921 sssd-ad.5.xml:996 sssd-krb5.5.xml:468 #: sssd-ldap-attributes.5.xml:470 sssd-ldap-attributes.5.xml:978 #: include/ldap_id_mapping.xml:211 include/ldap_id_mapping.xml:222 #: include/krb5_options.xml:148 @@ -724,12 +736,12 @@ msgid "Default: not set" msgstr "Standard: inte satt" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:455 +#: sssd.conf.5.xml:458 msgid "override_space (string)" msgstr "override_space (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:458 +#: sssd.conf.5.xml:461 msgid "" "This parameter will replace spaces (space bar) with the given character for " "user and group names. e.g. (_). User name "john doe" will be " @@ -744,7 +756,7 @@ msgstr "" "hantera blanka, på grund av att det är standardfältseparatorn i skalet." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:467 +#: sssd.conf.5.xml:470 msgid "" "Please note it is a configuration error to use a replacement character that " "might be used in user or group names. If a name contains the replacement " @@ -757,22 +769,22 @@ msgstr "" "allmänhet är resultatet av en uppslagning odefinierat." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:475 +#: sssd.conf.5.xml:478 msgid "Default: not set (spaces will not be replaced)" msgstr "Standard: inte satt (blanka kommer inte ersättas)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:480 +#: sssd.conf.5.xml:483 msgid "certificate_verification (string)" msgstr "certificate_verification (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:488 +#: sssd.conf.5.xml:491 msgid "no_ocsp" msgstr "no_ocsp" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:490 +#: sssd.conf.5.xml:493 msgid "" "Disables Online Certificate Status Protocol (OCSP) checks. This might be " "needed if the OCSP servers defined in the certificate are not reachable from " @@ -783,12 +795,12 @@ msgstr "" "nåbara från klienten." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:498 +#: sssd.conf.5.xml:501 msgid "soft_ocsp" msgstr "soft_ocsp" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:500 +#: sssd.conf.5.xml:503 msgid "" "If a connection cannot be established to an OCSP responder the OCSP check is " "skipped. This option should be used to allow authentication when the system " @@ -799,12 +811,12 @@ msgstr "" "när systemet är frånkopplat och OCSP-respondenten inte kan nås." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:510 +#: sssd.conf.5.xml:513 msgid "ocsp_dgst" msgstr "ocsp_dgst" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:512 +#: sssd.conf.5.xml:515 msgid "" "Digest (hash) function used to create the certificate ID for the OCSP " "request. Allowed values are:" @@ -813,39 +825,39 @@ msgstr "" "OCSP-begäran. Tillåtna värden är:" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:516 +#: sssd.conf.5.xml:519 msgid "sha1" msgstr "sha1" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:517 +#: sssd.conf.5.xml:520 msgid "sha256" msgstr "sha256" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:518 +#: sssd.conf.5.xml:521 msgid "sha384" msgstr "sha384" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:519 +#: sssd.conf.5.xml:522 msgid "sha512" msgstr "sha512" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:522 +#: sssd.conf.5.xml:525 msgid "Default: sha1 (to allow compatibility with RFC5019-compliant responder)" msgstr "" "Standard: sha1 (för att tillåta kompatibilitet med respondenter som följer " "RFC5019)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:528 +#: sssd.conf.5.xml:531 msgid "no_verification" msgstr "no_verification" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:530 +#: sssd.conf.5.xml:533 msgid "" "Disables verification completely. This option should only be used for " "testing." @@ -854,12 +866,12 @@ msgstr "" "testning." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:536 +#: sssd.conf.5.xml:539 msgid "partial_chain" msgstr "partial_chain" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:538 +#: sssd.conf.5.xml:541 msgid "" "Allow verification to succeed even if a <replaceable>complete</replaceable> " "chain cannot be built to a self-signed trust-anchor, provided it is possible " @@ -871,12 +883,12 @@ msgstr "" "certifikat som inte behöver vara självsignerat." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:547 +#: sssd.conf.5.xml:550 msgid "ocsp_default_responder=URL" msgstr "ocsp_default_responder=URL" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:549 +#: sssd.conf.5.xml:552 msgid "" "Sets the OCSP default responder which should be used instead of the one " "mentioned in the certificate. URL must be replaced with the URL of the OCSP " @@ -887,12 +899,12 @@ msgstr "" "respondenten t.ex. http://example.com:80/ocsp." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:559 +#: sssd.conf.5.xml:562 msgid "ocsp_default_responder_signing_cert=NAME" msgstr "ocsp_default_responder_signing_cert=NAMN" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:561 +#: sssd.conf.5.xml:564 msgid "" "This option is currently ignored. All needed certificates must be available " "in the PEM file given by pam_cert_db_path." @@ -901,12 +913,12 @@ msgstr "" "vara tillgängliga i PEM-filen som anges av pam_cert_db_path." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:569 +#: sssd.conf.5.xml:572 msgid "crl_file=/PATH/TO/CRL/FILE" msgstr "crl_file=/SÖKVÄG/TILL/CRL/FIL" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:571 +#: sssd.conf.5.xml:574 msgid "" "Use the Certificate Revocation List (CRL) from the given file during the " "verification of the certificate. The CRL must be given in PEM format, see " @@ -919,12 +931,12 @@ msgstr "" "<manvolnum>1ssl</manvolnum> </citerefentry> för detaljer." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:584 +#: sssd.conf.5.xml:587 msgid "soft_crl" msgstr "soft_crl" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:587 +#: sssd.conf.5.xml:590 msgid "" "If a Certificate Revocation List (CRL) is expired ignore the expiration " "time of the CRL and check the related certificates with the expired CRL. " @@ -937,7 +949,7 @@ msgstr "" "frånkopplat och CRL:en inte kan förnyas." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:483 +#: sssd.conf.5.xml:486 msgid "" "With this parameter the certificate verification can be tuned with a comma " "separated list of options. Supported options are: <placeholder " @@ -948,22 +960,22 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 +#: sssd.conf.5.xml:603 msgid "Unknown options are reported but ignored." msgstr "Okända alternativ rapporteras men ignoreras." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:603 +#: sssd.conf.5.xml:606 msgid "Default: not set, i.e. do not restrict certificate verification" msgstr "Standard: inte satt, d.v.s begränsa inte certifikatverifieringen" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:609 +#: sssd.conf.5.xml:612 msgid "disable_netlink (boolean)" msgstr "disable_netlink (boolean)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:612 +#: sssd.conf.5.xml:615 msgid "" "SSSD hooks into the netlink interface to monitor changes to routes, " "addresses, links and trigger certain actions." @@ -972,7 +984,7 @@ msgstr "" "rutter, adresser, länkar och utlösa vissa åtgärder." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 +#: sssd.conf.5.xml:620 msgid "" "The SSSD state changes caused by netlink events may be undesirable and can " "be disabled by setting this option to 'true'" @@ -981,17 +993,17 @@ msgstr "" "och kan avaktiveras genom att sätta detta alternativ till ”true”" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:622 +#: sssd.conf.5.xml:625 msgid "Default: false (netlink changes are detected)" msgstr "Standard: false (netlink-förändringar detekteras)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:627 +#: sssd.conf.5.xml:630 msgid "enable_files_domain (boolean)" msgstr "enable_files_domain (boolean)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:630 +#: sssd.conf.5.xml:633 msgid "" "When this option is enabled, SSSD prepends an implicit domain with " "<quote>id_provider=files</quote> before any explicitly configured domains." @@ -1000,12 +1012,12 @@ msgstr "" "<quote>id_provider=files</quote> före några explicit konfigurerade domäner." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:641 +#: sssd.conf.5.xml:644 msgid "domain_resolution_order" msgstr "domain_resolution_order" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:644 +#: sssd.conf.5.xml:647 msgid "" "Comma separated list of domains and subdomains representing the lookup order " "that will be followed. The list doesn't have to include all possible " @@ -1022,7 +1034,7 @@ msgstr "" "kommer slås upp i en slumpvis ordning för varje föräldradomän." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:656 +#: sssd.conf.5.xml:659 msgid "" "Please, note that when this option is set the output format of all commands " "is always fully-qualified even when using short names for input <phrase " @@ -1053,18 +1065,18 @@ msgstr "" "användarnamn kan överlappa mellan domäner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:684 sssd.conf.5.xml:1762 sssd.conf.5.xml:4297 +#: sssd.conf.5.xml:687 sssd.conf.5.xml:1765 sssd.conf.5.xml:4300 #: sssd-ad.5.xml:187 sssd-ad.5.xml:328 sssd-ad.5.xml:342 msgid "Default: Not set" msgstr "Standard: inte satt" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:692 msgid "implicit_pac_responder (boolean)" msgstr "implicit_pac_responder (boolean)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 +#: sssd.conf.5.xml:695 msgid "" "The PAC responder is enabled automatically for the IPA and AD provider to " "evaluate and check the PAC. If it has to be disabled set this option to " @@ -1075,12 +1087,12 @@ msgstr "" "alternativ till ”false”." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:703 +#: sssd.conf.5.xml:706 msgid "core_dumpable (boolean)" msgstr "core_dumpable (boolean)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:706 +#: sssd.conf.5.xml:709 msgid "" "This option can be used for general system hardening: setting it to 'false' " "forbids core dumps for all SSSD processes to avoid leaking plain text " @@ -1091,17 +1103,17 @@ msgstr "" "klartextlösenord läcker. Se manualsidan prctl:PR_SET_DUMPABLE för detaljer." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:718 +#: sssd.conf.5.xml:721 msgid "passkey_verification (string)" msgstr "passkey_verification (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:726 +#: sssd.conf.5.xml:729 msgid "user_verification (boolean)" msgstr "user_verification (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 +#: sssd.conf.5.xml:731 msgid "" "Enable or disable the user verification (i.e. PIN, fingerprint) during " "authentication. If enabled, the PIN will always be requested." @@ -1110,7 +1122,7 @@ msgstr "" "under autentisering. Om aktiverat kommer PIN:en alltid att begäras." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 +#: sssd.conf.5.xml:737 msgid "" "The default is that the key settings decide what to do. In the IPA or " "kerberos pre-authentication case, this value will be overwritten by the " @@ -1121,7 +1133,7 @@ msgstr "" "servern." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:721 +#: sssd.conf.5.xml:724 msgid "" "With this parameter the passkey verification can be tuned with a comma " "separated list of options. Supported options are: <placeholder " @@ -1132,7 +1144,7 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:214 +#: sssd.conf.5.xml:213 msgid "" "Individual pieces of SSSD functionality are provided by special SSSD " "services that are started and stopped together with SSSD. The services are " @@ -1149,12 +1161,12 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:753 +#: sssd.conf.5.xml:756 msgid "SERVICES SECTIONS" msgstr "TJÄNSTESEKTIONER" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:755 +#: sssd.conf.5.xml:758 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -1167,22 +1179,22 @@ msgstr "" "<quote>[nss]</quote>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:762 +#: sssd.conf.5.xml:765 msgid "General service configuration options" msgstr "Allmänna alternativ för tjänstekonfiguration" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:764 +#: sssd.conf.5.xml:767 msgid "These options can be used to configure any service." msgstr "Dessa alternativ kan användas för att konfigurera alla tjänster." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:768 +#: sssd.conf.5.xml:771 msgid "fd_limit" msgstr "fd_limit" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:771 +#: sssd.conf.5.xml:774 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -1197,17 +1209,17 @@ msgstr "" "och den ”hårda” gränsen i limits.conf." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:780 +#: sssd.conf.5.xml:783 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "Standard: 8192 (eller den ”hårda” gränsen i limits.conf)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:785 +#: sssd.conf.5.xml:788 msgid "client_idle_timeout" msgstr "client_idle_timeout" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:788 +#: sssd.conf.5.xml:791 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " @@ -1222,17 +1234,17 @@ msgstr "" "konfigureras kommer det att justeras till 10 sekunder." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:797 +#: sssd.conf.5.xml:800 msgid "Default: 60, KCM: 300" msgstr "Standard: 60, KCM: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 +#: sssd.conf.5.xml:805 msgid "offline_timeout (integer)" msgstr "offline_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 +#: sssd.conf.5.xml:808 msgid "" "When SSSD switches to offline mode the amount of time before it tries to go " "back online will increase based upon the time spent disconnected. By " @@ -1249,7 +1261,7 @@ msgstr "" "försök att bli uppkopplat beräknas det nya intervallet om enligt följande:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:816 sssd.conf.5.xml:872 +#: sssd.conf.5.xml:819 sssd.conf.5.xml:875 msgid "" "new_delay = Minimum(old_delay * 2, offline_timeout_max) + random[0..." "offline_timeout_random_offset]" @@ -1258,7 +1270,7 @@ msgstr "" "slumpvärde[0…offline_timeout_random_offset]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:822 msgid "" "The offline_timeout default value is 60. The offline_timeout_max default " "value is 3600. The offline_timeout_random_offset default value is 30. The " @@ -1269,7 +1281,7 @@ msgstr "" "är 30. Slutresultatet är antalet sekunder före nästa omförsök." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:825 +#: sssd.conf.5.xml:828 msgid "" "Note that the maximum length of each interval is defined by " "offline_timeout_max (apart of random part)." @@ -1278,18 +1290,18 @@ msgstr "" "offline_timeout_max (förutom slumpdelen)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:829 sssd.conf.5.xml:1172 sssd.conf.5.xml:1555 -#: sssd.conf.5.xml:1851 sssd-ldap.5.xml:495 +#: sssd.conf.5.xml:832 sssd.conf.5.xml:1175 sssd.conf.5.xml:1558 +#: sssd.conf.5.xml:1854 sssd-ldap.5.xml:506 msgid "Default: 60" msgstr "Standard: 60" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:834 +#: sssd.conf.5.xml:837 msgid "offline_timeout_max (integer)" msgstr "offline_timeout_max (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:837 +#: sssd.conf.5.xml:840 msgid "" "Controls by how much the time between attempts to go online can be " "incremented following unsuccessful attempts to go online." @@ -1298,12 +1310,12 @@ msgstr "" "misslyckat försök att koppla upp." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:842 +#: sssd.conf.5.xml:845 msgid "A value of 0 disables the incrementing behaviour." msgstr "Ett värde på 0 avaktiverar det ökande beteendet." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:845 +#: sssd.conf.5.xml:848 msgid "" "The value of this parameter should be set in correlation to offline_timeout " "parameter value." @@ -1312,7 +1324,7 @@ msgstr "" "offline_timeout." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:849 +#: sssd.conf.5.xml:852 msgid "" "With offline_timeout set to 60 (default value) there is no point in setting " "offlinet_timeout_max to less than 120 as it will saturate instantly. General " @@ -1325,7 +1337,7 @@ msgstr "" "åtminstone 4 gånger offline_timeout." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:858 msgid "" "Although a value between 0 and offline_timeout may be specified, it has the " "effect of overriding the offline_timeout value so is of little use." @@ -1334,17 +1346,17 @@ msgstr "" "att åsidosätta värdet offline_timeout så det är inte så användbart." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:863 msgid "Default: 3600" msgstr "Standard: 3600" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:865 +#: sssd.conf.5.xml:868 msgid "offline_timeout_random_offset (integer)" msgstr "offline_timeout_random_offset (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:868 +#: sssd.conf.5.xml:871 msgid "" "When SSSD is in offline mode it keeps probing backend servers in specified " "time intervals:" @@ -1353,7 +1365,7 @@ msgstr "" "angivna tidsintervall:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:875 +#: sssd.conf.5.xml:878 msgid "" "This parameter controls the value of the random offset used for the above " "equation. Final random_offset value will be random number in range:" @@ -1363,27 +1375,27 @@ msgstr "" "slumptal i intervallet:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:880 +#: sssd.conf.5.xml:883 msgid "[0 - offline_timeout_random_offset]" msgstr "[0 – offline_timeout_random_offset]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:883 +#: sssd.conf.5.xml:886 msgid "A value of 0 disables the random offset addition." msgstr "Ett värde på 0 avaktiverar tillägget av en slumpfördröjning." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:886 +#: sssd.conf.5.xml:889 msgid "Default: 30" msgstr "Standard: 30" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:894 msgid "responder_idle_timeout" msgstr "responder_idle_timeout" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:894 +#: sssd.conf.5.xml:897 msgid "" "This option specifies the number of seconds that an SSSD responder process " "can be up without being used. This value is limited in order to avoid " @@ -1402,18 +1414,18 @@ msgstr "" "antingen uttags- eller D-Bus-aktiverade." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:908 sssd.conf.5.xml:1185 sssd.conf.5.xml:2304 -#: sssd-ldap.5.xml:332 +#: sssd.conf.5.xml:911 sssd.conf.5.xml:1188 sssd.conf.5.xml:2307 +#: sssd-ldap.5.xml:343 msgid "Default: 300" msgstr "Standard: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:913 +#: sssd.conf.5.xml:916 msgid "cache_first" msgstr "cache_first" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:916 +#: sssd.conf.5.xml:919 msgid "" "This option specifies whether the responder should query all caches before " "querying the Data Providers." @@ -1422,12 +1434,12 @@ msgstr "" "den frågar dataleverantörerna." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:934 msgid "NSS configuration options" msgstr "NSS-konfigurationsalternativ" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:933 +#: sssd.conf.5.xml:936 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" @@ -1435,12 +1447,12 @@ msgstr "" "Switch (NSS)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:938 +#: sssd.conf.5.xml:941 msgid "enum_cache_timeout (integer)" msgstr "enum_cache_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:941 +#: sssd.conf.5.xml:944 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" @@ -1449,17 +1461,17 @@ msgstr "" "information om alla användare)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:945 +#: sssd.conf.5.xml:948 msgid "Default: 120" msgstr "Standard: 120" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:950 +#: sssd.conf.5.xml:953 msgid "entry_cache_nowait_percentage (integer)" msgstr "entry_cache_nowait_percentage (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:956 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -1470,7 +1482,7 @@ msgstr "" "för domänen." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:959 +#: sssd.conf.5.xml:962 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -1485,7 +1497,7 @@ msgstr "" "framtida begäranden kommer behöva blockera i väntan på en cacheuppdatering." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:969 +#: sssd.conf.5.xml:972 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -1498,17 +1510,17 @@ msgstr "" "(0 avaktiverar denna funktion)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:977 sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:980 sssd.conf.5.xml:2096 msgid "Default: 50" msgstr "Standard: 50" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:985 msgid "entry_negative_timeout (integer)" msgstr "entry_negative_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:985 +#: sssd.conf.5.xml:988 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -1519,17 +1531,17 @@ msgstr "" "bakänden tillfrågas igen." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:991 sssd.conf.5.xml:1750 sssd.conf.5.xml:2117 +#: sssd.conf.5.xml:994 sssd.conf.5.xml:1753 sssd.conf.5.xml:2120 msgid "Default: 15" msgstr "Standard: 15" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:996 +#: sssd.conf.5.xml:999 msgid "local_negative_timeout (integer)" msgstr "local_negative_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:999 +#: sssd.conf.5.xml:1002 msgid "" "Specifies for how many seconds nss_sss should keep local users and groups in " "negative cache before trying to look it up in the back end again. Setting " @@ -1540,17 +1552,17 @@ msgstr "" "in alternativet till 0 avaktiverar denna funktion." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1005 +#: sssd.conf.5.xml:1008 msgid "Default: 14400 (4 hours)" msgstr "Standard: 14400 (4 timmar)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1013 msgid "filter_users, filter_groups (string)" msgstr "filter_users, filter_groups (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1013 +#: sssd.conf.5.xml:1016 msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " @@ -1564,7 +1576,7 @@ msgstr "" "användarhuvudmansnamn (UPN)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1024 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1577,17 +1589,17 @@ msgstr "" "kommer fortfarande ha medlemsanvändarna i den senare listade." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1029 +#: sssd.conf.5.xml:1032 msgid "Default: root" msgstr "Standard: root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1037 msgid "filter_users_in_groups (bool)" msgstr "filter_users_in_groups (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1037 +#: sssd.conf.5.xml:1040 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" @@ -1595,12 +1607,12 @@ msgstr "" "sätt då detta alternativ till false." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1048 +#: sssd.conf.5.xml:1051 msgid "fallback_homedir (string)" msgstr "fallback_homedir (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 +#: sssd.conf.5.xml:1054 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." @@ -1609,7 +1621,7 @@ msgstr "" "anges av domänens dataleverantör." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1056 +#: sssd.conf.5.xml:1059 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" @@ -1617,7 +1629,7 @@ msgstr "" "override_homedir." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1062 +#: sssd.conf.5.xml:1065 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1627,23 +1639,23 @@ msgstr "" " " #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 sssd.conf.5.xml:1622 sssd.conf.5.xml:1641 -#: sssd.conf.5.xml:1718 sssd-krb5.5.xml:451 include/override_homedir.xml:66 +#: sssd.conf.5.xml:1063 sssd.conf.5.xml:1625 sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1721 sssd-krb5.5.xml:451 include/override_homedir.xml:66 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "exempel: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1069 msgid "Default: not set (no substitution for unset home directories)" msgstr "Standard: inte satt (ingen ersättning för ej angivna hemkataloger)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1072 +#: sssd.conf.5.xml:1075 msgid "override_shell (string)" msgstr "override_shell (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 +#: sssd.conf.5.xml:1078 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1654,30 +1666,30 @@ msgstr "" "sektionen [nss] eller per domän." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1084 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" "Standard: inte angivet (SSSD kommer använda värdet som hämtats från LDAP)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1090 msgid "allowed_shells (string)" msgstr "allowed_shells (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1093 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" "Begränsa användarskal till ett av de listade värdena. Beräkningsordningen är:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:1096 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "1. Om skalet finns i <quote>/etc/shells</quote> används det." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1097 +#: sssd.conf.5.xml:1100 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." @@ -1686,7 +1698,7 @@ msgstr "" "quote>, använd värdet på parametern shell_fallback." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1105 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." @@ -1695,12 +1707,12 @@ msgstr "" "shells</quote> används ett nologin-skal." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 +#: sssd.conf.5.xml:1110 msgid "The wildcard (*) can be used to allow any shell." msgstr "Jokertecknet (*) kan användas för att tillåta godtyckligt skal." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1110 +#: sssd.conf.5.xml:1113 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1711,12 +1723,12 @@ msgstr "" "alla skal i allowed_shells skulle vara för mycket overhead." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1117 +#: sssd.conf.5.xml:1120 msgid "An empty string for shell is passed as-is to libc." msgstr "En tom sträng som skal skickas som den är till libc." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1123 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." @@ -1725,27 +1737,27 @@ msgstr "" "att en omstart av SSSD behövs ifall ett nytt skal installeras." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1127 msgid "Default: Not set. The user shell is automatically used." msgstr "Standard: inte satt. Användarens skal används automatiskt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1132 msgid "vetoed_shells (string)" msgstr "vetoed_shells (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1132 +#: sssd.conf.5.xml:1135 msgid "Replace any instance of these shells with the shell_fallback" msgstr "Ersätt alla instanser av dessa skal med shell_fallback" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1140 msgid "shell_fallback (string)" msgstr "shell_fallback (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1143 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" @@ -1753,17 +1765,17 @@ msgstr "" "maskinen." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1147 msgid "Default: /bin/sh" msgstr "Standard: /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1152 msgid "default_shell" msgstr "default_shell" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1155 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." @@ -1773,7 +1785,7 @@ msgstr "" "per domän." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1161 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" @@ -1782,12 +1794,12 @@ msgstr "" "libc ersätter med något rimligt när nödvändigt, vanligen /bin/sh)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 sssd.conf.5.xml:1548 +#: sssd.conf.5.xml:1168 sssd.conf.5.xml:1551 msgid "get_domains_timeout (int)" msgstr "get_domains_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 sssd.conf.5.xml:1551 +#: sssd.conf.5.xml:1171 sssd.conf.5.xml:1554 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." @@ -1796,12 +1808,12 @@ msgstr "" "som giltiga." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1180 msgid "memcache_timeout (integer)" msgstr "memcache_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1180 +#: sssd.conf.5.xml:1183 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." @@ -1811,7 +1823,7 @@ msgstr "" "minnet." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1191 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." @@ -1820,8 +1832,8 @@ msgstr "" "påverkan på SSSD:s prestanda och skall bara användas för testning." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 sssd.conf.5.xml:1219 sssd.conf.5.xml:1244 -#: sssd.conf.5.xml:1269 sssd.conf.5.xml:1296 +#: sssd.conf.5.xml:1197 sssd.conf.5.xml:1222 sssd.conf.5.xml:1247 +#: sssd.conf.5.xml:1272 sssd.conf.5.xml:1299 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." @@ -1830,12 +1842,12 @@ msgstr "" "klientprogram inte använda den snabba cachen i minnet." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1202 +#: sssd.conf.5.xml:1205 msgid "memcache_size_passwd (integer)" msgstr "memcache_size_passwd (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1205 +#: sssd.conf.5.xml:1208 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for passwd requests. Setting the size to 0 will disable the passwd in-" @@ -1846,13 +1858,13 @@ msgstr "" "lösenords-cachen i minnet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:2963 sssd-ldap.5.xml:549 +#: sssd.conf.5.xml:1214 sssd.conf.5.xml:2966 sssd-ldap.5.xml:560 msgid "Default: 8" msgstr "Standard: 8" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1214 sssd.conf.5.xml:1239 sssd.conf.5.xml:1264 -#: sssd.conf.5.xml:1291 +#: sssd.conf.5.xml:1217 sssd.conf.5.xml:1242 sssd.conf.5.xml:1267 +#: sssd.conf.5.xml:1294 msgid "" "WARNING: Disabled or too small in-memory cache can have significant negative " "impact on SSSD's performance." @@ -1861,12 +1873,12 @@ msgstr "" "negativ påverkan på SSSD:s prestanda." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1230 msgid "memcache_size_group (integer)" msgstr "memcache_size_group (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1233 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for group requests. Setting the size to 0 will disable the group in-memory " @@ -1877,19 +1889,19 @@ msgstr "" "grupp-cachen i minnet." #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1236 sssd.conf.5.xml:1288 sssd.conf.5.xml:3724 -#: sssd-ldap.5.xml:474 sssd-ldap.5.xml:526 include/failover.xml:116 +#: sssd.conf.5.xml:1239 sssd.conf.5.xml:1291 sssd.conf.5.xml:3727 +#: sssd-ldap.5.xml:485 sssd-ldap.5.xml:537 include/failover.xml:116 #: include/krb5_options.xml:11 msgid "Default: 6" msgstr "Standard: 6" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1252 +#: sssd.conf.5.xml:1255 msgid "memcache_size_initgroups (integer)" msgstr "memcache_size_initgroups (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1255 +#: sssd.conf.5.xml:1258 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for initgroups requests. Setting the size to 0 will disable the initgroups " @@ -1900,12 +1912,12 @@ msgstr "" "initgrupp-cachen i minnet." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 +#: sssd.conf.5.xml:1280 msgid "memcache_size_sid (integer)" msgstr "memcache_size_sid (integer)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 +#: sssd.conf.5.xml:1283 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for SID related requests. Only SID-by-ID and ID-by-SID requests are " @@ -1918,12 +1930,12 @@ msgstr "" "storleken till 0 kommer avaktivera SID-cachen i minnet." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1304 sssd-ifp.5.xml:90 +#: sssd.conf.5.xml:1307 sssd-ifp.5.xml:90 msgid "user_attributes (string)" msgstr "user_attributes (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1307 +#: sssd.conf.5.xml:1310 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1940,7 +1952,7 @@ msgstr "" "citerefentry> för detaljer) men utan standardvärden." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1320 +#: sssd.conf.5.xml:1323 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." @@ -1949,17 +1961,17 @@ msgstr "" "InfoPipe-alternativet om det inte är satt för NSS-respondenten." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1325 +#: sssd.conf.5.xml:1328 msgid "Default: not set, fallback to InfoPipe option" msgstr "Standard: inte satt, gå tillbaka till InfoPipe-alternativet" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1330 +#: sssd.conf.5.xml:1333 msgid "pwfield (string)" msgstr "pwfield (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1336 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." @@ -1968,12 +1980,12 @@ msgstr "" "returnera i fältet <quote>password</quote>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1341 msgid "Default: <quote>*</quote>" msgstr "Standard: <quote>*</quote>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1341 +#: sssd.conf.5.xml:1344 msgid "" "Note: This option can also be set per-domain which overwrites the value in " "[nss] section." @@ -1982,7 +1994,7 @@ msgstr "" "värdet i [nss]-sektionen." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1348 msgid "" "Default: <quote>not set</quote> (remote domains), <phrase " "condition=\"with_files_provider\"> <quote>x</quote> (the files domain), </" @@ -1994,12 +2006,12 @@ msgstr "" "<quote>x</quote> (proxydomän med målet nss_files och sssd-shadowutils)" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1360 msgid "PAM configuration options" msgstr "PAM-konfigurationsalternativ" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1359 +#: sssd.conf.5.xml:1362 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." @@ -2008,12 +2020,12 @@ msgstr "" "Authentication Module (PAM)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1364 +#: sssd.conf.5.xml:1367 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1367 +#: sssd.conf.5.xml:1370 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." @@ -2023,17 +2035,17 @@ msgstr "" "inloggningen)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1372 sssd.conf.5.xml:1385 +#: sssd.conf.5.xml:1375 sssd.conf.5.xml:1388 msgid "Default: 0 (No limit)" msgstr "Standard: 0 (ingen gräns)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1381 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1384 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." @@ -2042,12 +2054,12 @@ msgstr "" "inloggningsförsök är tillåtna." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1391 +#: sssd.conf.5.xml:1394 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1394 +#: sssd.conf.5.xml:1397 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." @@ -2056,7 +2068,7 @@ msgstr "" "har nåtts före ett nytt inloggningsförsök är möjligt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1399 +#: sssd.conf.5.xml:1402 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -2067,17 +2079,17 @@ msgstr "" "autentisering kan aktivera autentisering utan uppkoppling igen." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1405 sssd.conf.5.xml:1515 +#: sssd.conf.5.xml:1408 sssd.conf.5.xml:1518 msgid "Default: 5" msgstr "Standard: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1411 +#: sssd.conf.5.xml:1414 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1414 +#: sssd.conf.5.xml:1417 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." @@ -2086,43 +2098,43 @@ msgstr "" "Ju högre tal desto fler meddelanden visas." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1422 msgid "Currently sssd supports the following values:" msgstr "För närvarande stödjs följande värden:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1422 +#: sssd.conf.5.xml:1425 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis>: visa inte några meddelanden" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1425 +#: sssd.conf.5.xml:1428 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis>: visa endast viktiga meddelanden" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1432 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis>: visa informationsmeddelanden" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1435 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" "<emphasis>3</emphasis>: visa alla meddelanden och felsökningsinformation" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1436 sssd.8.xml:63 +#: sssd.conf.5.xml:1439 sssd.8.xml:63 msgid "Default: 1" msgstr "Standard: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1442 +#: sssd.conf.5.xml:1445 msgid "pam_response_filter (string)" msgstr "pam_response_filter (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:1448 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -2135,7 +2147,7 @@ msgstr "" "användaren eller miljövariabler som skall sättas av pam_sss." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1453 +#: sssd.conf.5.xml:1456 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." @@ -2144,37 +2156,37 @@ msgstr "" "gör detta alternativ att man kan filtrera ut andra sorters svar dessutom." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1463 msgid "ENV" msgstr "ENV" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1461 +#: sssd.conf.5.xml:1464 msgid "Do not send any environment variables to any service." msgstr "Skicka inte några miljövariabler till någon tjänst." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1464 +#: sssd.conf.5.xml:1467 msgid "ENV:var_name" msgstr "ENV:varnamn" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1465 +#: sssd.conf.5.xml:1468 msgid "Do not send environment variable var_name to any service." msgstr "Skicka inte miljövariabeln varnamn till någon tjänst." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:1472 msgid "ENV:var_name:service" msgstr "ENV:varnamn:tjänst" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1470 +#: sssd.conf.5.xml:1473 msgid "Do not send environment variable var_name to service." msgstr "Skicka inte miljövariabeln varnamn till tjänst." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1458 +#: sssd.conf.5.xml:1461 msgid "" "Currently the following filters are supported: <placeholder " "type=\"variablelist\" id=\"0\"/>" @@ -2183,7 +2195,7 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1477 +#: sssd.conf.5.xml:1480 msgid "" "The list of strings can either be the list of filters which would set this " "list of filters and overwrite the defaults. Or each element of the list can " @@ -2200,12 +2212,12 @@ msgstr "" "eller ”-” eller inget av dem. Det ses som ett fel att blanda båda sätten." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1488 +#: sssd.conf.5.xml:1491 msgid "Default: ENV:KRB5CCNAME:sudo, ENV:KRB5CCNAME:sudo-i" msgstr "Standard: ENV:KRB5CCNAME:sudo, ENV:KRB5CCNAME:sudo-i" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1491 +#: sssd.conf.5.xml:1494 msgid "" "Example: -ENV:KRB5CCNAME:sudo-i will remove the filter from the default list" msgstr "" @@ -2213,12 +2225,12 @@ msgstr "" "standardlistan" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1498 +#: sssd.conf.5.xml:1501 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1501 +#: sssd.conf.5.xml:1504 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -2229,7 +2241,7 @@ msgstr "" "till att autentisering sker med den senaste informationen." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1507 +#: sssd.conf.5.xml:1510 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -2243,17 +2255,17 @@ msgstr "" "identitetsleverantören." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1521 +#: sssd.conf.5.xml:1524 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1524 sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:1527 sssd.conf.5.xml:2990 msgid "Display a warning N days before the password expires." msgstr "Visa en varning N dagar före lösenordet går ut." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1527 +#: sssd.conf.5.xml:1530 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2263,7 +2275,7 @@ msgstr "" "lösenordet. Om denna information saknas kan sssd inte visa någon varning." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1533 sssd.conf.5.xml:2990 +#: sssd.conf.5.xml:1536 sssd.conf.5.xml:2993 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -2272,7 +2284,7 @@ msgstr "" "mottogs från bakändeserver kommer den automatiskt visas." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1541 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." @@ -2281,18 +2293,18 @@ msgstr "" "<emphasis>pwd_expiration_warning</emphasis> för en viss domän." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1543 sssd.conf.5.xml:3990 sssd-ldap.5.xml:607 -#: sssd-ldap.5.xml:1673 sssd.8.xml:79 +#: sssd.conf.5.xml:1546 sssd.conf.5.xml:3993 sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:1684 sssd.8.xml:79 msgid "Default: 0" msgstr "Standard: 0" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1560 +#: sssd.conf.5.xml:1563 msgid "pam_trusted_users (string)" msgstr "pam_trusted_users (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1563 +#: sssd.conf.5.xml:1566 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -2307,12 +2319,12 @@ msgstr "" "UID vid uppstart." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1573 +#: sssd.conf.5.xml:1576 msgid "Default: All users are considered trusted by default" msgstr "Standard: alla användare betraktas som betrodda som standard" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1577 +#: sssd.conf.5.xml:1580 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." @@ -2321,12 +2333,12 @@ msgstr "" "inte är i listan pam_trusted_users." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1584 +#: sssd.conf.5.xml:1587 msgid "pam_public_domains (string)" msgstr "pam_public_domains (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1587 +#: sssd.conf.5.xml:1590 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." @@ -2335,20 +2347,20 @@ msgstr "" "betrodda användare." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1591 +#: sssd.conf.5.xml:1594 msgid "Two special values for pam_public_domains option are defined:" msgstr "" "Två speciella värden för alternativet pam_public_domains är definierade:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1595 +#: sssd.conf.5.xml:1598 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" "all (Ej betrodda användare tillåts komma åt alla domäner i PAM-respondenten.)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1602 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" @@ -2357,19 +2369,19 @@ msgstr "" "respondenten.)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1603 sssd.conf.5.xml:1628 sssd.conf.5.xml:1647 -#: sssd.conf.5.xml:1884 sssd.conf.5.xml:2725 sssd.conf.5.xml:3919 -#: sssd-ldap.5.xml:1210 +#: sssd.conf.5.xml:1606 sssd.conf.5.xml:1631 sssd.conf.5.xml:1650 +#: sssd.conf.5.xml:1887 sssd.conf.5.xml:2728 sssd.conf.5.xml:3922 +#: sssd-ldap.5.xml:1221 msgid "Default: none" msgstr "Standard: none" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1611 msgid "pam_account_expired_message (string)" msgstr "pam_account_expired_message (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1611 +#: sssd.conf.5.xml:1614 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." @@ -2378,7 +2390,7 @@ msgstr "" "standardmeddelandet ”åtkomst nekas”." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1616 +#: sssd.conf.5.xml:1619 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." @@ -2388,7 +2400,7 @@ msgstr "" "felsökningsinformation)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1627 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -2398,12 +2410,12 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1633 +#: sssd.conf.5.xml:1636 msgid "pam_account_locked_message (string)" msgstr "pam_account_locked_message (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1639 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." @@ -2412,7 +2424,7 @@ msgstr "" "standardmeddelandet ”åtkomst nekas”." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1643 +#: sssd.conf.5.xml:1646 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -2422,46 +2434,46 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1652 +#: sssd.conf.5.xml:1655 msgid "pam_passkey_auth (bool)" msgstr "pam_passkey_auth (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1655 +#: sssd.conf.5.xml:1658 msgid "Enable passkey device based authentication." msgstr "Aktivera autentisering baserad på lösennyckelsenhet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1658 sssd.conf.5.xml:1970 sssd-ad.5.xml:1272 +#: sssd.conf.5.xml:1661 sssd.conf.5.xml:1973 sssd-ad.5.xml:1275 #: sss_rpcidmapd.5.xml:76 sssd-files.5.xml:145 msgid "Default: True" msgstr "Standard: True" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1663 +#: sssd.conf.5.xml:1666 msgid "passkey_debug_libfido2 (bool)" msgstr "passkey_debug_libfido2 (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1666 +#: sssd.conf.5.xml:1669 msgid "Enable libfido2 library debug messages." msgstr "Aktivera biblioteket libfido2 felsökningsmeddelanden." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1669 sssd.conf.5.xml:1683 sssd-ldap.5.xml:672 -#: sssd-ldap.5.xml:693 sssd-ldap.5.xml:789 sssd-ldap.5.xml:1296 -#: sssd-ad.5.xml:506 sssd-ad.5.xml:582 sssd-ad.5.xml:1127 sssd-ad.5.xml:1176 +#: sssd.conf.5.xml:1672 sssd.conf.5.xml:1686 sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:704 sssd-ldap.5.xml:800 sssd-ldap.5.xml:1307 +#: sssd-ad.5.xml:506 sssd-ad.5.xml:582 sssd-ad.5.xml:1127 sssd-ad.5.xml:1179 #: include/ldap_id_mapping.xml:250 msgid "Default: False" msgstr "Standard: False" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1674 +#: sssd.conf.5.xml:1677 msgid "pam_cert_auth (bool)" msgstr "pam_cert_auth (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1677 +#: sssd.conf.5.xml:1680 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -2472,22 +2484,22 @@ msgstr "" "autentiseringsprocessen är detta alternativ avaktiverat som standard." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1688 +#: sssd.conf.5.xml:1691 msgid "pam_cert_db_path (string)" msgstr "pam_cert_db_path (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1691 +#: sssd.conf.5.xml:1694 msgid "The path to the certificate database." msgstr "Sökvägen till certifikatdatabasen." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1694 sssd.conf.5.xml:2219 sssd.conf.5.xml:4411 +#: sssd.conf.5.xml:1697 sssd.conf.5.xml:2222 sssd.conf.5.xml:4414 msgid "Default:" msgstr "Standard:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1696 sssd.conf.5.xml:2221 +#: sssd.conf.5.xml:1699 sssd.conf.5.xml:2224 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (path to a file with trusted CA " "certificates in PEM format)" @@ -2496,12 +2508,12 @@ msgstr "" "certifikat i PEM-format)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:1709 msgid "pam_cert_verification (string)" msgstr "pam_cert_verification (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:1712 msgid "" "With this parameter the PAM certificate verification can be tuned with a " "comma separated list of options that override the " @@ -2515,7 +2527,7 @@ msgstr "" "Flaggor som stödjs är samma som för <quote>certificate_verification</quote>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:1723 #, no-wrap msgid "" "pam_cert_verification = partial_chain\n" @@ -2525,7 +2537,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:1727 msgid "" "Default: not set, i.e. use default <quote>certificate_verification</quote> " "option defined in <quote>[sssd]</quote> section." @@ -2535,22 +2547,22 @@ msgstr "" "<quote>[sssd]</quote>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1731 +#: sssd.conf.5.xml:1734 msgid "p11_child_timeout (integer)" msgstr "p11_child_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1734 +#: sssd.conf.5.xml:1737 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "Hur många sekunder pam_sss kommer vänta på p11_child att avsluta." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1743 +#: sssd.conf.5.xml:1746 msgid "passkey_child_timeout (integer)" msgstr "passkey_child_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 +#: sssd.conf.5.xml:1749 msgid "" "How many seconds will the PAM responder wait for passkey_child to finish." msgstr "" @@ -2558,12 +2570,12 @@ msgstr "" "avsluta." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1758 msgid "pam_app_services (string)" msgstr "pam_app_services (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1761 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" @@ -2572,12 +2584,12 @@ msgstr "" "<quote>application</quote>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1767 +#: sssd.conf.5.xml:1770 msgid "pam_p11_allowed_services (string)" msgstr "pam_p11_allowed_services (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1770 +#: sssd.conf.5.xml:1773 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." @@ -2586,7 +2598,7 @@ msgstr "" "tillåtet att använda smarta kort." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1785 +#: sssd.conf.5.xml:1788 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -2596,7 +2608,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1774 +#: sssd.conf.5.xml:1777 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -2616,63 +2628,63 @@ msgstr "" "type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1789 sssd-ad.5.xml:645 sssd-ad.5.xml:754 sssd-ad.5.xml:812 +#: sssd.conf.5.xml:1792 sssd-ad.5.xml:645 sssd-ad.5.xml:754 sssd-ad.5.xml:812 #: sssd-ad.5.xml:870 sssd-ad.5.xml:948 msgid "Default: the default set of PAM service names includes:" msgstr "Standard: standarduppsättningen av PAM-tjänstenamn innefattar:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1794 sssd-ad.5.xml:649 +#: sssd.conf.5.xml:1797 sssd-ad.5.xml:649 msgid "login" msgstr "login" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1799 sssd-ad.5.xml:654 +#: sssd.conf.5.xml:1802 sssd-ad.5.xml:654 msgid "su" msgstr "su" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1804 sssd-ad.5.xml:659 +#: sssd.conf.5.xml:1807 sssd-ad.5.xml:659 msgid "su-l" msgstr "su-l" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1809 sssd-ad.5.xml:674 +#: sssd.conf.5.xml:1812 sssd-ad.5.xml:674 msgid "gdm-smartcard" msgstr "gdm-smartcard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1814 sssd-ad.5.xml:669 +#: sssd.conf.5.xml:1817 sssd-ad.5.xml:669 msgid "gdm-password" msgstr "gdm-password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1819 sssd-ad.5.xml:679 +#: sssd.conf.5.xml:1822 sssd-ad.5.xml:679 msgid "kdm" msgstr "kdm" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1824 sssd-ad.5.xml:957 +#: sssd.conf.5.xml:1827 sssd-ad.5.xml:957 msgid "sudo" msgstr "sudo" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1829 sssd-ad.5.xml:962 +#: sssd.conf.5.xml:1832 sssd-ad.5.xml:962 msgid "sudo-i" msgstr "sudo-i" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1837 msgid "gnome-screensaver" msgstr "gnome-screensaver" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1845 msgid "p11_wait_for_card_timeout (integer)" msgstr "p11_wait_for_card_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1845 +#: sssd.conf.5.xml:1848 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2682,12 +2694,12 @@ msgstr "" "p11_child_timeout PAM-respondenten skall vänta på att ett smartkort sätts in." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1856 +#: sssd.conf.5.xml:1859 msgid "p11_uri (string)" msgstr "p11_uri (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1859 +#: sssd.conf.5.xml:1862 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " @@ -2704,7 +2716,7 @@ msgstr "" "användas för att säga till p11_child att använda en specifik läsare." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1872 +#: sssd.conf.5.xml:1875 #, no-wrap msgid "" "p11_uri = pkcs11:slot-description=My%20Smartcard%20Reader\n" @@ -2714,7 +2726,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1876 +#: sssd.conf.5.xml:1879 #, no-wrap msgid "" "p11_uri = pkcs11:library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2724,7 +2736,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1870 +#: sssd.conf.5.xml:1873 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2737,17 +2749,17 @@ msgstr "" "”p11tool” med t.ex. ”--list-all” visa även PKCS#11 URI:er." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1892 msgid "pam_initgroups_scheme" msgstr "pam_initgroups_scheme" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1897 +#: sssd.conf.5.xml:1900 msgid "always" msgstr "always" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1898 +#: sssd.conf.5.xml:1901 msgid "" "Always do an online lookup, please note that pam_id_timeout still applies" msgstr "" @@ -2755,12 +2767,12 @@ msgstr "" "fortfarande gäller" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1902 +#: sssd.conf.5.xml:1905 msgid "no_session" msgstr "no_session" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1903 +#: sssd.conf.5.xml:1906 msgid "" "Only do an online lookup if there is no active session of the user, i.e. if " "the user is currently not logged in" @@ -2769,12 +2781,12 @@ msgstr "" "användaren, d.v.s. om användaren inte är inloggad för närvarande" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1908 +#: sssd.conf.5.xml:1911 msgid "never" msgstr "never" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1909 +#: sssd.conf.5.xml:1912 msgid "" "Never force an online lookup, use the data from the cache as long as they " "are not expired" @@ -2783,7 +2795,7 @@ msgstr "" "inte har gått ut" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1892 +#: sssd.conf.5.xml:1895 msgid "" "The PAM responder can force an online lookup to get the current group " "memberships of the user trying to log in. This option controls when this " @@ -2796,17 +2808,17 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1916 +#: sssd.conf.5.xml:1919 msgid "Default: no_session" msgstr "Standard: no_session" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1921 sssd.conf.5.xml:4350 +#: sssd.conf.5.xml:1924 sssd.conf.5.xml:4353 msgid "pam_gssapi_services" msgstr "pam_gssapi_services" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1924 +#: sssd.conf.5.xml:1927 msgid "" "Comma separated list of PAM services that are allowed to try GSSAPI " "authentication using pam_sss_gss.so module." @@ -2815,7 +2827,7 @@ msgstr "" "autentisering med modulen pam_sss_gss.so." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:1932 msgid "" "To disable GSSAPI authentication, set this option to <quote>-</quote> (dash)." msgstr "" @@ -2823,7 +2835,7 @@ msgstr "" "quote> (streck)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1933 sssd.conf.5.xml:1964 sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:1936 sssd.conf.5.xml:1967 sssd.conf.5.xml:2005 msgid "" "Note: This option can also be set per-domain which overwrites the value in " "[pam] section. It can also be set for trusted domain which overwrites the " @@ -2834,7 +2846,7 @@ msgstr "" "över värdet i domänsektionen." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1941 +#: sssd.conf.5.xml:1944 #, no-wrap msgid "" "pam_gssapi_services = sudo, sudo-i\n" @@ -2844,22 +2856,22 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1939 sssd.conf.5.xml:3913 +#: sssd.conf.5.xml:1942 sssd.conf.5.xml:3916 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "Exempel: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1945 +#: sssd.conf.5.xml:1948 msgid "Default: - (GSSAPI authentication is disabled)" msgstr "Standard: - (GSSAPI-autentisering är avaktiverat)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1950 sssd.conf.5.xml:4351 +#: sssd.conf.5.xml:1953 sssd.conf.5.xml:4354 msgid "pam_gssapi_check_upn" msgstr "pam_gssapi_check_upn" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1953 +#: sssd.conf.5.xml:1956 msgid "" "If True, SSSD will require that the Kerberos user principal that " "successfully authenticated through GSSAPI can be associated with the user " @@ -2870,7 +2882,7 @@ msgstr "" "Autentisering kommer misslyckas om kontrollen misslyckas." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1960 +#: sssd.conf.5.xml:1963 msgid "" "If False, every user that is able to obtained required service ticket will " "be authenticated." @@ -2879,12 +2891,12 @@ msgstr "" "autentiseras." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:1978 msgid "pam_gssapi_indicators_map" msgstr "pam_gssapi_indicators_map" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1978 +#: sssd.conf.5.xml:1981 msgid "" "Comma separated list of authentication indicators required to be present in " "a Kerberos ticket to access a PAM service that is allowed to try GSSAPI " @@ -2895,7 +2907,7 @@ msgstr "" "autentisering med modulen pam_sss_gss.so." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1984 +#: sssd.conf.5.xml:1987 msgid "" "Each element of the list can be either an authentication indicator name or a " "pair <quote>service:indicator</quote>. Indicators not prefixed with the PAM " @@ -2921,7 +2933,7 @@ msgstr "" "åtkomsten." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1997 +#: sssd.conf.5.xml:2000 msgid "" "To disable GSSAPI authentication indicator check, set this option to <quote>-" "</quote> (dash). To disable the check for a specific PAM service, add " @@ -2932,7 +2944,7 @@ msgstr "" "specifik PAM-tjänst, lägg till <quote>tjänst:-</quote>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2008 +#: sssd.conf.5.xml:2011 msgid "" "Following authentication indicators are supported by IPA Kerberos " "deployments:" @@ -2940,7 +2952,7 @@ msgstr "" "Följande autentiseringsindikatorer stödjs av IPA-Kerberosinstallationer:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2011 +#: sssd.conf.5.xml:2014 msgid "" "pkinit -- pre-authentication using X.509 certificates -- whether stored in " "files or on smart cards." @@ -2949,7 +2961,7 @@ msgstr "" "filer eller på smarta kort." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2014 +#: sssd.conf.5.xml:2017 msgid "" "hardened -- SPAKE pre-authentication or any pre-authentication wrapped in a " "FAST channel." @@ -2958,12 +2970,12 @@ msgstr "" "i en FAST-kanal." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2017 +#: sssd.conf.5.xml:2020 msgid "radius -- pre-authentication with the help of a RADIUS server." msgstr "radius — förautentisering med hjälp av en RADIUS-server." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2020 +#: sssd.conf.5.xml:2023 msgid "" "otp -- pre-authentication using integrated two-factor authentication (2FA or " "one-time password, OTP) in IPA." @@ -2972,12 +2984,12 @@ msgstr "" "(2FA eller engångslösenord, OTP) i IPA." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2023 +#: sssd.conf.5.xml:2026 msgid "idp -- pre-authentication using external identity provider." msgstr "idp — förautentisering med extern identitetsleverantör." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2033 +#: sssd.conf.5.xml:2036 #, no-wrap msgid "" "pam_gssapi_indicators_map = sudo:pkinit, sudo-i:pkinit\n" @@ -2987,7 +2999,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2028 +#: sssd.conf.5.xml:2031 msgid "" "Example: to require access to SUDO services only for users which obtained " "their Kerberos tickets with a X.509 certificate pre-authentication (PKINIT), " @@ -2998,18 +3010,18 @@ msgstr "" "(PKINIT), sätt <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2037 +#: sssd.conf.5.xml:2040 msgid "Default: not set (use of authentication indicators is not required)" msgstr "" "Standard: inte satt (användning av autentiseringsindikatorer krävs inte)" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2048 msgid "SUDO configuration options" msgstr "SUDO-konfigurationsalternativ" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2047 +#: sssd.conf.5.xml:2050 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -3027,12 +3039,12 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2064 +#: sssd.conf.5.xml:2067 msgid "sudo_timed (bool)" msgstr "sudo_timed (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2067 +#: sssd.conf.5.xml:2070 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." @@ -3041,12 +3053,12 @@ msgstr "" "tidsberoende sudoers-poster skall evalueras eller inte." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2079 +#: sssd.conf.5.xml:2082 msgid "sudo_threshold (integer)" msgstr "sudo_threshold (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2082 +#: sssd.conf.5.xml:2085 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -3061,22 +3073,22 @@ msgstr "" "gränsvärde gäller även IPA-sudo-kommandon och kommandogruppsökningar." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2101 +#: sssd.conf.5.xml:2104 msgid "AUTOFS configuration options" msgstr "AUTOFS-konfigurationsalternativ" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2103 +#: sssd.conf.5.xml:2106 msgid "These options can be used to configure the autofs service." msgstr "Dessa alternativ kan användas för att konfigurera tjänsten autofs." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2107 +#: sssd.conf.5.xml:2110 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2110 +#: sssd.conf.5.xml:2113 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -3087,22 +3099,22 @@ msgstr "" "finns) innan bakänden tillfrågas igen." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2126 +#: sssd.conf.5.xml:2129 msgid "SSH configuration options" msgstr "SSH-konfigurationsalternativ" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2128 +#: sssd.conf.5.xml:2131 msgid "These options can be used to configure the SSH service." msgstr "Dessa alternativ kan användas för att konfigurera tjänsten SSH." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:2135 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2135 +#: sssd.conf.5.xml:2138 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." @@ -3111,12 +3123,12 @@ msgstr "" "till kontrollsummor eller inte." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2144 +#: sssd.conf.5.xml:2147 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2147 +#: sssd.conf.5.xml:2150 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." @@ -3125,17 +3137,17 @@ msgstr "" "att dess värdnycklar begärdes." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2154 msgid "Default: 180" msgstr "Standard: 180" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2156 +#: sssd.conf.5.xml:2159 msgid "ssh_use_certificate_keys (bool)" msgstr "ssh_use_certificate_keys (bool)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2159 +#: sssd.conf.5.xml:2162 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -3149,12 +3161,12 @@ msgstr "" "manvolnum> </citerefentry> för detaljer." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2174 +#: sssd.conf.5.xml:2177 msgid "ssh_use_certificate_matching_rules (string)" msgstr "ssh_use_certificate_matching_rules (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2177 +#: sssd.conf.5.xml:2180 msgid "" "By default the ssh responder will use all available certificate matching " "rules to filter the certificates so that ssh keys are only derived from the " @@ -3169,7 +3181,7 @@ msgstr "" "regelnamn. Alla andra regler kommer ignoreras." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2186 +#: sssd.conf.5.xml:2189 msgid "" "There are two special key words 'all_rules' and 'no_rules' which will enable " "all or no rules, respectively. The latter means that no certificates will be " @@ -3181,7 +3193,7 @@ msgstr "" "certifikat." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2193 +#: sssd.conf.5.xml:2196 msgid "" "If no rules are configured using 'all_rules' will enable a default rule " "which enables all certificates suitable for client authentication. This is " @@ -3194,7 +3206,7 @@ msgstr "" "certifikatautentisering är aktiverat." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2200 +#: sssd.conf.5.xml:2203 msgid "" "A non-existing rule name is considered an error. If as a result no rule is " "selected all certificates will be ignored." @@ -3203,7 +3215,7 @@ msgstr "" "ingen regel blir vald kommer alla certifikat ignoreras." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2205 +#: sssd.conf.5.xml:2208 msgid "" "Default: not set, equivalent to 'all_rules', all found rules or the default " "rule are used" @@ -3212,12 +3224,12 @@ msgstr "" "standardregeln används" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2211 +#: sssd.conf.5.xml:2214 msgid "ca_db (string)" msgstr "ca_db (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2214 +#: sssd.conf.5.xml:2217 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." @@ -3226,12 +3238,12 @@ msgstr "" "validera användarcertifikat före publika ssh-nycklar härleds från dem." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2234 +#: sssd.conf.5.xml:2237 msgid "PAC responder configuration options" msgstr "PAC-respondentskonfigurationsalternativ" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2239 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -3249,7 +3261,7 @@ msgstr "" "kommer några av följande operationer att göras:" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2245 +#: sssd.conf.5.xml:2248 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -3265,7 +3277,7 @@ msgstr "" "skrivas över med parametern default_shell." #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2253 +#: sssd.conf.5.xml:2256 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." @@ -3274,17 +3286,17 @@ msgstr "" "användaren läggas till i dessa grupper." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2259 +#: sssd.conf.5.xml:2262 msgid "These options can be used to configure the PAC responder." msgstr "Dessa alternativ kan användas för att konfigurera PAC-respondenten." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2263 sssd-ifp.5.xml:66 +#: sssd.conf.5.xml:2266 sssd-ifp.5.xml:66 msgid "allowed_uids (string)" msgstr "allowed_uids (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2266 +#: sssd.conf.5.xml:2269 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -3295,7 +3307,7 @@ msgstr "" "uppstart." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2272 +#: sssd.conf.5.xml:2275 msgid "" "Default: 0, &sssd_user_name; (only root and SSSD service users are allowed " "to access the PAC responder)" @@ -3304,12 +3316,12 @@ msgstr "" "tillåts komma åt PAC-respondenten)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2279 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "Standard: 0 (endast root-användaren tillåts komma åt PAC-respondenten)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2280 +#: sssd.conf.5.xml:2283 msgid "" "Please note that defaults will be overwritten with this option. If you still " "want to allow the root and/or '&sssd_user_name;' user to access the PAC " @@ -3323,7 +3335,7 @@ msgstr "" "AID:er." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2287 +#: sssd.conf.5.xml:2290 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -3336,12 +3348,12 @@ msgstr "" "0 i listan av tillåtna AID:er." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2296 +#: sssd.conf.5.xml:2299 msgid "pac_lifetime (integer)" msgstr "pac_lifetime (heltal)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2299 +#: sssd.conf.5.xml:2302 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." @@ -3350,12 +3362,12 @@ msgstr "" "datan användas för att avgöra gruppmedlemskap för en användare." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2309 +#: sssd.conf.5.xml:2312 msgid "pac_check (string)" msgstr "pac_check (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2312 +#: sssd.conf.5.xml:2315 msgid "" "Apply additional checks on the PAC of the Kerberos ticket which is available " "in Active Directory and FreeIPA domains, if configured. Please note that " @@ -3372,12 +3384,12 @@ msgstr "" "krb5_validate är satt till ”False” kommer PAC-kontrollerna hoppas över." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2326 +#: sssd.conf.5.xml:2329 msgid "no_check" msgstr "no_check" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2328 +#: sssd.conf.5.xml:2331 msgid "" "The PAC must not be present and even if it is present no additional checks " "will be done." @@ -3386,12 +3398,12 @@ msgstr "" "kontroller att göras." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2334 +#: sssd.conf.5.xml:2337 msgid "pac_present" msgstr "pac_present" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:2339 msgid "" "The PAC must be present in the service ticket which SSSD will request with " "the help of the user's TGT. If the PAC is not available the authentication " @@ -3402,12 +3414,12 @@ msgstr "" "misslyckas." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2344 +#: sssd.conf.5.xml:2347 msgid "check_upn" msgstr "check_upn" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2346 +#: sssd.conf.5.xml:2349 msgid "" "If the PAC is present check if the user principal name (UPN) information is " "consistent." @@ -3416,12 +3428,12 @@ msgstr "" "(UPN) är konsistent." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2352 +#: sssd.conf.5.xml:2355 msgid "check_upn_allow_missing" msgstr "check_upn_allow_missing" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2357 msgid "" "This option should be used together with 'check_upn' and handles the case " "where a UPN is set on the server-side but is not read by SSSD. The typical " @@ -3440,7 +3452,7 @@ msgstr "" "inte längre någon anledning att sätta ”ldap_user_principal”." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2366 +#: sssd.conf.5.xml:2369 msgid "" "Currently this option is set by default to avoid regressions in such " "environments. A log message will be added to the system log and SSSD's debug " @@ -3458,22 +3470,22 @@ msgstr "" "loggmeddelandet." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2380 +#: sssd.conf.5.xml:2383 msgid "upn_dns_info_present" msgstr "upn_dns_info_present" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2382 +#: sssd.conf.5.xml:2385 msgid "The PAC must contain the UPN-DNS-INFO buffer, implies 'check_upn'." msgstr "PAC:en måste innehålla bufferten UPN-DNS-INFO, implicerar ”check_upn”." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2387 +#: sssd.conf.5.xml:2390 msgid "check_upn_dns_info_ex" msgstr "check_upn_dns_info_ex" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2389 +#: sssd.conf.5.xml:2392 msgid "" "If the PAC is present and the extension to the UPN-DNS-INFO buffer is " "available check if the information in the extension is consistent." @@ -3482,12 +3494,12 @@ msgstr "" "kontrollera om informationen i utökningen är konsistent." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2396 +#: sssd.conf.5.xml:2399 msgid "upn_dns_info_ex_present" msgstr "upn_dns_info_ex_present" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2401 msgid "" "The PAC must contain the extension of the UPN-DNS-INFO buffer, implies " "'check_upn_dns_info_ex', 'upn_dns_info_present' and 'check_upn'." @@ -3496,7 +3508,7 @@ msgstr "" "”check_upn_dns_info_ex”, ”upn_dns_info_present” och ”check_upn”." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2325 msgid "" "The following options can be used alone or in a comma-separated list: " "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -3505,7 +3517,7 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2408 +#: sssd.conf.5.xml:2411 msgid "" "Default: no_check (AD and IPA provider 'check_upn, check_upn_allow_missing, " "check_upn_dns_info_ex')" @@ -3514,12 +3526,12 @@ msgstr "" "check_upn_allow_missing, check_upn_dns_info_ex”)" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2417 +#: sssd.conf.5.xml:2420 msgid "Session recording configuration options" msgstr "Konfigurationsalternativ för inspelning av sessioner" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2419 +#: sssd.conf.5.xml:2422 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -3535,33 +3547,33 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2432 +#: sssd.conf.5.xml:2435 msgid "These options can be used to configure session recording." msgstr "" "Dessa alternativ kan användas för att konfigurera inspelning av sessioner." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2436 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:2439 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "scope (sträng)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2443 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:2446 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "”none”" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2446 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:2449 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "Inga användare spelas in." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2451 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:2454 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "”some”" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2454 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:2457 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." @@ -3570,17 +3582,17 @@ msgstr "" "och <replaceable>groups</replaceable> spelas in." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2463 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:2466 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "”all”" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2466 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:2469 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "Alla användare spelas in." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2439 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:2442 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -3589,17 +3601,17 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:2476 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "Standard: ”none”" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2478 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:2481 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "users (sträng)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2481 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:2484 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -3610,17 +3622,17 @@ msgstr "" "efter eventuellt utbyte av mellanslag, ändring av skiftläge, etc." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2487 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:2490 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "Standard: Tomt. Matchar inte några användare." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2492 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:2495 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "groups (sträng)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2495 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:2498 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -3631,7 +3643,7 @@ msgstr "" "efter eventuellt utbyte av mellanslag, ändring av skiftläge, etc." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2501 sssd.conf.5.xml:2533 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:2504 sssd.conf.5.xml:2536 sssd-session-recording.5.xml:129 #: sssd-session-recording.5.xml:161 msgid "" "NOTE: using this option (having it set to anything) has a considerable " @@ -3643,17 +3655,17 @@ msgstr "" "användare måste hämtas och matchas mot grupperna användaren är en medlem i." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2508 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:2511 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "Standard: Tom. Matchar inga grupper." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2513 sssd-session-recording.5.xml:141 +#: sssd.conf.5.xml:2516 sssd-session-recording.5.xml:141 msgid "exclude_users (string)" msgstr "exclude_users (sträng)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2516 sssd-session-recording.5.xml:144 +#: sssd.conf.5.xml:2519 sssd-session-recording.5.xml:144 msgid "" "A comma-separated list of users to be excluded from recording, only " "applicable with 'scope=all'." @@ -3662,17 +3674,17 @@ msgstr "" "tillämpligt med ”scope=all”." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2520 sssd-session-recording.5.xml:148 +#: sssd.conf.5.xml:2523 sssd-session-recording.5.xml:148 msgid "Default: Empty. No users excluded." msgstr "Standard: Tomt. Inga användare uteslutna." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2525 sssd-session-recording.5.xml:153 +#: sssd.conf.5.xml:2528 sssd-session-recording.5.xml:153 msgid "exclude_groups (string)" msgstr "exclude_groups (sträng)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2528 sssd-session-recording.5.xml:156 +#: sssd.conf.5.xml:2531 sssd-session-recording.5.xml:156 msgid "" "A comma-separated list of groups, members of which should be excluded from " "recording. Only applicable with 'scope=all'." @@ -3681,23 +3693,23 @@ msgstr "" "inspelning. Endast tillämpligt med ”scope=all”." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2540 sssd-session-recording.5.xml:168 +#: sssd.conf.5.xml:2543 sssd-session-recording.5.xml:168 msgid "Default: Empty. No groups excluded." msgstr "Standard: Tom. Inga grupper uteslutna." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:2550 +#: sssd.conf.5.xml:2553 msgid "DOMAIN SECTIONS" msgstr "DOMÄNSEKTIONER" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para> -#: sssd.conf.5.xml:2557 sssd.conf.5.xml:4041 sssd.conf.5.xml:4042 -#: sssd.conf.5.xml:4045 +#: sssd.conf.5.xml:2560 sssd.conf.5.xml:4044 sssd.conf.5.xml:4045 +#: sssd.conf.5.xml:4048 msgid "enabled" msgstr "aktiverat" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2560 +#: sssd.conf.5.xml:2563 msgid "" "Explicitly enable or disable the domain. If <quote>true</quote>, the domain " "is always <quote>enabled</quote>. If <quote>false</quote>, the domain is " @@ -3712,12 +3724,12 @@ msgstr "" "quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2572 +#: sssd.conf.5.xml:2575 msgid "domain_type (string)" msgstr "domain_type (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2578 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -3730,7 +3742,7 @@ msgstr "" "operativsystemets gränssnitt och verktyg." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2583 +#: sssd.conf.5.xml:2586 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." @@ -3739,7 +3751,7 @@ msgstr "" "<quote>application</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2587 +#: sssd.conf.5.xml:2590 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -3752,7 +3764,7 @@ msgstr "" "respondenten." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2595 +#: sssd.conf.5.xml:2598 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." @@ -3761,7 +3773,7 @@ msgstr "" "<quote>id_provider=ldap</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2602 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." @@ -3770,17 +3782,17 @@ msgstr "" "<quote>Programdomäner</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2603 +#: sssd.conf.5.xml:2606 msgid "Default: posix" msgstr "Standard: posix" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2609 +#: sssd.conf.5.xml:2612 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2615 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -3789,7 +3801,7 @@ msgstr "" "utanför dessa gränser ignoreras den." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2617 +#: sssd.conf.5.xml:2620 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -3802,7 +3814,7 @@ msgstr "" "ligger i intervallet rapporteras som förväntat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2627 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." @@ -3811,17 +3823,17 @@ msgstr "" "när de returneras via namn eller ID." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2631 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Standard: 1 för min_id, 0 (ingen gräns) för max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2637 msgid "enumerate (bool)" msgstr "enumerate (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2637 +#: sssd.conf.5.xml:2640 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -3834,22 +3846,22 @@ msgstr "" "Denna parameter kan ha ett av följande värden:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:2648 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = Användare och grupper räknas upp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:2651 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = Inga uppräkningar för denna domän" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2651 sssd.conf.5.xml:2942 sssd.conf.5.xml:3119 +#: sssd.conf.5.xml:2654 sssd.conf.5.xml:2945 sssd.conf.5.xml:3122 msgid "Default: FALSE" msgstr "Standard: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2654 +#: sssd.conf.5.xml:2657 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." @@ -3858,7 +3870,7 @@ msgstr "" "grupposter från fjärrservern." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2659 +#: sssd.conf.5.xml:2662 msgid "" "Feature is only supported for domains with id_provider = ldap or id_provider " "= proxy." @@ -3867,7 +3879,7 @@ msgstr "" "= proxy." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2663 +#: sssd.conf.5.xml:2666 msgid "" "Note: Enabling enumeration has a severe performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -3890,7 +3902,7 @@ msgstr "" "med startas om av den interna vakthunden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2678 +#: sssd.conf.5.xml:2681 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -3899,7 +3911,7 @@ msgstr "" "användar- eller grupplistan returnera utan resultat tills den är färdig." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2683 +#: sssd.conf.5.xml:2686 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -3912,7 +3924,7 @@ msgstr "" "information, se manualsidorna för den specifika id-leverantören som används." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2694 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." @@ -3921,7 +3933,7 @@ msgstr "" "stora miljöer." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2696 +#: sssd.conf.5.xml:2699 msgid "" "Note: the proxy provider is tested with open source modules like " "'libnss_files' and 'libnss_ldap'. 3rd party modules must follow the " @@ -3933,32 +3945,32 @@ msgstr "" "konfiguration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2705 +#: sssd.conf.5.xml:2708 msgid "subdomain_enumerate (string)" msgstr "subdomain_enumerate (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2712 +#: sssd.conf.5.xml:2715 msgid "all" msgstr "all" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2716 msgid "All discovered trusted domains will be enumerated" msgstr "Alla upptäckta betrodda domäner kommer räknas upp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2716 +#: sssd.conf.5.xml:2719 msgid "none" msgstr "none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2717 +#: sssd.conf.5.xml:2720 msgid "No discovered trusted domains will be enumerated" msgstr "Inga upptäckta betrodda domäner kommer räknas upp" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2708 +#: sssd.conf.5.xml:2711 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -3971,12 +3983,12 @@ msgstr "" "bara för dessa betrodda domäner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2731 +#: sssd.conf.5.xml:2734 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2734 +#: sssd.conf.5.xml:2737 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -3985,7 +3997,7 @@ msgstr "" "bakänden igen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2738 +#: sssd.conf.5.xml:2741 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -4002,17 +4014,17 @@ msgstr "" "redan har cachats." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2751 +#: sssd.conf.5.xml:2754 msgid "Default: 5400" msgstr "Standard: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2757 +#: sssd.conf.5.xml:2760 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2760 +#: sssd.conf.5.xml:2763 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" @@ -4021,19 +4033,19 @@ msgstr "" "bakänden igen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2764 sssd.conf.5.xml:2777 sssd.conf.5.xml:2790 -#: sssd.conf.5.xml:2803 sssd.conf.5.xml:2817 sssd.conf.5.xml:2830 -#: sssd.conf.5.xml:2844 sssd.conf.5.xml:2858 sssd.conf.5.xml:2871 +#: sssd.conf.5.xml:2767 sssd.conf.5.xml:2780 sssd.conf.5.xml:2793 +#: sssd.conf.5.xml:2806 sssd.conf.5.xml:2820 sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2847 sssd.conf.5.xml:2861 sssd.conf.5.xml:2874 msgid "Default: entry_cache_timeout" msgstr "Standard: entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2773 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2776 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" @@ -4042,12 +4054,12 @@ msgstr "" "bakänden igen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2783 +#: sssd.conf.5.xml:2786 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2786 +#: sssd.conf.5.xml:2789 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" @@ -4056,12 +4068,12 @@ msgstr "" "frågar bakänden igen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2796 +#: sssd.conf.5.xml:2799 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2799 +#: sssd.conf.5.xml:2802 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" @@ -4070,12 +4082,12 @@ msgstr "" "bakänden igen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2812 msgid "entry_cache_resolver_timeout (integer)" msgstr "entry_cache_resolver_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2812 +#: sssd.conf.5.xml:2815 msgid "" "How many seconds should nss_sss consider hosts and networks entries valid " "before asking the backend again" @@ -4084,12 +4096,12 @@ msgstr "" "den frågar bakänden igen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:2826 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2826 +#: sssd.conf.5.xml:2829 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" @@ -4098,12 +4110,12 @@ msgstr "" "igen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2836 +#: sssd.conf.5.xml:2839 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2839 +#: sssd.conf.5.xml:2842 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" @@ -4112,12 +4124,12 @@ msgstr "" "giltiga före den frågar bakänden igen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2850 +#: sssd.conf.5.xml:2853 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "entry_cache_ssh_host_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2853 +#: sssd.conf.5.xml:2856 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." @@ -4126,12 +4138,12 @@ msgstr "" "hur länge värdnyckeln skall cachas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2867 msgid "entry_cache_computer_timeout (integer)" msgstr "entry_cache_computer_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2867 +#: sssd.conf.5.xml:2870 msgid "" "How many seconds to keep the local computer entry before asking the backend " "again" @@ -4140,12 +4152,12 @@ msgstr "" "igen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2877 +#: sssd.conf.5.xml:2880 msgid "refresh_expired_interval (integer)" msgstr "refresh_expired_interval (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2880 +#: sssd.conf.5.xml:2883 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." @@ -4155,7 +4167,7 @@ msgstr "" "utgångna poster." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2885 +#: sssd.conf.5.xml:2888 msgid "" "The background refresh will process users, groups and netgroups in the " "cache. For users who have performed the initgroups (get group membership for " @@ -4168,17 +4180,17 @@ msgstr "" "uppdateras både användarposten och gruppmedlemskapet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2893 +#: sssd.conf.5.xml:2896 msgid "This option is automatically inherited for all trusted domains." msgstr "Denna flagga ärvs automatiskt för alla betrodda domäner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2897 +#: sssd.conf.5.xml:2900 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "Du kan överväga att sätta detta värde till ¾ · entry_cache_timeout." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2901 +#: sssd.conf.5.xml:2904 msgid "" "Cache entry will be refreshed by background task when 2/3 of cache timeout " "has already passed. If there are existing cached entries, the background " @@ -4198,18 +4210,18 @@ msgstr "" "vilja manuellt invalidera den befintliga cachen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2914 sssd-ldap.5.xml:361 sssd-ldap.5.xml:1774 +#: sssd.conf.5.xml:2917 sssd-ldap.5.xml:372 sssd-ldap.5.xml:1785 #: sssd-ipa.5.xml:270 msgid "Default: 0 (disabled)" msgstr "Standard: 0 (avaktiverat)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2920 +#: sssd.conf.5.xml:2923 msgid "cache_credentials (bool)" msgstr "cache_credentials (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:2926 msgid "" "Determines if user credentials are also cached in the local LDB cache. The " "cached credentials refer to passwords, which includes the first (long term) " @@ -4226,7 +4238,7 @@ msgstr "" "konfiguration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2934 +#: sssd.conf.5.xml:2937 msgid "" "Take a note that while credentials are stored as a salted SHA512 hash, this " "still potentially poses some security risk in case an attacker manages to " @@ -4239,12 +4251,12 @@ msgstr "" "och att knäcka ett lösenord med en råstyrkeattack." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:2951 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "cache_credentials_minimal_first_factor_length (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2951 +#: sssd.conf.5.xml:2954 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -4255,7 +4267,7 @@ msgstr "" "lösenord) måste ha för att sparas som en SHA512-kontrollsumma i cachen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2958 +#: sssd.conf.5.xml:2961 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." @@ -4265,12 +4277,12 @@ msgstr "" "attacker." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:2972 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:2975 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -4283,17 +4295,17 @@ msgstr "" "offline_credentials_expiration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2979 +#: sssd.conf.5.xml:2982 msgid "Default: 0 (unlimited)" msgstr "Standard: 0 (obegränsat)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:2987 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2995 +#: sssd.conf.5.xml:2998 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -4305,17 +4317,17 @@ msgstr "" "Dessutom måste en autentiseringsleverantör ha konfigurerats för bakänden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3002 +#: sssd.conf.5.xml:3005 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "Standard: 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3008 +#: sssd.conf.5.xml:3011 msgid "id_provider (string)" msgstr "id_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3011 +#: sssd.conf.5.xml:3014 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" @@ -4323,12 +4335,12 @@ msgstr "" "stödjs är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3015 +#: sssd.conf.5.xml:3018 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "<quote>proxy</quote>: Stöd en tidigare NSS-leverantör." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3018 +#: sssd.conf.5.xml:3021 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -4339,7 +4351,7 @@ msgstr "" "information om hur lokala användare och grupper kan speglas in i SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3026 +#: sssd.conf.5.xml:3029 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -4350,8 +4362,8 @@ msgstr "" "information om att konfigurera LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3034 sssd.conf.5.xml:3145 sssd.conf.5.xml:3196 -#: sssd.conf.5.xml:3259 +#: sssd.conf.5.xml:3037 sssd.conf.5.xml:3148 sssd.conf.5.xml:3199 +#: sssd.conf.5.xml:3262 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Identity Management provider. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -4362,8 +4374,8 @@ msgstr "" "manvolnum> </citerefentry> för mer information om att konfigurera FreeIPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3043 sssd.conf.5.xml:3154 sssd.conf.5.xml:3205 -#: sssd.conf.5.xml:3268 +#: sssd.conf.5.xml:3046 sssd.conf.5.xml:3157 sssd.conf.5.xml:3208 +#: sssd.conf.5.xml:3271 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4374,12 +4386,12 @@ msgstr "" "citerefentry> för mer information om att konfigurera Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3054 +#: sssd.conf.5.xml:3057 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3057 +#: sssd.conf.5.xml:3060 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." @@ -4388,7 +4400,7 @@ msgstr "" "full_name_format) som användarens inloggningsnamn rapporterat till NSS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3062 +#: sssd.conf.5.xml:3065 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -4402,7 +4414,7 @@ msgstr "" "command> skulle det." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3070 +#: sssd.conf.5.xml:3073 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -4414,7 +4426,7 @@ msgstr "" "namn begärs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3077 +#: sssd.conf.5.xml:3080 msgid "" "Default: FALSE (TRUE for trusted domain/sub-domains or if " "default_domain_suffix is used)" @@ -4423,17 +4435,17 @@ msgstr "" "default_domain_suffix används)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3084 +#: sssd.conf.5.xml:3087 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3087 +#: sssd.conf.5.xml:3090 msgid "Do not return group members for group lookups." msgstr "Returnera inte gruppmedlemmar för gruppuppslagningar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3090 +#: sssd.conf.5.xml:3093 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -4452,7 +4464,7 @@ msgstr "" "som om den vore tom." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3111 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -4463,11 +4475,11 @@ msgstr "" "innehåller många medlemmar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3114 sssd.conf.5.xml:3835 sssd-ldap.5.xml:327 -#: sssd-ldap.5.xml:356 sssd-ldap.5.xml:409 sssd-ldap.5.xml:469 -#: sssd-ldap.5.xml:490 sssd-ldap.5.xml:521 sssd-ldap.5.xml:544 -#: sssd-ldap.5.xml:583 sssd-ldap.5.xml:602 sssd-ldap.5.xml:626 -#: sssd-ldap.5.xml:1054 sssd-ldap.5.xml:1087 +#: sssd.conf.5.xml:3117 sssd.conf.5.xml:3838 sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:367 sssd-ldap.5.xml:420 sssd-ldap.5.xml:480 +#: sssd-ldap.5.xml:501 sssd-ldap.5.xml:532 sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:594 sssd-ldap.5.xml:613 sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:1065 sssd-ldap.5.xml:1098 msgid "" "This option can be also set per subdomain or inherited via " "<emphasis>subdomain_inherit</emphasis>." @@ -4476,12 +4488,12 @@ msgstr "" "<emphasis>subdomain_inherit</emphasis>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3124 +#: sssd.conf.5.xml:3127 msgid "auth_provider (string)" msgstr "auth_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3127 +#: sssd.conf.5.xml:3130 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -4490,7 +4502,7 @@ msgstr "" "är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3131 sssd.conf.5.xml:3189 +#: sssd.conf.5.xml:3134 sssd.conf.5.xml:3192 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4501,7 +4513,7 @@ msgstr "" "citerefentry> för mer information om att konfigurera LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3138 +#: sssd.conf.5.xml:3141 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4512,7 +4524,7 @@ msgstr "" "citerefentry> för mer information om att konfigurera Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3162 +#: sssd.conf.5.xml:3165 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" @@ -4520,12 +4532,12 @@ msgstr "" "PAM-mål." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3168 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> avaktiverar explicit autentisering." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3168 +#: sssd.conf.5.xml:3171 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -4534,12 +4546,12 @@ msgstr "" "autentiseringsbegäranden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3174 +#: sssd.conf.5.xml:3177 msgid "access_provider (string)" msgstr "access_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3177 +#: sssd.conf.5.xml:3180 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -4550,7 +4562,7 @@ msgstr "" "Interna specialleverantörer är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3183 +#: sssd.conf.5.xml:3186 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." @@ -4559,12 +4571,12 @@ msgstr "" "åtkomstleverantören för en lokal domän." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3186 +#: sssd.conf.5.xml:3189 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> neka alltid åtkomst." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3213 +#: sssd.conf.5.xml:3216 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -4577,7 +4589,7 @@ msgstr "" "konfigurera åtkomstmodulen simple." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3223 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -4588,24 +4600,24 @@ msgstr "" "citerefentry> för mer information om att konfigurera Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3227 +#: sssd.conf.5.xml:3230 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" "<quote>proxy</quote> för att skicka vidare åtkomstkontroll till någon annan " "PAM-modul." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3230 +#: sssd.conf.5.xml:3233 msgid "Default: <quote>permit</quote>" msgstr "Standard: <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3235 +#: sssd.conf.5.xml:3238 msgid "chpass_provider (string)" msgstr "chpass_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3238 +#: sssd.conf.5.xml:3241 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -4614,7 +4626,7 @@ msgstr "" "av lösenordsändring som stödjs är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3243 +#: sssd.conf.5.xml:3246 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -4625,7 +4637,7 @@ msgstr "" "manvolnum> </citerefentry> för mer information om att konfigurera LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3251 +#: sssd.conf.5.xml:3254 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4636,7 +4648,7 @@ msgstr "" "citerefentry> för mer information om att konfigurera Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3276 +#: sssd.conf.5.xml:3279 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" @@ -4644,12 +4656,12 @@ msgstr "" "annat PAM-mål." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3280 +#: sssd.conf.5.xml:3283 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "<quote>none</quote> tillåter uttryckligen inte lösenordsändringar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3283 +#: sssd.conf.5.xml:3286 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -4658,18 +4670,18 @@ msgstr "" "hantera begäranden om ändring av lösenord." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3290 +#: sssd.conf.5.xml:3293 msgid "sudo_provider (string)" msgstr "sudo_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3293 +#: sssd.conf.5.xml:3296 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" "SUDO-leverantören som används för domänen. SUDO-leverantörer som stödjs är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3297 +#: sssd.conf.5.xml:3300 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4680,7 +4692,7 @@ msgstr "" "citerefentry> för mer information om att konfigurera LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3305 +#: sssd.conf.5.xml:3308 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." @@ -4689,7 +4701,7 @@ msgstr "" "standardsinställningar för IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3309 +#: sssd.conf.5.xml:3312 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." @@ -4698,18 +4710,18 @@ msgstr "" "standardsinställningar för AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3313 +#: sssd.conf.5.xml:3316 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "<quote>none</quote> avaktiverar explicit SUDO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3316 sssd.conf.5.xml:3402 sssd.conf.5.xml:3467 -#: sssd.conf.5.xml:3492 sssd.conf.5.xml:3528 +#: sssd.conf.5.xml:3319 sssd.conf.5.xml:3405 sssd.conf.5.xml:3470 +#: sssd.conf.5.xml:3495 sssd.conf.5.xml:3531 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "Standard: värdet på <quote>id_provider</quote> används om det är satt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3320 +#: sssd.conf.5.xml:3323 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -4726,7 +4738,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3335 +#: sssd.conf.5.xml:3338 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -4739,12 +4751,12 @@ msgstr "" "relaterad aktivitet i SSSD om du inte vill använda sudo med SSSD alls." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3345 +#: sssd.conf.5.xml:3348 msgid "selinux_provider (string)" msgstr "selinux_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3348 +#: sssd.conf.5.xml:3351 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -4755,7 +4767,7 @@ msgstr "" "åtkomstleverantören avslutar. Selinux-leverantörer som stödjs är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3354 +#: sssd.conf.5.xml:3357 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -4766,14 +4778,14 @@ msgstr "" "manvolnum> </citerefentry> för mer information om att konfigurera IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3362 +#: sssd.conf.5.xml:3365 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" "<quote>none</quote> tillåter uttryckligen inte att hämta selinux-" "inställningar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3365 +#: sssd.conf.5.xml:3368 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." @@ -4782,12 +4794,12 @@ msgstr "" "begäranden om inläsning av selinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3371 +#: sssd.conf.5.xml:3374 msgid "subdomains_provider (string)" msgstr "subdomains_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3374 +#: sssd.conf.5.xml:3377 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" @@ -4796,7 +4808,7 @@ msgstr "" "alltid vara samma som id_provider. Underdomänsleverantörer som stödjs är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3380 +#: sssd.conf.5.xml:3383 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -4808,7 +4820,7 @@ msgstr "" "konfigurera IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3389 +#: sssd.conf.5.xml:3392 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -4821,17 +4833,17 @@ msgstr "" "konfigurera AD-leverantören." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3398 +#: sssd.conf.5.xml:3401 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "<quote>none</quote> tillåter uttryckligen inte att hämta underdomäner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3408 +#: sssd.conf.5.xml:3411 msgid "session_provider (string)" msgstr "session_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3411 +#: sssd.conf.5.xml:3414 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -4843,14 +4855,14 @@ msgstr "" "med IPA. Sessionsleverantörer som stödjs är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3418 +#: sssd.conf.5.xml:3421 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" "<quote>ipa</quote> för att utföra uppgifter relaterade till " "användarsessioner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3422 +#: sssd.conf.5.xml:3425 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" @@ -4858,7 +4870,7 @@ msgstr "" "användarsessioner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3426 +#: sssd.conf.5.xml:3429 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." @@ -4867,12 +4879,12 @@ msgstr "" "sessionsrelaterade uppgifter." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3433 +#: sssd.conf.5.xml:3436 msgid "autofs_provider (string)" msgstr "autofs_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3436 +#: sssd.conf.5.xml:3439 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" @@ -4880,7 +4892,7 @@ msgstr "" "är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3440 +#: sssd.conf.5.xml:3443 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4891,7 +4903,7 @@ msgstr "" "citerefentry> för mer information om att konfigurera LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3447 +#: sssd.conf.5.xml:3450 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4902,7 +4914,7 @@ msgstr "" "manvolnum> </citerefentry> för mer information om att konfigurera IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3455 +#: sssd.conf.5.xml:3458 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4914,17 +4926,17 @@ msgstr "" "leverantören." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3464 +#: sssd.conf.5.xml:3467 msgid "<quote>none</quote> disables autofs explicitly." msgstr "<quote>none</quote> avaktiverar explicit autofs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3474 +#: sssd.conf.5.xml:3477 msgid "hostid_provider (string)" msgstr "hostid_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3477 +#: sssd.conf.5.xml:3480 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" @@ -4933,7 +4945,7 @@ msgstr "" "leverantörer som stödjs är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3481 +#: sssd.conf.5.xml:3484 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -4944,17 +4956,17 @@ msgstr "" "manvolnum> </citerefentry> för mer information om att konfigurera IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3492 msgid "<quote>none</quote> disables hostid explicitly." msgstr "<quote>none</quote> avaktiverar explicit värd-id:n." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3499 +#: sssd.conf.5.xml:3502 msgid "resolver_provider (string)" msgstr "resolver_provider (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3502 +#: sssd.conf.5.xml:3505 msgid "" "The provider which should handle hosts and networks lookups. Supported " "resolver providers are:" @@ -4963,7 +4975,7 @@ msgstr "" "Uppslagsleverantörer som stödjs är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3506 +#: sssd.conf.5.xml:3509 msgid "" "<quote>proxy</quote> to forward lookups to another NSS library. See " "<quote>proxy_resolver_lib_name</quote>" @@ -4972,7 +4984,7 @@ msgstr "" "bibliotek. Se <quote>proxy_resolver_lib_name</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3510 +#: sssd.conf.5.xml:3513 msgid "" "<quote>ldap</quote> to fetch hosts and networks stored in LDAP. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -4983,7 +4995,7 @@ msgstr "" "manvolnum> </citerefentry> för mer information om att konfigurera LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3517 +#: sssd.conf.5.xml:3520 msgid "" "<quote>ad</quote> to fetch hosts and networks stored in AD. See " "<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" @@ -4996,13 +5008,13 @@ msgstr "" "leverantören." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3525 +#: sssd.conf.5.xml:3528 msgid "<quote>none</quote> disallows fetching hosts and networks explicitly." msgstr "" "<quote>none</quote> tillåter uttryckligen inte att hämta värdar och nätverk." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3538 +#: sssd.conf.5.xml:3541 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -5017,7 +5029,7 @@ msgstr "" "(NetBIOS) namnet på domänen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3547 +#: sssd.conf.5.xml:3550 msgid "" "Default: <quote>^((?P<name>.+)@(?P<domain>[^@]*)|(?P<name>" "[^@]+))$</quote> which allows two different styles for user names:" @@ -5026,17 +5038,17 @@ msgstr "" "name>[^@]+))$</quote> vilket tillåter två olika stilar av användarnamn:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3552 sssd.conf.5.xml:3566 +#: sssd.conf.5.xml:3555 sssd.conf.5.xml:3569 msgid "username" msgstr "användarnamn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3555 sssd.conf.5.xml:3569 +#: sssd.conf.5.xml:3558 sssd.conf.5.xml:3572 msgid "username@domain.name" msgstr "användarnamn@domän.namn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3560 +#: sssd.conf.5.xml:3563 msgid "" "Default for the AD and IPA provider: <quote>^(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+))|((?P<name>.+)@(?P<domain>[^@]+))|((?P<" @@ -5049,12 +5061,12 @@ msgstr "" "användarnamn:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3572 +#: sssd.conf.5.xml:3575 msgid "domain\\username" msgstr "domän\\användarnamn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3575 +#: sssd.conf.5.xml:3578 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." @@ -5063,7 +5075,7 @@ msgstr "" "tredje för att tillåta enkel integration av användare från Windows-domäner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3580 +#: sssd.conf.5.xml:3583 msgid "" "The default re_expression uses the <quote>@</quote> character as a separator " "between the name and the domain. As a result of this setting the default " @@ -5078,17 +5090,17 @@ msgstr "" "<quote>@</quote> måste de skapa sin egen re_expression." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3632 +#: sssd.conf.5.xml:3635 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Standard: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3638 +#: sssd.conf.5.xml:3641 msgid "lookup_family_order (string)" msgstr "lookup_family_order (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3641 +#: sssd.conf.5.xml:3644 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -5097,44 +5109,44 @@ msgstr "" "uppslagningar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3645 +#: sssd.conf.5.xml:3648 msgid "Supported values:" msgstr "Värden som stödjs:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3648 +#: sssd.conf.5.xml:3651 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" "ipv4_first: Försök slå upp IPv4-adresser, om det misslyckas, prova IPv6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3651 +#: sssd.conf.5.xml:3654 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "ipv4_only: Försök endast slå upp värdnamn som IPv4-adresser." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3654 +#: sssd.conf.5.xml:3657 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" "ipv6_first: Försök slå upp IPv6-adresser, om det misslyckas, prova IPv4" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3657 +#: sssd.conf.5.xml:3660 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "ipv6_only: Försök endast slå upp värdnamn som IPv6-adresser." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3660 +#: sssd.conf.5.xml:3663 msgid "Default: ipv4_first" msgstr "Standard: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3666 +#: sssd.conf.5.xml:3669 msgid "dns_resolver_server_timeout (integer)" msgstr "dns_resolver_server_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3669 +#: sssd.conf.5.xml:3672 msgid "" "Defines the amount of time (in milliseconds) SSSD would try to talk to DNS " "server before trying next DNS server." @@ -5143,7 +5155,7 @@ msgstr "" "DNS-server före den provar nästa DNS-server." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3674 +#: sssd.conf.5.xml:3677 msgid "" "The AD provider will use this option for the CLDAP ping timeouts as well." msgstr "" @@ -5151,7 +5163,7 @@ msgstr "" "pingtidsgränsen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3678 sssd.conf.5.xml:3698 sssd.conf.5.xml:3719 +#: sssd.conf.5.xml:3681 sssd.conf.5.xml:3701 sssd.conf.5.xml:3722 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." @@ -5159,17 +5171,17 @@ msgstr "" "Se avsnittet <quote>RESERVER</quote> för mer information om tjänstevalet." #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3683 sssd-ldap.5.xml:645 include/failover.xml:84 +#: sssd.conf.5.xml:3686 sssd-ldap.5.xml:656 include/failover.xml:84 msgid "Default: 1000" msgstr "Standard: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3689 +#: sssd.conf.5.xml:3692 msgid "dns_resolver_op_timeout (integer)" msgstr "dns_resolver_op_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3692 +#: sssd.conf.5.xml:3695 msgid "" "Defines the amount of time (in seconds) to wait to resolve single DNS query " "(e.g. resolution of a hostname or an SRV record) before trying the next " @@ -5180,17 +5192,17 @@ msgstr "" "nästa värdnamn eller DNS-upptäckt." #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3703 include/failover.xml:100 +#: sssd.conf.5.xml:3706 include/failover.xml:100 msgid "Default: 3" msgstr "Standard: 3" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3709 +#: sssd.conf.5.xml:3712 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3712 +#: sssd.conf.5.xml:3715 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -5202,12 +5214,12 @@ msgstr "" "nås kommer domänen fortsätta att fungera i frånkopplat läge." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3730 +#: sssd.conf.5.xml:3733 msgid "dns_resolver_use_search_list (bool)" msgstr "dns_resolver_use_search_list (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3733 +#: sssd.conf.5.xml:3736 msgid "" "Normally, the DNS resolver searches the domain list defined in the " "\"search\" directive from the resolv.conf file. This can lead to delays in " @@ -5218,7 +5230,7 @@ msgstr "" "med felaktigt konfigurerad DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3739 +#: sssd.conf.5.xml:3742 msgid "" "If fully qualified domain names (or _srv_) are used in the SSSD " "configuration, setting this option to FALSE can prevent unnecessary DNS " @@ -5229,17 +5241,17 @@ msgstr "" "DNS-uppslagningar i sådana miljöer." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3745 +#: sssd.conf.5.xml:3748 msgid "Default: TRUE" msgstr "Standard: TRUE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3751 +#: sssd.conf.5.xml:3754 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3754 +#: sssd.conf.5.xml:3757 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -5248,17 +5260,17 @@ msgstr "" "fråga om tjänsteupptäckt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3758 +#: sssd.conf.5.xml:3761 msgid "Default: Use the domain part of machine's hostname" msgstr "Standard: använd domändelen av maskinens värdnamn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3764 +#: sssd.conf.5.xml:3767 msgid "failover_primary_timeout (integer)" msgstr "failover_primary_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3767 +#: sssd.conf.5.xml:3770 msgid "" "When no primary server is available, SSSD fails over to a backup server. " "This option defines the number of seconds SSSD waits before attempting to " @@ -5269,57 +5281,57 @@ msgstr "" "den försöker återansluta till primärservern." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3774 +#: sssd.conf.5.xml:3777 msgid "Note: The minimum value is 31." msgstr "Observera: minimivärdet är 31." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3777 +#: sssd.conf.5.xml:3780 msgid "Default: 31" msgstr "Standard: 31" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3783 +#: sssd.conf.5.xml:3786 msgid "override_gid (integer)" msgstr "override_gid (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3786 +#: sssd.conf.5.xml:3789 msgid "Override the primary GID value with the one specified." msgstr "Ersätt det primära GID-värdet med det angivna." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3792 +#: sssd.conf.5.xml:3795 msgid "case_sensitive (string)" msgstr "case_sensitive (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3799 +#: sssd.conf.5.xml:3802 msgid "True" msgstr "True" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3802 +#: sssd.conf.5.xml:3805 msgid "Case sensitive. This value is invalid for AD provider." msgstr "Skiftlägeskänsligt. Detta värde är inte giltigt för AD-leverantörer." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3808 +#: sssd.conf.5.xml:3811 msgid "False" msgstr "False" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3810 +#: sssd.conf.5.xml:3813 msgid "Case insensitive." msgstr "Skiftlägesokänsligt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3814 +#: sssd.conf.5.xml:3817 msgid "Preserving" msgstr "Preserving" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3817 +#: sssd.conf.5.xml:3820 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -5330,7 +5342,7 @@ msgstr "" "tjänster även protokollnamn) fortfarande skiftas ner i utdata." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3825 +#: sssd.conf.5.xml:3828 msgid "" "If you want to set this value for trusted domain with IPA provider, you need " "to set it on both the client and SSSD on the server." @@ -5339,7 +5351,7 @@ msgstr "" "du sätta det på både klienten och SSSD på servern." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3795 +#: sssd.conf.5.xml:3798 msgid "" "Treat user and group names as case sensitive. Possible option values are: " "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -5348,17 +5360,17 @@ msgstr "" "värdena på alternativen är: <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3840 +#: sssd.conf.5.xml:3843 msgid "Default: True (False for AD provider)" msgstr "Standard: True (False för AD-leverantören)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3846 +#: sssd.conf.5.xml:3849 msgid "subdomain_inherit (string)" msgstr "subdomain_inherit (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3849 +#: sssd.conf.5.xml:3852 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -5369,47 +5381,47 @@ msgstr "" "följande alternativ ärvas:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3855 +#: sssd.conf.5.xml:3858 msgid "ldap_search_timeout" msgstr "ldap_search_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3858 +#: sssd.conf.5.xml:3861 msgid "ldap_network_timeout" msgstr "ldap_network_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3861 +#: sssd.conf.5.xml:3864 msgid "ldap_opt_timeout" msgstr "ldap_opt_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3864 +#: sssd.conf.5.xml:3867 msgid "ldap_offline_timeout" msgstr "ldap_offline_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3867 +#: sssd.conf.5.xml:3870 msgid "ldap_enumeration_refresh_timeout" msgstr "ldap_enumeration_refresh_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3870 +#: sssd.conf.5.xml:3873 msgid "ldap_enumeration_refresh_offset" msgstr "ldap_enumeration_refresh_offset" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3873 +#: sssd.conf.5.xml:3876 msgid "ldap_purge_cache_timeout" msgstr "ldap_purge_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3876 +#: sssd.conf.5.xml:3879 msgid "ldap_purge_cache_offset" msgstr "ldap_purge_cache_offset" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3879 +#: sssd.conf.5.xml:3882 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" @@ -5418,57 +5430,57 @@ msgstr "" "ldap_krb5_keytab sätts särskilt)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3883 +#: sssd.conf.5.xml:3886 msgid "ldap_krb5_ticket_lifetime" msgstr "ldap_krb5_ticket_lifetime" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3886 +#: sssd.conf.5.xml:3889 msgid "ldap_enumeration_search_timeout" msgstr "ldap_enumeration_search_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3889 +#: sssd.conf.5.xml:3892 msgid "ldap_connection_expire_timeout" msgstr "ldap_connection_expire_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3892 +#: sssd.conf.5.xml:3895 msgid "ldap_connection_expire_offset" msgstr "ldap_connection_expire_offset" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3895 +#: sssd.conf.5.xml:3898 msgid "ldap_connection_idle_timeout" msgstr "ldap_connection_idle_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3898 sssd-ldap.5.xml:401 +#: sssd.conf.5.xml:3901 sssd-ldap.5.xml:412 msgid "ldap_use_tokengroups" msgstr "ldap_use_tokengroups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3901 +#: sssd.conf.5.xml:3904 msgid "ldap_user_principal" msgstr "ldap_user_principal" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3904 +#: sssd.conf.5.xml:3907 msgid "ignore_group_members" msgstr "ignore_group_members" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3907 +#: sssd.conf.5.xml:3910 msgid "auto_private_groups" msgstr "auto_private_groups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3910 +#: sssd.conf.5.xml:3913 msgid "case_sensitive" msgstr "case_sensitive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3915 +#: sssd.conf.5.xml:3918 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -5478,28 +5490,28 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3922 +#: sssd.conf.5.xml:3925 msgid "Note: This option only works with the IPA and AD provider." msgstr "" "Observera: detta alternativ fungerar endast med leverantörerna IPA och AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3929 +#: sssd.conf.5.xml:3932 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3940 +#: sssd.conf.5.xml:3943 msgid "%F" msgstr "%F" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3941 +#: sssd.conf.5.xml:3944 msgid "flat (NetBIOS) name of a subdomain." msgstr "platt (NetBIOS) namn på en underdomän." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3932 +#: sssd.conf.5.xml:3935 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -5514,36 +5526,36 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3946 +#: sssd.conf.5.xml:3949 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" "Värdet kan åsidosättas av alternativet <emphasis>override_homedir</emphasis>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3950 +#: sssd.conf.5.xml:3953 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "Standard: <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3955 +#: sssd.conf.5.xml:3958 msgid "realmd_tags (string)" msgstr "realmd_tags (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3958 +#: sssd.conf.5.xml:3961 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" "Diverse taggar lagrade av realmd-konfigurationstjänsten för denna domän." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3964 +#: sssd.conf.5.xml:3967 msgid "cached_auth_timeout (int)" msgstr "cached_auth_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3967 +#: sssd.conf.5.xml:3970 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -5556,7 +5568,7 @@ msgstr "" "uppkopplad autentisering." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3975 +#: sssd.conf.5.xml:3978 msgid "" "This option's value is inherited by all trusted domains. At the moment it is " "not possible to set a different value per trusted domain." @@ -5565,12 +5577,12 @@ msgstr "" "inte möjligt att ange olika värden för varje betrodd domän." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3980 +#: sssd.conf.5.xml:3983 msgid "Special value 0 implies that this feature is disabled." msgstr "Specialvärdet 0 betyder att denna funktion är avaktiverad." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3984 +#: sssd.conf.5.xml:3987 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -5581,12 +5593,12 @@ msgstr "" "<quote>initgroups.</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3995 +#: sssd.conf.5.xml:3998 msgid "local_auth_policy (string)" msgstr "local_auth_policy (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3998 +#: sssd.conf.5.xml:4001 msgid "" "Local authentication methods policy. Some backends (i.e. LDAP, proxy " "provider) only support a password based authentication, while others can " @@ -5605,7 +5617,7 @@ msgstr "" "vilka utvärderas och kontrolleras lokalt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4010 +#: sssd.conf.5.xml:4013 msgid "" "There are three possible values for this option: match, only, enable. " "<quote>match</quote> is used to match offline and online states for Kerberos " @@ -5625,7 +5637,7 @@ msgstr "" "quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4023 +#: sssd.conf.5.xml:4026 msgid "" "The following table shows which authentication methods, if configured " "properly, are currently enabled or disabled for each backend, with the " @@ -5636,42 +5648,42 @@ msgstr "" "med standard local_auth_policy: <quote>match</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4036 +#: sssd.conf.5.xml:4039 msgid "local_auth_policy = match (default)" msgstr "local_auth_policy = match (standard)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4037 +#: sssd.conf.5.xml:4040 msgid "Passkey" msgstr "Lösennyckel" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4038 +#: sssd.conf.5.xml:4041 msgid "Smartcard" msgstr "Smartkort" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4041 sssd-ldap.5.xml:189 +#: sssd.conf.5.xml:4044 sssd-ldap.5.xml:189 msgid "IPA" msgstr "IPA" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4044 sssd-ldap.5.xml:194 +#: sssd.conf.5.xml:4047 sssd-ldap.5.xml:194 msgid "AD" msgstr "AD" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para> -#: sssd.conf.5.xml:4044 sssd.conf.5.xml:4047 sssd.conf.5.xml:4048 +#: sssd.conf.5.xml:4047 sssd.conf.5.xml:4050 sssd.conf.5.xml:4051 msgid "disabled" msgstr "avaktiverad" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry> -#: sssd.conf.5.xml:4047 +#: sssd.conf.5.xml:4050 msgid "LDAP" msgstr "LDAP" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4052 +#: sssd.conf.5.xml:4055 msgid "" "Please note that if local Smartcard authentication is enabled and a " "Smartcard is present, Smartcard authentication will be preferred over the " @@ -5684,7 +5696,7 @@ msgstr "" "vara en PIN-prompt istället för t.ex. en lösenordsprompt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4064 +#: sssd.conf.5.xml:4067 #, no-wrap msgid "" "[domain/shadowutils]\n" @@ -5700,7 +5712,7 @@ msgstr "" "local_auth_policy = only\n" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4060 +#: sssd.conf.5.xml:4063 msgid "" "The following configuration example allows local users to authenticate " "locally using any enabled method (i.e. smartcard, passkey). <placeholder " @@ -5711,7 +5723,7 @@ msgstr "" "type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4072 +#: sssd.conf.5.xml:4075 msgid "" "It is expected that the <quote>files</quote> provider ignores the " "local_auth_policy option and supports Smartcard authentication by default." @@ -5721,22 +5733,22 @@ msgstr "" "standard." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4077 +#: sssd.conf.5.xml:4080 msgid "Default: match" msgstr "Standard: match" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4082 +#: sssd.conf.5.xml:4085 msgid "auto_private_groups (string)" msgstr "auto_private_groups (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4088 +#: sssd.conf.5.xml:4091 msgid "true" msgstr "true" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4091 +#: sssd.conf.5.xml:4094 msgid "" "Create user's private group unconditionally from user's UID number. The GID " "number is ignored in this case." @@ -5745,7 +5757,7 @@ msgstr "" "GID-numret ignoreras i detta läge." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4095 +#: sssd.conf.5.xml:4098 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -5758,12 +5770,12 @@ msgstr "" "framtvingar unika nummer över hela ID-rymden." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4104 +#: sssd.conf.5.xml:4107 msgid "false" msgstr "false" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4107 +#: sssd.conf.5.xml:4110 msgid "" "Always use the user's primary GID number. The GID number must refer to a " "group object in the LDAP database." @@ -5772,12 +5784,12 @@ msgstr "" "ett gruppobjekt i LDAP-databasen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4113 +#: sssd.conf.5.xml:4116 msgid "hybrid" msgstr "hybrid" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4116 +#: sssd.conf.5.xml:4119 msgid "" "A primary group is autogenerated for user entries whose UID and GID numbers " "have the same value and at the same time the GID number does not correspond " @@ -5792,7 +5804,7 @@ msgstr "" "upp till det gruppobjektet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4129 +#: sssd.conf.5.xml:4132 msgid "" "If the UID and GID of a user are different, then the GID must correspond to " "a group entry, otherwise the GID is simply not resolvable." @@ -5801,7 +5813,7 @@ msgstr "" "kan GID:t helt enkelt inte slås upp." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4136 +#: sssd.conf.5.xml:4139 msgid "" "This feature is useful for environments that wish to stop maintaining a " "separate group objects for the user private groups, but also wish to retain " @@ -5812,7 +5824,7 @@ msgstr "" "befintliga användarnas privata grupper." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4085 +#: sssd.conf.5.xml:4088 msgid "" "This option takes any of three available values: <placeholder " "type=\"variablelist\" id=\"0\"/>" @@ -5821,7 +5833,7 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4148 +#: sssd.conf.5.xml:4151 msgid "" "For subdomains, the default value is False for subdomains that use assigned " "POSIX IDs and True for subdomains that use automatic ID-mapping." @@ -5831,7 +5843,7 @@ msgstr "" "översättning." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4156 +#: sssd.conf.5.xml:4159 #, no-wrap msgid "" "[domain/forest.domain/sub.domain]\n" @@ -5841,7 +5853,7 @@ msgstr "" "auto_private_groups = false\n" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4162 +#: sssd.conf.5.xml:4165 #, no-wrap msgid "" "[domain/forest.domain]\n" @@ -5853,7 +5865,7 @@ msgstr "" "auto_private_groups = false\n" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4153 +#: sssd.conf.5.xml:4156 msgid "" "The value of auto_private_groups can either be set per subdomains in a " "subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " @@ -5867,7 +5879,7 @@ msgstr "" "id=\"1\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2552 +#: sssd.conf.5.xml:2555 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -5878,17 +5890,17 @@ msgstr "" "replaceable>]</quote> <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4177 +#: sssd.conf.5.xml:4180 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4180 +#: sssd.conf.5.xml:4183 msgid "The proxy target PAM proxies to." msgstr "Proxymålet PAM är en proxy för." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4183 +#: sssd.conf.5.xml:4186 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here. As an alternative you can " @@ -5899,12 +5911,12 @@ msgstr "" "man aktivera lokal autentisering med alternativet local_auth_policy." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4193 +#: sssd.conf.5.xml:4196 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4196 +#: sssd.conf.5.xml:4199 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -5915,12 +5927,12 @@ msgstr "" "exempel _nss_files_getpwent." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4206 +#: sssd.conf.5.xml:4209 msgid "proxy_resolver_lib_name (string)" msgstr "proxy_resolver_lib_name (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4209 +#: sssd.conf.5.xml:4212 msgid "" "The name of the NSS library to use for hosts and networks lookups in proxy " "domains. The NSS functions searched for in the library are in the form of " @@ -5931,12 +5943,12 @@ msgstr "" "_nss_$(libName)_$(function), till exempel _nss_dns_gethostbyname2_r." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4220 +#: sssd.conf.5.xml:4223 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4223 +#: sssd.conf.5.xml:4226 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -5949,12 +5961,12 @@ msgstr "" "SSSD att utföra ID-uppslagningen från cachen av prestandaskäl." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4237 +#: sssd.conf.5.xml:4240 msgid "proxy_max_children (integer)" msgstr "proxy_max_children (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4240 +#: sssd.conf.5.xml:4243 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -5966,7 +5978,7 @@ msgstr "" "begäranden skulle köas upp." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4173 +#: sssd.conf.5.xml:4176 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -5975,12 +5987,12 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:4256 +#: sssd.conf.5.xml:4259 msgid "Application domains" msgstr "Programdomäner" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4258 +#: sssd.conf.5.xml:4261 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -6009,7 +6021,7 @@ msgstr "" "traditionell SSSD-domän." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4278 +#: sssd.conf.5.xml:4281 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -6020,17 +6032,17 @@ msgstr "" "programdomänen och dess POSIX-syskondomän sätts korrekt." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:4284 +#: sssd.conf.5.xml:4287 msgid "Application domain parameters" msgstr "Programdomänparametrar" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4286 +#: sssd.conf.5.xml:4289 msgid "inherit_from (string)" msgstr "inherit_from (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4289 +#: sssd.conf.5.xml:4292 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -6043,7 +6055,7 @@ msgstr "" "quote>domänens inställningar." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4303 +#: sssd.conf.5.xml:4306 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -6058,7 +6070,7 @@ msgstr "" "attributet telefon nåbart via D-Bus-gränssnittet." #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:4311 +#: sssd.conf.5.xml:4314 #, no-wrap msgid "" "[sssd]\n" @@ -6092,12 +6104,12 @@ msgstr "" "ldap_user_extra_attrs = telefon:telephoneNumber\n" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4331 +#: sssd.conf.5.xml:4334 msgid "TRUSTED DOMAIN SECTION" msgstr "SEKTIONEN BETRODDA DOMÄNER" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4333 +#: sssd.conf.5.xml:4336 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -6114,57 +6126,57 @@ msgstr "" "alternativ i sektionen för betrodda domäner är:" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4340 +#: sssd.conf.5.xml:4343 msgid "ldap_search_base," msgstr "ldap_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4341 +#: sssd.conf.5.xml:4344 msgid "ldap_user_search_base," msgstr "ldap_user_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4342 +#: sssd.conf.5.xml:4345 msgid "ldap_group_search_base," msgstr "ldap_group_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4343 +#: sssd.conf.5.xml:4346 msgid "ldap_netgroup_search_base," msgstr "ldap_netgroup_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4344 +#: sssd.conf.5.xml:4347 msgid "ldap_service_search_base," msgstr "ldap_service_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4345 +#: sssd.conf.5.xml:4348 msgid "ldap_sasl_mech," msgstr "ldap_sasl_mech," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4346 +#: sssd.conf.5.xml:4349 msgid "ad_server," msgstr "ad_server," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4347 +#: sssd.conf.5.xml:4350 msgid "ad_backup_server," msgstr "ad_backup_server," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4348 +#: sssd.conf.5.xml:4351 msgid "ad_site," msgstr "ad_site," #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4349 sssd-ipa.5.xml:884 +#: sssd.conf.5.xml:4352 sssd-ipa.5.xml:948 msgid "use_fully_qualified_names" msgstr "use_fully_qualified_names" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4353 +#: sssd.conf.5.xml:4356 msgid "" "For more details about these options see their individual description in the " "manual page." @@ -6173,12 +6185,12 @@ msgstr "" "manualsidan." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4359 +#: sssd.conf.5.xml:4362 msgid "CERTIFICATE MAPPING SECTION" msgstr "CERTIFIKATSMAPPNINGSSEKTION" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4361 +#: sssd.conf.5.xml:4364 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -6200,7 +6212,7 @@ msgstr "" "fallet när lokala tjänster använder PAM för autentisering." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4375 +#: sssd.conf.5.xml:4378 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -6212,7 +6224,7 @@ msgstr "" "detaljer)." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4384 +#: sssd.conf.5.xml:4387 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -6225,12 +6237,12 @@ msgstr "" "replaceable>]</quote>. I denna sektion är följande alternativ tillåtna:" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4391 +#: sssd.conf.5.xml:4394 msgid "matchrule (string)" msgstr "matchrule (sträng)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4394 +#: sssd.conf.5.xml:4397 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." @@ -6239,7 +6251,7 @@ msgstr "" "alla andra ignoreras." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4398 +#: sssd.conf.5.xml:4401 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" @@ -6248,17 +6260,17 @@ msgstr "" "Extended Key Usage <quote>clientAuth</quote>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4405 +#: sssd.conf.5.xml:4408 msgid "maprule (string)" msgstr "maprule (sträng)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4408 +#: sssd.conf.5.xml:4411 msgid "Defines how the user is found for a given certificate." msgstr "Definierar hur användaren hittas för ett givet certifikat." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4414 +#: sssd.conf.5.xml:4417 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." @@ -6267,21 +6279,20 @@ msgstr "" "<quote>ldap</quote>, <quote>AD</quote> eller <quote>ipa</quote>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4420 +#: sssd.conf.5.xml:4423 msgid "" -"The RULE_NAME for the <quote>files</quote> provider which tries to find a " -"user with the same name." +"If maprule is not set and provider is <quote>proxy</quote><phrase " +"condition=\"with_files_provider\">  or <quote>files</quote></phrase>, " +"the RULE_NAME name is assumed to be the name of the matching user." msgstr "" -"REGELNAMNet för leverantören <quote>files</quote> som försöker hitta en " -"användare med samma namn." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4429 +#: sssd.conf.5.xml:4434 msgid "domains (string)" msgstr "domains (sträng)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4432 +#: sssd.conf.5.xml:4437 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -6294,17 +6305,17 @@ msgstr "" "lägga till regeln till underdomäner också." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4439 +#: sssd.conf.5.xml:4444 msgid "Default: the configured domain in sssd.conf" msgstr "Standard: den konfigurerade domänen i sssd.conf" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4444 +#: sssd.conf.5.xml:4449 msgid "priority (integer)" msgstr "priority (heltal)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4447 +#: sssd.conf.5.xml:4452 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -6315,12 +6326,12 @@ msgstr "" "prioriteten medan <quote>4294967295</quote> är den lägsta." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4453 +#: sssd.conf.5.xml:4458 msgid "Default: the lowest priority" msgstr "Standard: den lägsta prioriteten" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4459 +#: sssd.conf.5.xml:4464 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" @@ -6330,7 +6341,7 @@ msgstr "" "speciella egenskaper:" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4465 +#: sssd.conf.5.xml:4470 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" @@ -6339,7 +6350,7 @@ msgstr "" "användaren" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4471 +#: sssd.conf.5.xml:4476 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -6352,17 +6363,17 @@ msgstr "" "short_name})</quote>" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4480 +#: sssd.conf.5.xml:4485 msgid "the <quote>domains</quote> option is ignored" msgstr "alternativet <quote>domains</quote> ignoreras" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4488 +#: sssd.conf.5.xml:4493 msgid "PROMPTING CONFIGURATION SECTION" msgstr "SEKTIONEN FÖR FRÅGEKONFIGURATION" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4490 +#: sssd.conf.5.xml:4495 msgid "" "If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" "filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " @@ -6377,7 +6388,7 @@ msgstr "" "tillämpliga kreditiv." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4498 +#: sssd.conf.5.xml:4503 msgid "" "With the growing number of authentication methods and the possibility that " "there are multiple ones for a single user the heuristic used by pam_sss to " @@ -6390,22 +6401,22 @@ msgstr "" "användarfall. Följande alternativ bör ge en bättre flexibilitet här." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4510 +#: sssd.conf.5.xml:4515 msgid "[prompting/password]" msgstr "[prompting/password]" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4513 +#: sssd.conf.5.xml:4518 msgid "password_prompt" msgstr "password_prompt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4514 +#: sssd.conf.5.xml:4519 msgid "to change the string of the password prompt" msgstr "för att ändra strängen i lösenordsfrågan" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4512 +#: sssd.conf.5.xml:4517 msgid "" "to configure password prompting, allowed options are: <placeholder " "type=\"variablelist\" id=\"0\"/>" @@ -6414,37 +6425,37 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4522 +#: sssd.conf.5.xml:4527 msgid "[prompting/2fa]" msgstr "[prompting/2fa]" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4526 +#: sssd.conf.5.xml:4531 msgid "first_prompt" msgstr "first_prompt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4527 +#: sssd.conf.5.xml:4532 msgid "to change the string of the prompt for the first factor" msgstr "för att ändra strängen som frågar efter den första faktorn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4530 +#: sssd.conf.5.xml:4535 msgid "second_prompt" msgstr "second_prompt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4531 +#: sssd.conf.5.xml:4536 msgid "to change the string of the prompt for the second factor" msgstr "för att ändra strängen som frågar efter den andra faktorn" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4534 +#: sssd.conf.5.xml:4539 msgid "single_prompt" msgstr "single_prompt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4535 +#: sssd.conf.5.xml:4540 msgid "" "boolean value, if True there will be only a single prompt using the value of " "first_prompt where it is expected that both factors are entered as a single " @@ -6457,7 +6468,7 @@ msgstr "" "faktorn är frivillig." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4524 +#: sssd.conf.5.xml:4529 msgid "" "to configure two-factor authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/> If the second factor is " @@ -6470,7 +6481,7 @@ msgstr "" "med lösenordet eller med båda faktorerna måste tvåstegsförfrågan användas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4548 +#: sssd.conf.5.xml:4553 msgid "" "Some clients, such as SSH with 'PasswordAuthentication yes', generate their " "own prompts and do not use prompts provided by SSSD or other PAM modules. " @@ -6481,17 +6492,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4563 +#: sssd.conf.5.xml:4568 msgid "[prompting/passkey]" msgstr "[prompting/passkey]" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4569 sssd-ad.5.xml:1022 +#: sssd.conf.5.xml:4574 sssd-ad.5.xml:1022 msgid "interactive" msgstr "interactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4571 +#: sssd.conf.5.xml:4576 msgid "" "boolean value, if True prompt a message and wait before testing the presence " "of a passkey device. Recommended if your device doesn’t have a tactile " @@ -6502,22 +6513,22 @@ msgstr "" "utlösare." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4579 +#: sssd.conf.5.xml:4584 msgid "interactive_prompt" msgstr "interactive_prompt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4581 +#: sssd.conf.5.xml:4586 msgid "to change the message of the interactive prompt." msgstr "för att ändra meddelandet i den interaktiva frågan." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4586 +#: sssd.conf.5.xml:4591 msgid "touch" msgstr "touch" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4588 +#: sssd.conf.5.xml:4593 msgid "" "boolean value, if True prompt a message to remind the user to touch the " "device." @@ -6526,17 +6537,17 @@ msgstr "" "enheten." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4594 +#: sssd.conf.5.xml:4599 msgid "touch_prompt" msgstr "touch_prompt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4596 +#: sssd.conf.5.xml:4601 msgid "to change the message of the touch prompt." msgstr "för att ändra meddelandet i begäran om beröring." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4565 +#: sssd.conf.5.xml:4570 msgid "" "to configure passkey authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -6545,7 +6556,7 @@ msgstr "" "alternativen: <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4505 +#: sssd.conf.5.xml:4510 msgid "" "Each supported authentication method has its own configuration subsection " "under <quote>[prompting/...]</quote>. Currently there are: <placeholder " @@ -6558,7 +6569,7 @@ msgstr "" "> <placeholder type=\"variablelist\" id=\"2\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4607 +#: sssd.conf.5.xml:4612 msgid "" "It is possible to add a subsection for specific PAM services, e.g. " "<quote>[prompting/password/sshd]</quote> to individual change the prompting " @@ -6569,12 +6580,12 @@ msgstr "" "enskilt för denna tjänst." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4614 pam_sss_gss.8.xml:157 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:4619 pam_sss_gss.8.xml:157 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "EXEMPEL" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4620 +#: sssd.conf.5.xml:4625 #, no-wrap msgid "" "[sssd]\n" @@ -6626,7 +6637,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4616 +#: sssd.conf.5.xml:4621 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -6638,7 +6649,7 @@ msgstr "" "domäner för fler detaljer. <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4652 +#: sssd.conf.5.xml:4657 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -6648,7 +6659,7 @@ msgstr "" "use_fully_qualified_names = false\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4646 +#: sssd.conf.5.xml:4651 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -6664,7 +6675,7 @@ msgstr "" "type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4663 +#: sssd.conf.5.xml:4668 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -6680,7 +6691,7 @@ msgstr "" "priority = 10\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4657 +#: sssd.conf.5.xml:4662 msgid "" "3. The following example shows the configuration of a certificate mapping " "rule. It is valid for the configured domain <quote>my.domain</quote> and " @@ -7006,8 +7017,17 @@ msgstr "exop - Password Modify Extended Operation (RFC 3062)" msgid "ldap_modify - Direct modification of userPassword (not recommended)." msgstr "ldap_modify - Direkt ändring av userPassword (rekommenderas inte)." +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:239 +msgid "" +"exop_force - Try Password Modify Extended Operation (RFC 3062) even if there " +"are no grace logins left. Depending on the type and configuration of the " +"LDAP server the password change might fail because an authenticated bind is " +"not possible." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:240 +#: sssd-ldap.5.xml:251 msgid "" "Note: First, a new connection is established to verify current password by " "binding as the user that requested password change. If successful, this " @@ -7020,52 +7040,52 @@ msgstr "" "måste användaren ha skrivrätt på attributet userPassword." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:248 +#: sssd-ldap.5.xml:259 msgid "Default: exop" msgstr "Standard: exop" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:265 msgid "ldap_default_bind_dn (string)" msgstr "ldap_default_bind_dn (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:268 msgid "The default bind DN to use for performing LDAP operations." msgstr "Standardbindnings-DN att använda för att utföra LDAP-operationer." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:264 +#: sssd-ldap.5.xml:275 msgid "ldap_default_authtok_type (string)" msgstr "ldap_default_authtok_type (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:267 +#: sssd-ldap.5.xml:278 msgid "The type of the authentication token of the default bind DN." msgstr "Typen på autentiseringstecknet hos standardbindnings-DN." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:271 +#: sssd-ldap.5.xml:282 msgid "The two mechanisms currently supported are:" msgstr "De två mekanismerna som stödjs för närvarande är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:274 +#: sssd-ldap.5.xml:285 msgid "password" msgstr "password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:288 msgid "obfuscated_password" msgstr "obfuscated_password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:291 msgid "Default: password" msgstr "Standard: password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:283 +#: sssd-ldap.5.xml:294 msgid "" "See the <citerefentry> <refentrytitle>sss_obfuscate</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> manual page for more information." @@ -7074,22 +7094,22 @@ msgstr "" "<manvolnum>8</manvolnum> </citerefentry> för mer information." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:294 +#: sssd-ldap.5.xml:305 msgid "ldap_default_authtok (string)" msgstr "ldap_default_authtok (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 +#: sssd-ldap.5.xml:308 msgid "The authentication token of the default bind DN." msgstr "Autentiseringstecknet hos standardbindnings-DN." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:314 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:317 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -7102,12 +7122,12 @@ msgstr "" "rike i versaler." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:319 +#: sssd-ldap.5.xml:330 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:322 +#: sssd-ldap.5.xml:333 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." @@ -7116,12 +7136,12 @@ msgstr "" "uppräknade poster." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:349 msgid "ldap_purge_cache_timeout (integer)" msgstr "ldap_purge_cache_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:341 +#: sssd-ldap.5.xml:352 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -7132,7 +7152,7 @@ msgstr "" "att spara utrymme." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:358 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -7145,12 +7165,12 @@ msgstr "" "Som standard kör rensningsjobbet var 3:e timma när uppräkning är aktiverat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:367 +#: sssd-ldap.5.xml:378 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:370 +#: sssd-ldap.5.xml:381 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -7161,7 +7181,7 @@ msgstr "" "kommer följa. Detta alternativ har ingen effekt på schemat RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:377 +#: sssd-ldap.5.xml:388 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -7177,7 +7197,7 @@ msgstr "" "ursprungliga uppslagningen om den slås upp igen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:397 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -7192,12 +7212,12 @@ msgstr "" "false för att begränsa gruppnästning." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:395 +#: sssd-ldap.5.xml:406 msgid "Default: 2" msgstr "Standard: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 +#: sssd-ldap.5.xml:415 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." @@ -7207,23 +7227,23 @@ msgstr "" "2008 och senare." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:414 +#: sssd-ldap.5.xml:425 msgid "Default: True for AD and IPA otherwise False." msgstr "Standard: true för AD och IPA annars false." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:420 +#: sssd-ldap.5.xml:431 msgid "ldap_host_search_base (string)" msgstr "ldap_host_search_base (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:423 +#: sssd-ldap.5.xml:434 msgid "Optional. Use the given string as search base for host objects." msgstr "Frivillig. Använd den givna strängen som en sökbas för värdobjekt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:427 sssd-ipa.5.xml:462 sssd-ipa.5.xml:481 sssd-ipa.5.xml:500 -#: sssd-ipa.5.xml:519 +#: sssd-ldap.5.xml:438 sssd-ipa.5.xml:526 sssd-ipa.5.xml:545 sssd-ipa.5.xml:564 +#: sssd-ipa.5.xml:583 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " "multiple search bases." @@ -7232,32 +7252,32 @@ msgstr "" "multipla sökbaser." #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:432 sssd-ipa.5.xml:467 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:443 sssd-ipa.5.xml:531 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "Standard: värdet på <emphasis>ldap_search_base</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:450 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:444 +#: sssd-ldap.5.xml:455 msgid "ldap_iphost_search_base (string)" msgstr "ldap_iphost_search_base (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:449 +#: sssd-ldap.5.xml:460 msgid "ldap_ipnetwork_search_base (string)" msgstr "ldap_ipnetwork_search_base (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:465 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:468 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -7267,7 +7287,7 @@ msgstr "" "och cachade resultat returneras (och går in i frånkopplat läge)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:463 +#: sssd-ldap.5.xml:474 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -7278,12 +7298,12 @@ msgstr "" "specifika uppslagningstyper." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:480 +#: sssd-ldap.5.xml:491 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:483 +#: sssd-ldap.5.xml:494 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -7294,12 +7314,12 @@ msgstr "" "returneras (och går in i frånkopplat läge)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:501 +#: sssd-ldap.5.xml:512 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:504 +#: sssd-ldap.5.xml:515 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -7316,12 +7336,12 @@ msgstr "" "citerefentry> returnerar om inget händer." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:532 +#: sssd-ldap.5.xml:543 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:546 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -7335,12 +7355,12 @@ msgstr "" "operationen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:566 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:569 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -7353,7 +7373,7 @@ msgstr "" "(detta värde eller TGT-livslängden) användas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:577 msgid "" "If the connection is idle (not actively running an operation) within " "<emphasis>ldap_opt_timeout</emphasis> seconds of expiration, then it will be " @@ -7371,7 +7391,7 @@ msgstr "" "emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:578 +#: sssd-ldap.5.xml:589 msgid "" "This timeout can be extended of a random value specified by " "<emphasis>ldap_connection_expire_offset</emphasis>" @@ -7380,17 +7400,17 @@ msgstr "" "<emphasis>ldap_connection_expire_offset</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:588 sssd-ldap.5.xml:631 sssd-ldap.5.xml:1749 +#: sssd-ldap.5.xml:599 sssd-ldap.5.xml:642 sssd-ldap.5.xml:1760 msgid "Default: 900 (15 minutes)" msgstr "Standard: 900 (15 minuter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:594 +#: sssd-ldap.5.xml:605 msgid "ldap_connection_expire_offset (integer)" msgstr "ldap_connection_expire_offset (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:597 +#: sssd-ldap.5.xml:608 msgid "" "Random offset between 0 and configured value is added to " "<emphasis>ldap_connection_expire_timeout</emphasis>." @@ -7399,12 +7419,12 @@ msgstr "" "till<emphasis>ldap_connection_expire_timeout</emphasis>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:624 msgid "ldap_connection_idle_timeout (integer)" msgstr "ldap_connection_idle_timeout (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 +#: sssd-ldap.5.xml:627 msgid "" "Specifies a timeout (in seconds) that an idle connection to an LDAP server " "will be maintained. If the connection is idle for more than this time then " @@ -7415,17 +7435,17 @@ msgstr "" "kommer förbindelsen att stängas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:622 +#: sssd-ldap.5.xml:633 msgid "You can disable this timeout by setting the value to 0." msgstr "Man kan avaktivera denna tidsgräns genom att sätta värdet till 0." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:648 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:651 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." @@ -7434,12 +7454,12 @@ msgstr "" "LDAP-servrar framtvingar en maximal gräns per begäran." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:662 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:654 +#: sssd-ldap.5.xml:665 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -7450,7 +7470,7 @@ msgstr "" "RootDSE men det inte är aktiverat eller inte fungerar som det skall." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:660 +#: sssd-ldap.5.xml:671 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." @@ -7460,7 +7480,7 @@ msgstr "" "den." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:666 +#: sssd-ldap.5.xml:677 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -7471,17 +7491,17 @@ msgstr "" "att några begäranden nekas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:678 +#: sssd-ldap.5.xml:689 msgid "ldap_disable_range_retrieval (boolean)" msgstr "ldap_disable_range_retrieval (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:681 +#: sssd-ldap.5.xml:692 msgid "Disable Active Directory range retrieval." msgstr "Avaktivera Active Directory intervallhämtning." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:684 +#: sssd-ldap.5.xml:695 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -7497,12 +7517,12 @@ msgstr "" "medlemmar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:699 +#: sssd-ldap.5.xml:710 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 +#: sssd-ldap.5.xml:713 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -7513,17 +7533,17 @@ msgstr "" "detta alternativ är definierat av OpenLDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:708 sssd-ldap.5.xml:724 +#: sssd-ldap.5.xml:719 sssd-ldap.5.xml:735 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "Standard: använd systemstandard (vanligen angivet i ldap.conf)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:715 +#: sssd-ldap.5.xml:726 msgid "ldap_sasl_maxssf (integer)" msgstr "ldap_sasl_maxssf (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:718 +#: sssd-ldap.5.xml:729 msgid "" "When communicating with an LDAP server using SASL, specify the maximal " "security level necessary to establish the connection. The values of this " @@ -7534,12 +7554,12 @@ msgstr "" "detta alternativ är definierat av OpenLDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:742 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:734 +#: sssd-ldap.5.xml:745 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -7550,7 +7570,7 @@ msgstr "" "individuellt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:740 +#: sssd-ldap.5.xml:751 msgid "" "You can turn off dereference lookups completely by setting the value to 0. " "Please note that there are some codepaths in SSSD, like the IPA HBAC " @@ -7567,7 +7587,7 @@ msgstr "" "rootDSE-objektet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:751 +#: sssd-ldap.5.xml:762 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -7580,7 +7600,7 @@ msgstr "" "OpenLDAP och Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 +#: sssd-ldap.5.xml:770 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -7591,12 +7611,12 @@ msgstr "" "oavsett denna inställning." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:783 msgid "ldap_ignore_unreadable_references (bool)" msgstr "ldap_ignore_unreadable_references (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 +#: sssd-ldap.5.xml:786 msgid "" "Ignore unreadable LDAP entries referenced in group's member attribute. If " "this parameter is set to false an error will be returned and the operation " @@ -7607,7 +7627,7 @@ msgstr "" "misslyckas istället för att den oläsbara posten bara ignoreras." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:782 +#: sssd-ldap.5.xml:793 msgid "" "This parameter may be useful when using the AD provider and the computer " "account that sssd uses to connect to AD does not have access to a particular " @@ -7618,12 +7638,12 @@ msgstr "" "en viss post eller ett visst LDAP-underträd av säkerhetsskäl." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:795 +#: sssd-ldap.5.xml:806 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:798 +#: sssd-ldap.5.xml:809 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -7632,7 +7652,7 @@ msgstr "" "några. Det kan anges som ett av följande värden:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 +#: sssd-ldap.5.xml:815 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -7641,7 +7661,7 @@ msgstr "" "några servercertifikat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:808 +#: sssd-ldap.5.xml:819 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -7652,7 +7672,7 @@ msgstr "" "tillhandahålls kommer det ignoreras och sessionen fortsätta normalt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:826 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -7663,7 +7683,7 @@ msgstr "" "tillhandahålls avslutas sessionen omedelbart." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:821 +#: sssd-ldap.5.xml:832 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -7674,22 +7694,22 @@ msgstr "" "sessionen omedelbart." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:838 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> = Samma som <quote>demand</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:831 +#: sssd-ldap.5.xml:842 msgid "Default: hard" msgstr "Standard: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:837 +#: sssd-ldap.5.xml:848 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:840 +#: sssd-ldap.5.xml:851 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -7698,7 +7718,7 @@ msgstr "" "<command>sssd</command> kommer godkänna." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 sssd-ldap.5.xml:864 sssd-ldap.5.xml:905 +#: sssd-ldap.5.xml:856 sssd-ldap.5.xml:875 sssd-ldap.5.xml:916 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -7707,12 +7727,12 @@ msgstr "" "openldap/ldap.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:852 +#: sssd-ldap.5.xml:863 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:866 #, fuzzy #| msgid "" #| "Specifies the path of a directory that contains Certificate Authority " @@ -7734,32 +7754,32 @@ msgstr "" "namnen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:871 +#: sssd-ldap.5.xml:882 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:885 msgid "Specifies the file that contains the certificate for the client's key." msgstr "Anger filen som innehåller certifikatet för klientens nyckel." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 +#: sssd-ldap.5.xml:895 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:898 msgid "Specifies the file that contains the client's key." msgstr "Anger filen som innehåller klientens nyckel." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:907 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:910 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -7770,12 +7790,12 @@ msgstr "" "manvolnum></citerefentry> för formatet." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 +#: sssd-ldap.5.xml:923 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:926 msgid "" "Specifies that the id_provider connection must also use <systemitem " "class=\"protocol\">tls</systemitem> to protect the channel. <emphasis>true</" @@ -7786,12 +7806,12 @@ msgstr "" "emphasis> rekommenderas starkt av säkerhetsskäl." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:937 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:940 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -7802,18 +7822,18 @@ msgstr "" "förlita sig på ldap_user_uid_number och ldap_group_gid_number." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:946 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" "För närvarande stödjer denna funktion endast ActiveDirectory objectSID." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:945 +#: sssd-ldap.5.xml:956 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "ldap_min_id, ldap_max_id (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:959 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -7831,17 +7851,17 @@ msgstr "" "Underdomäner kan sedan välja andra intervall för att översätta ID:n." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:960 +#: sssd-ldap.5.xml:971 msgid "Default: not set (both options are set to 0)" msgstr "Standard: inte satt (båda alternativen är satta till 0)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:966 +#: sssd-ldap.5.xml:977 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:969 +#: sssd-ldap.5.xml:980 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " "tested and supported." @@ -7850,7 +7870,7 @@ msgstr "" "GSSAPI och GSS-SPNEGO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 +#: sssd-ldap.5.xml:984 msgid "" "If the backend supports sub-domains the value of ldap_sasl_mech is " "automatically inherited to the sub-domains. If a different value is needed " @@ -7866,12 +7886,12 @@ msgstr "" "conf</refentrytitle> <manvolnum>5</manvolnum></citerefentry> för detaljer." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:989 +#: sssd-ldap.5.xml:1000 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1001 +#: sssd-ldap.5.xml:1012 #, no-wrap msgid "" "hostname@REALM\n" @@ -7891,7 +7911,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:992 +#: sssd-ldap.5.xml:1003 msgid "" "Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " "this represents the Kerberos principal used for authentication to the " @@ -7911,17 +7931,17 @@ msgstr "" "keytab." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1012 +#: sssd-ldap.5.xml:1023 msgid "Default: host/hostname@REALM" msgstr "Standard: host/värdnamn@RIKE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1018 +#: sssd-ldap.5.xml:1029 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1032 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -7932,17 +7952,17 @@ msgstr "" "ignoreras detta alternativ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1038 msgid "Default: the value of krb5_realm." msgstr "Standard: värdet på krb5_realm." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 +#: sssd-ldap.5.xml:1044 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 +#: sssd-ldap.5.xml:1047 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." @@ -7951,34 +7971,34 @@ msgstr "" "att ta fram värdnamnets kanoniska form under en SASL-bindning." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1041 +#: sssd-ldap.5.xml:1052 msgid "Default: false;" msgstr "Standard: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1047 +#: sssd-ldap.5.xml:1058 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1050 +#: sssd-ldap.5.xml:1061 msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" "Ange den keytab som skall användas vid användning av SASL/GSSAPI/GSS-SPNEGO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 sssd-krb5.5.xml:247 +#: sssd-ldap.5.xml:1070 sssd-krb5.5.xml:247 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Standard: Systemets keytab, normalt <filename>/etc/krb5.keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 +#: sssd-ldap.5.xml:1076 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 +#: sssd-ldap.5.xml:1079 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -7989,29 +8009,29 @@ msgstr "" "eller GSS-SPNEGO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1080 +#: sssd-ldap.5.xml:1091 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1094 msgid "" "Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" "Anger livslängden i sekunder på TGT:n om GSSAPI eller GSS-SPNEGO används." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1092 sssd-ad.5.xml:1253 +#: sssd-ldap.5.xml:1103 sssd-ad.5.xml:1256 msgid "Default: 86400 (24 hours)" msgstr "Standard: 86400 (24 timmar)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1098 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1109 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1101 +#: sssd-ldap.5.xml:1112 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -8029,7 +8049,7 @@ msgstr "" "mer information, se avsnittet <quote>TJÄNSTEUPPTÄCKT</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1113 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1124 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -8040,7 +8060,7 @@ msgstr "" "hittas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1118 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1129 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -8052,27 +8072,27 @@ msgstr "" "quote> istället." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1127 sssd-ipa.5.xml:531 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1138 sssd-ipa.5.xml:595 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1130 +#: sssd-ldap.5.xml:1141 msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "Ange Kerberos-RIKE (för SASL/GSSAPI/GSS-SPNEGO aut)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1134 +#: sssd-ldap.5.xml:1145 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "Standard: Systemstandard, se <filename>/etc/krb5.conf</filename>" #. type: Content of: <variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1140 include/krb5_options.xml:154 +#: sssd-ldap.5.xml:1151 include/krb5_options.xml:154 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1143 +#: sssd-ldap.5.xml:1154 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" @@ -8081,12 +8101,12 @@ msgstr "" "servern. Denna funktion är tillgänglig med MIT Kerberos ≥ 1.7" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1155 sssd-krb5.5.xml:336 +#: sssd-ldap.5.xml:1166 sssd-krb5.5.xml:336 msgid "krb5_use_kdcinfo (boolean)" msgstr "krb5_use_kdcinfo (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1158 sssd-krb5.5.xml:339 +#: sssd-ldap.5.xml:1169 sssd-krb5.5.xml:339 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -8101,7 +8121,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 sssd-krb5.5.xml:350 +#: sssd-ldap.5.xml:1180 sssd-krb5.5.xml:350 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -8112,12 +8132,12 @@ msgstr "" "om lokaliseringsinsticksmodulen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1183 +#: sssd-ldap.5.xml:1194 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1186 +#: sssd-ldap.5.xml:1197 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -8126,7 +8146,7 @@ msgstr "" "värden är tillåtna:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1202 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -8135,7 +8155,7 @@ msgstr "" "alternativ kan inte avaktivera lösenordspolicyer på serversidan." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1196 +#: sssd-ldap.5.xml:1207 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -8148,7 +8168,7 @@ msgstr "" "även alternativet ”ldap_chpass_update_last_change”." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1204 +#: sssd-ldap.5.xml:1215 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -8159,7 +8179,7 @@ msgstr "" "chpass_provider=krb5 för att uppdatera dessa attribut när lösenordet ändras." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1213 +#: sssd-ldap.5.xml:1224 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." @@ -8168,17 +8188,17 @@ msgstr "" "kommer den alltid gå före framför policyn som sätts med detta alternativ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1232 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1235 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "Anger huruvida automatisk uppföljning av referenser skall aktiveras." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 +#: sssd-ldap.5.xml:1239 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -8187,7 +8207,7 @@ msgstr "" "kompilerad med OpenLDAP version 2.4.13 eller senare." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1233 +#: sssd-ldap.5.xml:1244 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -8208,28 +8228,28 @@ msgstr "" "data vara tillgängliga." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1263 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1255 +#: sssd-ldap.5.xml:1266 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "Anger tjänstenamnet som skall användas när tjänsteupptäckt är aktiverat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1259 +#: sssd-ldap.5.xml:1270 msgid "Default: ldap" msgstr "Standard: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1265 +#: sssd-ldap.5.xml:1276 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1279 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -8238,17 +8258,17 @@ msgstr "" "lösenordsändringar när tjänsteupptäckt är aktiverat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 +#: sssd-ldap.5.xml:1284 msgid "Default: not set, i.e. service discovery is disabled" msgstr "Standard: inte satt, d.v.s. tjänsteupptäckt är avaktiverat" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1290 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 +#: sssd-ldap.5.xml:1293 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." @@ -8257,7 +8277,7 @@ msgstr "" "dagar sedan epoken efter en ändring av lösenord." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1288 +#: sssd-ldap.5.xml:1299 msgid "" "It is recommend to set this option explicitly if \"ldap_pwd_policy = " "shadow\" is used to let SSSD know if the LDAP server will update " @@ -8270,12 +8290,12 @@ msgstr "" "SSSD måste uppdatera det." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1313 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1305 +#: sssd-ldap.5.xml:1316 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -8303,12 +8323,12 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1336 msgid "Example:" msgstr "Exempel:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1328 +#: sssd-ldap.5.xml:1339 #, no-wrap msgid "" "access_provider = ldap\n" @@ -8320,7 +8340,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1332 +#: sssd-ldap.5.xml:1343 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." @@ -8329,7 +8349,7 @@ msgstr "" "användare vars attribut employeeType är satt till ”admin”." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 +#: sssd-ldap.5.xml:1348 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -8342,17 +8362,17 @@ msgstr "" "fortsätta ges åtkomst under frånkoppling, och vice versa." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1345 sssd-ldap.5.xml:1401 +#: sssd-ldap.5.xml:1356 sssd-ldap.5.xml:1412 msgid "Default: Empty" msgstr "Standard: Empty" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1351 +#: sssd-ldap.5.xml:1362 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1354 +#: sssd-ldap.5.xml:1365 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -8361,7 +8381,7 @@ msgstr "" "åtkomststyrningsattribut aktiveras." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1358 +#: sssd-ldap.5.xml:1369 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -8372,12 +8392,12 @@ msgstr "" "felkod även om lösenordet är korrekt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1365 +#: sssd-ldap.5.xml:1376 msgid "The following values are allowed:" msgstr "Följande värden är tillåtna:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1368 +#: sssd-ldap.5.xml:1379 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -8386,7 +8406,7 @@ msgstr "" "att avgöra om kontot har gått ut." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1373 +#: sssd-ldap.5.xml:1384 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -8399,7 +8419,7 @@ msgstr "" "kontrolleras också." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1380 +#: sssd-ldap.5.xml:1391 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -8410,7 +8430,7 @@ msgstr "" "tillåts eller inte." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1386 +#: sssd-ldap.5.xml:1397 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -8422,7 +8442,7 @@ msgstr "" "för att avgöra om åtkomst tillåts. Om båda attributen saknas tillåts åtkomst." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1394 +#: sssd-ldap.5.xml:1405 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -8433,23 +8453,23 @@ msgstr "" "ldap_account_expire_policy skall fungera." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1407 +#: sssd-ldap.5.xml:1418 msgid "ldap_access_order (string)" msgstr "ldap_access_order (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1410 sssd-ipa.5.xml:356 +#: sssd-ldap.5.xml:1421 sssd-ipa.5.xml:420 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "Kommaseparerad lista över åtkomststyrningsalternativ. Tillåtna värden är:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 +#: sssd-ldap.5.xml:1425 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis>: använd ldap_access_filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1417 +#: sssd-ldap.5.xml:1428 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -8464,7 +8484,7 @@ msgstr "" "fungera." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1427 +#: sssd-ldap.5.xml:1438 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" @@ -8474,7 +8494,7 @@ msgstr "" "emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1434 +#: sssd-ldap.5.xml:1445 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -8495,12 +8515,12 @@ msgstr "" "måste vara satt för att denna funktion skall fungera." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1451 +#: sssd-ldap.5.xml:1462 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "<emphasis>expire</emphasis>: använd ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 sssd-ipa.5.xml:364 +#: sssd-ldap.5.xml:1466 sssd-ipa.5.xml:428 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -8515,7 +8535,7 @@ msgstr "" "exempel SSH-nycklar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1465 sssd-ipa.5.xml:374 +#: sssd-ldap.5.xml:1476 sssd-ipa.5.xml:438 msgid "" "The difference between these options is the action taken if user password is " "expired:" @@ -8524,17 +8544,17 @@ msgstr "" "lösenord gått ut:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1470 sssd-ipa.5.xml:379 +#: sssd-ldap.5.xml:1481 sssd-ipa.5.xml:443 msgid "pwd_expire_policy_reject - user is denied to log in," msgstr "pwd_expire_policy_reject — användaren nekas att logga in," #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1476 sssd-ipa.5.xml:385 +#: sssd-ldap.5.xml:1487 sssd-ipa.5.xml:449 msgid "pwd_expire_policy_warn - user is still able to log in," msgstr "pwd_expire_policy_warn — användaren kan fortfarande logga in," #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1482 sssd-ipa.5.xml:391 +#: sssd-ldap.5.xml:1493 sssd-ipa.5.xml:455 msgid "" "pwd_expire_policy_renew - user is prompted to change their password " "immediately." @@ -8543,7 +8563,7 @@ msgstr "" "omedelbart." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1490 +#: sssd-ldap.5.xml:1501 #, fuzzy #| msgid "" #| "Please note that 'access_provider = ldap' must be set for this feature to " @@ -8559,7 +8579,7 @@ msgstr "" "lämplig lösenordspolicy." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1507 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -8568,13 +8588,13 @@ msgstr "" "för att avgöra åtkomst" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1501 +#: sssd-ldap.5.xml:1512 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis>: använd attributet host för att avgöra åtkomst" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1505 +#: sssd-ldap.5.xml:1516 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" @@ -8583,7 +8603,7 @@ msgstr "" "fjärrvärdar kan få åtkomst" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1520 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" @@ -8593,12 +8613,12 @@ msgstr "" "åtkomstkontroll aktiveras" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1514 +#: sssd-ldap.5.xml:1525 msgid "Default: filter" msgstr "Standard: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1528 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -8607,12 +8627,12 @@ msgstr "" "gång." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1524 +#: sssd-ldap.5.xml:1535 msgid "ldap_pwdlockout_dn (string)" msgstr "ldap_pwdlockout_dn (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 +#: sssd-ldap.5.xml:1538 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -8625,22 +8645,22 @@ msgstr "" "LDAP-servern inte kan kontrolleras ordentligt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:1546 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "Exempel: cn=ppolicy,ou=policies,dc=example,dc=com" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1538 +#: sssd-ldap.5.xml:1549 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "Standard: cn=ppolicy,ou=policies,$ldap_search_base" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1555 msgid "ldap_deref (string)" msgstr "ldap_deref (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1558 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -8649,12 +8669,12 @@ msgstr "" "alternativ är tillåtna:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1563 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "<emphasis>never</emphasis>: Alias är aldrig derefererade." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1556 +#: sssd-ldap.5.xml:1567 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -8663,7 +8683,7 @@ msgstr "" "basobjektet, men inte vid lokalisering av basobjektet för sökningen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1561 +#: sssd-ldap.5.xml:1572 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -8672,7 +8692,7 @@ msgstr "" "basobjektet för sökningen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1566 +#: sssd-ldap.5.xml:1577 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -8681,7 +8701,7 @@ msgstr "" "lokalisering av basobjektet för sökningen." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 +#: sssd-ldap.5.xml:1582 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -8690,12 +8710,12 @@ msgstr "" "klientbiblioteken)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1579 +#: sssd-ldap.5.xml:1590 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1593 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." @@ -8704,7 +8724,7 @@ msgstr "" "servrar som använder schemat RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1586 +#: sssd-ldap.5.xml:1597 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -8721,7 +8741,7 @@ msgstr "" "via anrop av getpw*() eller initgroups()." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1597 +#: sssd-ldap.5.xml:1608 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -8732,12 +8752,12 @@ msgstr "" "de lokala användarna med de extra LDAP-grupperna." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1609 sssd-ifp.5.xml:152 +#: sssd-ldap.5.xml:1620 sssd-ifp.5.xml:152 msgid "wildcard_limit (integer)" msgstr "wildcard_limit (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1612 +#: sssd-ldap.5.xml:1623 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." @@ -8746,23 +8766,23 @@ msgstr "" "jokertecken." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1616 +#: sssd-ldap.5.xml:1627 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" "För närvarande stödjer endast respondenten InfoPipe jokeruppslagningar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1631 msgid "Default: 1000 (often the size of one page)" msgstr "Standard: 1000 (ofta storleken på en sida)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1626 +#: sssd-ldap.5.xml:1637 msgid "ldap_library_debug_level (integer)" msgstr "ldap_library_debug_level (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1629 +#: sssd-ldap.5.xml:1640 msgid "" "Switches on libldap debugging with the given level. The libldap debug " "messages will be written independent of the general debug_level." @@ -8771,7 +8791,7 @@ msgstr "" "kommer skrivas oberoende av den allmänna debug_level." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1634 +#: sssd-ldap.5.xml:1645 msgid "" "OpenLDAP uses a bitmap to enable debugging for specific components, -1 will " "enable full debug output." @@ -8780,17 +8800,17 @@ msgstr "" "komponenter, -1 kommer aktivera fullständig felsökningsutmatning." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1639 +#: sssd-ldap.5.xml:1650 msgid "Default: 0 (libldap debugging disabled)" msgstr "Standard: 0 (libldap-felsökning avaktiverat)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1645 +#: sssd-ldap.5.xml:1656 msgid "ldap_use_ppolicy (boolean)" msgstr "ldap_use_ppolicy (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1659 msgid "" "Turns on requesting and relying on the server-side password policy controls. " "Disabling this allows interacting with services which send back invalid " @@ -8801,14 +8821,14 @@ msgstr "" "vilka skickar tillbaka felaktiga ppolicy-utökningar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1671 #, fuzzy #| msgid "ldap_deref_threshold (integer)" msgid "ldap_ppolicy_pwd_change_threshold (integer)" msgstr "ldap_deref_threshold (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1663 +#: sssd-ldap.5.xml:1674 msgid "" "Forces a password change when server side password policy controls are " "enabled and remaining grace logins returned by the server after the " @@ -8839,12 +8859,12 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1683 +#: sssd-ldap.5.xml:1694 msgid "SUDO OPTIONS" msgstr "SUDOALTERNATIV" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1685 +#: sssd-ldap.5.xml:1696 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -8855,12 +8875,12 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 +#: sssd-ldap.5.xml:1707 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 +#: sssd-ldap.5.xml:1710 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." @@ -8870,7 +8890,7 @@ msgstr "" "servern)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1715 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" @@ -8879,7 +8899,7 @@ msgstr "" "emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1709 +#: sssd-ldap.5.xml:1720 msgid "" "You can disable full refresh by setting this option to 0. However, either " "smart or full refresh must be enabled." @@ -8888,17 +8908,17 @@ msgstr "" "0. Dock måste antingen smart eller fullständig uppdatering aktiveras." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1725 msgid "Default: 21600 (6 hours)" msgstr "Standard: 21600 (6 timmar)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1720 +#: sssd-ldap.5.xml:1731 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1734 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest " @@ -8909,7 +8929,7 @@ msgstr "" "USN-värde som för närvarande är känt av SSSD)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1740 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." @@ -8918,7 +8938,7 @@ msgstr "" "istället." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1733 +#: sssd-ldap.5.xml:1744 msgid "" "<emphasis>Note:</emphasis> the highest USN value can be updated by three " "tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " @@ -8934,7 +8954,7 @@ msgstr "" "<emphasis>ldap_connection_expire_timeout</emphasis>)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1744 +#: sssd-ldap.5.xml:1755 msgid "" "You can disable smart refresh by setting this option to 0. However, either " "smart or full refresh must be enabled." @@ -8943,12 +8963,12 @@ msgstr "" "Dock måste antingen smart eller fullständig uppdatering aktiveras." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1755 +#: sssd-ldap.5.xml:1766 msgid "ldap_sudo_random_offset (integer)" msgstr "ldap_sudo_random_offset (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1758 +#: sssd-ldap.5.xml:1769 msgid "" "Random offset between 0 and configured value is added to smart and full " "refresh periods each time the periodic task is scheduled. The value is in " @@ -8959,7 +8979,7 @@ msgstr "" "schemaläggs. Värdet är i sekunder." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 +#: sssd-ldap.5.xml:1775 msgid "" "Note that this random offset is also applied on the first SSSD start which " "delays the first sudo rules refresh. This prolongs the time when the sudo " @@ -8970,17 +8990,17 @@ msgstr "" "tiden under vilken sudo-reglerna inte är tillgängliga för användning." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1770 +#: sssd-ldap.5.xml:1781 msgid "You can disable this offset by setting the value to 0." msgstr "Man kan avaktivera denna fördröjning genom att sätta värdet till 0." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1780 +#: sssd-ldap.5.xml:1791 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1794 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." @@ -8989,12 +9009,12 @@ msgstr "" "(genom användning av IPv4- och IPv6-värd-/-nätverksadresser och värdnamn)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1794 +#: sssd-ldap.5.xml:1805 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1797 +#: sssd-ldap.5.xml:1808 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." @@ -9003,7 +9023,7 @@ msgstr "" "domännamn som skall användas för att filtrera reglerna." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1813 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." @@ -9012,8 +9032,8 @@ msgstr "" "fullständigt kvalificerade domännamnet automatiskt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1807 sssd-ldap.5.xml:1830 sssd-ldap.5.xml:1848 -#: sssd-ldap.5.xml:1866 +#: sssd-ldap.5.xml:1818 sssd-ldap.5.xml:1841 sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1877 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." @@ -9022,17 +9042,17 @@ msgstr "" "emphasis> har detta alternativ ingen effekt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1812 sssd-ldap.5.xml:1835 +#: sssd-ldap.5.xml:1823 sssd-ldap.5.xml:1846 msgid "Default: not specified" msgstr "Standard: inte angivet" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1818 +#: sssd-ldap.5.xml:1829 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1821 +#: sssd-ldap.5.xml:1832 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." @@ -9041,7 +9061,7 @@ msgstr "" "skall användas för att filtrera reglerna." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1826 +#: sssd-ldap.5.xml:1837 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." @@ -9050,12 +9070,12 @@ msgstr "" "automatiskt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1841 +#: sssd-ldap.5.xml:1852 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "ldap_sudo_include_netgroups (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1855 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." @@ -9064,12 +9084,12 @@ msgstr "" "attributet sudoHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1870 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1862 +#: sssd-ldap.5.xml:1873 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." @@ -9078,7 +9098,7 @@ msgstr "" "attributet sudoHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:1872 +#: sssd-ldap.5.xml:1883 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" @@ -9087,7 +9107,7 @@ msgstr "" "LDAP-serversidan!" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1884 +#: sssd-ldap.5.xml:1895 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -9100,12 +9120,12 @@ msgstr "" "manvolnum> </citerefentry>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1894 +#: sssd-ldap.5.xml:1905 msgid "AUTOFS OPTIONS" msgstr "AUTOFSALTERNATIV" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1896 +#: sssd-ldap.5.xml:1907 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." @@ -9113,47 +9133,47 @@ msgstr "" "Några av standardvärdena för parametrar nedan är beroende på LDAP-schemat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1913 msgid "ldap_autofs_map_master_name (string)" msgstr "ldap_autofs_map_master_name (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1905 +#: sssd-ldap.5.xml:1916 msgid "The name of the automount master map in LDAP." msgstr "Namnet på automount master-kartan i LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1919 msgid "Default: auto.master" msgstr "Standard: auto.master" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1919 +#: sssd-ldap.5.xml:1930 msgid "ADVANCED OPTIONS" msgstr "AVANCERADE ALTERNATIV" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1926 +#: sssd-ldap.5.xml:1937 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1931 +#: sssd-ldap.5.xml:1942 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1936 +#: sssd-ldap.5.xml:1947 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:1941 +#: sssd-ldap.5.xml:1952 msgid "<note>" msgstr "<note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:1943 +#: sssd-ldap.5.xml:1954 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -9166,22 +9186,22 @@ msgstr "" "avaktivera denna funktion om gruppnamn inte visas korrekt." #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:1950 +#: sssd-ldap.5.xml:1961 msgid "</note>" msgstr "</note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:1963 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1968 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (sträng)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1921 +#: sssd-ldap.5.xml:1932 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -9194,14 +9214,14 @@ msgstr "" "type=\"variablelist\" id=\"1\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1972 sssd-simple.5.xml:131 sssd-ipa.5.xml:930 -#: sssd-ad.5.xml:1392 sssd-krb5.5.xml:483 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:1983 sssd-simple.5.xml:131 sssd-ipa.5.xml:994 +#: sssd-ad.5.xml:1459 sssd-krb5.5.xml:483 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:155 sssd-session-recording.5.xml:176 msgid "EXAMPLE" msgstr "EXEMPEL" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1974 +#: sssd-ldap.5.xml:1985 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -9211,7 +9231,7 @@ msgstr "" "till en av domänerna i avsnittet <replaceable>[domains]</replaceable>." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1980 +#: sssd-ldap.5.xml:1991 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -9231,20 +9251,20 @@ msgstr "" "cache_credentials = true\n" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:1979 sssd-ldap.5.xml:1997 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:938 sssd-ad.5.xml:1400 sssd-sudo.5.xml:56 sssd-krb5.5.xml:492 -#: sssd-files.5.xml:162 sssd-files.5.xml:173 sssd-session-recording.5.xml:182 -#: include/ldap_id_mapping.xml:105 +#: sssd-ldap.5.xml:1990 sssd-ldap.5.xml:2008 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:1002 sssd-ad.5.xml:1467 sssd-sudo.5.xml:56 +#: sssd-krb5.5.xml:492 sssd-files.5.xml:162 sssd-files.5.xml:173 +#: sssd-session-recording.5.xml:182 include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1991 +#: sssd-ldap.5.xml:2002 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "LDAP-ÅTKOMSTFILTEREXEMPEL" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1993 +#: sssd-ldap.5.xml:2004 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." @@ -9253,7 +9273,7 @@ msgstr "" "ldap_access_order=lockout används." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1998 +#: sssd-ldap.5.xml:2009 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -9279,13 +9299,13 @@ msgstr "" "cache_credentials = true\n" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2013 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1415 sssd.8.xml:270 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2024 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1482 sssd.8.xml:270 sss_seed.8.xml:163 msgid "NOTES" msgstr "NOTER" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2015 +#: sssd-ldap.5.xml:2026 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -11691,8 +11711,8 @@ msgid "" msgstr "" "Mallarna för att lägga till certifikatdata till sökfiltret baseras på " "formateringssträngar i Python-stil. De består av ett nyckelord i " -"krullparenteser med en valfri underkomponentspecificerare separerad av en " -"”.” eller ett valfritt konverterings-/formateringsalternativ separerat av " +"krullparenteser med en valfri underkomponentspecificerare separerad av " +"en ”.” eller ett valfritt konverterings-/formateringsalternativ separerat av " "ett ”!”. Tillåtna värden är: <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><refsect3><title> @@ -12073,7 +12093,7 @@ msgstr "" "identifiera denna värd. Värdnamnet måste vara fullständigt kvalificerat." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 sssd-ad.5.xml:1182 +#: sssd-ipa.5.xml:129 sssd-ad.5.xml:1185 msgid "dyndns_update (boolean)" msgstr "dyndns_update (boolean)" @@ -12093,7 +12113,7 @@ msgstr "" "alternativet <quote>dyndns_iface</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:141 sssd-ad.5.xml:1196 +#: sssd-ipa.5.xml:141 sssd-ad.5.xml:1199 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -12113,12 +12133,12 @@ msgstr "" "använda <emphasis>dyndns_update</emphasis> i sin konfigurationsfil." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:158 sssd-ad.5.xml:1207 +#: sssd-ipa.5.xml:158 sssd-ad.5.xml:1210 msgid "dyndns_ttl (integer)" msgstr "dyndns_ttl (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:161 sssd-ad.5.xml:1210 +#: sssd-ipa.5.xml:161 sssd-ad.5.xml:1213 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -12145,12 +12165,12 @@ msgid "Default: 1200 (seconds)" msgstr "Standard: 1200 (sekunder)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:178 sssd-ad.5.xml:1221 +#: sssd-ipa.5.xml:178 sssd-ad.5.xml:1224 msgid "dyndns_iface (string)" msgstr "dyndns_iface (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:181 sssd-ad.5.xml:1224 +#: sssd-ipa.5.xml:181 sssd-ad.5.xml:1227 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -12183,17 +12203,17 @@ msgstr "" "förbindelsen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:198 sssd-ad.5.xml:1235 +#: sssd-ipa.5.xml:198 sssd-ad.5.xml:1238 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "Exempel: dyndns_iface = em1, vnet1, vnet2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:204 sssd-ad.5.xml:1291 +#: sssd-ipa.5.xml:204 sssd-ad.5.xml:1294 msgid "dyndns_auth (string)" msgstr "dyndns_auth (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:207 sssd-ad.5.xml:1294 +#: sssd-ipa.5.xml:207 sssd-ad.5.xml:1297 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -12204,17 +12224,17 @@ msgstr "" "sätta detta alternativ till ”none”." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:213 sssd-ad.5.xml:1300 +#: sssd-ipa.5.xml:213 sssd-ad.5.xml:1303 msgid "Default: GSS-TSIG" msgstr "Standard: GSS-TSIG" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:219 sssd-ad.5.xml:1306 +#: sssd-ipa.5.xml:219 sssd-ad.5.xml:1309 msgid "dyndns_auth_ptr (string)" msgstr "dyndns_auth_ptr (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:222 sssd-ad.5.xml:1309 +#: sssd-ipa.5.xml:222 sssd-ad.5.xml:1312 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "PTR updates with the DNS server, insecure updates can be sent by setting " @@ -12225,7 +12245,7 @@ msgstr "" "sätta detta alternativ till ”none”." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:228 sssd-ad.5.xml:1315 +#: sssd-ipa.5.xml:228 sssd-ad.5.xml:1318 msgid "Default: Same as dyndns_auth" msgstr "Standard: samma som dyndns_auth" @@ -12259,7 +12279,7 @@ msgstr "" "upptäckten används som backup-servrar" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1241 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1244 msgid "dyndns_refresh_interval (integer)" msgstr "dyndns_refresh_interval (heltal)" @@ -12275,12 +12295,12 @@ msgstr "" "alternativ är valfritt och tillämpligt endast när dyndns_update är sann." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:276 sssd-ad.5.xml:1259 +#: sssd-ipa.5.xml:276 sssd-ad.5.xml:1262 msgid "dyndns_update_ptr (bool)" msgstr "dyndns_update_ptr (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 sssd-ad.5.xml:1262 +#: sssd-ipa.5.xml:279 sssd-ad.5.xml:1265 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -12298,7 +12318,7 @@ msgstr "" "servern genererar PTR-posterna automatiskt när framåtposterna ändras." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:290 sssd-ad.5.xml:1267 +#: sssd-ipa.5.xml:290 sssd-ad.5.xml:1270 msgid "" "Note that <emphasis>dyndns_update_per_family</emphasis> parameter does not " "apply for PTR record updates. Those updates are always sent separately." @@ -12313,12 +12333,12 @@ msgid "Default: False (disabled)" msgstr "Standard: False (avaktiverat)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1278 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1281 msgid "dyndns_force_tcp (bool)" msgstr "dyndns_force_tcp (bool)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:304 sssd-ad.5.xml:1281 +#: sssd-ipa.5.xml:304 sssd-ad.5.xml:1284 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." @@ -12327,17 +12347,17 @@ msgstr "" "med DNS-servern." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:308 sssd-ad.5.xml:1285 +#: sssd-ipa.5.xml:308 sssd-ad.5.xml:1288 msgid "Default: False (let nsupdate choose the protocol)" msgstr "Standard: False (låt nsupdate välja protokollet)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:314 sssd-ad.5.xml:1321 +#: sssd-ipa.5.xml:314 sssd-ad.5.xml:1324 msgid "dyndns_server (string)" msgstr "dyndns_server (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1324 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1327 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." @@ -12346,36 +12366,61 @@ msgstr "" "flesta uppsättningar rekommenderas det att låta detta alternativ vara osatt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 sssd-ad.5.xml:1329 +#: sssd-ipa.5.xml:322 sssd-ad.5.xml:1332 +#, fuzzy +#| msgid "" +#| "Setting this option makes sense for environments where the DNS server is " +#| "different from the identity server." msgid "" "Setting this option makes sense for environments where the DNS server is " -"different from the identity server." +"different from the identity server or when we use encrypted DNS." msgstr "" "Att sätta detta alternativ är meningsfullt i miljöer där DNS-servern är " "skild från identitetsservern." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:327 sssd-ad.5.xml:1334 +#: sssd-ipa.5.xml:327 sssd-ad.5.xml:1337 +msgid "" +"The parameter can be a simple string containing DNS name or IP address. It " +"can also be an URI. The URI can look like <emphasis>dns://servername/</" +"emphasis> or <emphasis>dns+tls://1.2.3.4:853#servername/</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:334 sssd-ad.5.xml:1344 +msgid "" +"The second example enables DNS-over-TLS protocol for DNS updates. The " +"nsupdate utility must support DoT - check the <emphasis>man nsupdate</" +"emphasis> before enabling it in SSSD." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:340 sssd-ad.5.xml:1350 +#, fuzzy +#| msgid "" +#| "Please note that this option will be only used in fallback attempt when " +#| "previous attempt using autodetected settings failed." msgid "" "Please note that this option will be only used in fallback attempt when " -"previous attempt using autodetected settings failed." +"previous attempt using autodetected settings failed or when DNS-over-TLS is " +"enabled." msgstr "" "Observera att detta alternativ bara kommer användas i försök att falla " "tillbaka på när tidigare försök som använder automatiskt upptäckta " "inställningar misslyckas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:332 sssd-ad.5.xml:1339 +#: sssd-ipa.5.xml:346 sssd-ad.5.xml:1356 msgid "Default: None (let nsupdate choose the server)" msgstr "Standard: Ingen (låt nsupdate välja servern)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:338 sssd-ad.5.xml:1345 +#: sssd-ipa.5.xml:352 sssd-ad.5.xml:1362 msgid "dyndns_update_per_family (boolean)" msgstr "dyndns_update_per_family (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:341 sssd-ad.5.xml:1348 +#: sssd-ipa.5.xml:355 sssd-ad.5.xml:1365 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -12386,18 +12431,84 @@ msgstr "" "och IPv6-uppdateringar i ett enda steg." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:353 +#: sssd-ipa.5.xml:367 sssd-ad.5.xml:1377 +#, fuzzy +#| msgid "dyndns_iface (string)" +msgid "dyndns_dot_cacert (string)" +msgstr "dyndns_iface (sträng)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:370 sssd-ad.5.xml:1380 +msgid "" +"This option specifies the file of the certificate authorities certificates " +"(in PEM format) in order to verify the remote server TLS certificate when " +"using DoT." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:376 sssd-ad.5.xml:1386 +#, fuzzy +#| msgid "Default: None (let nsupdate choose the server)" +msgid "Default: None (use global certificate store)" +msgstr "Standard: Ingen (låt nsupdate välja servern)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:382 sssd-ad.5.xml:1392 +#, fuzzy +#| msgid "dyndns_iface (string)" +msgid "dyndns_dot_cert (string)" +msgstr "dyndns_iface (sträng)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:385 sssd-ad.5.xml:1395 +msgid "" +"This option sets the certificate(s) file for authentication for the DoT " +"transport to the remote server. The certificate chain file is expected to be " +"in PEM format." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:391 sssd-ad.5.xml:1401 +msgid "" +"The <emphasis>dyndns_dot_cert</emphasis> and <emphasis>dyndns_dot_key</" +"emphasis> options must be both set to achieve mutual TLS authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:396 sssd-ipa.5.xml:411 sssd-ad.5.xml:1406 sssd-ad.5.xml:1421 +#, fuzzy +#| msgid "Default: - (GSSAPI authentication is disabled)" +msgid "Default: None (Do not use TLS authentication)" +msgstr "Standard: - (GSSAPI-autentisering är avaktiverat)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:402 sssd-ad.5.xml:1412 +#, fuzzy +#| msgid "dyndns_auth (string)" +msgid "dyndns_dot_key (string)" +msgstr "dyndns_auth (sträng)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:405 sssd-ad.5.xml:1415 +msgid "" +"This option sets the key file for authenticated encryption for the DoT " +"transport to the remote server. The private key file is expected to be in " +"PEM format." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:417 msgid "ipa_access_order (string)" msgstr "ipa_access_order (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:360 +#: sssd-ipa.5.xml:424 msgid "<emphasis>expire</emphasis>: use IPA's account expiration policy." msgstr "" "<emphasis>expire</emphasis>: använd IPA:s policy för konton som går ut." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:399 +#: sssd-ipa.5.xml:463 msgid "" "Please note that 'access_provider = ipa' must be set for this feature to " "work." @@ -12406,12 +12517,12 @@ msgstr "" "skall fungera." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:406 +#: sssd-ipa.5.xml:470 msgid "ipa_deskprofile_search_base (string)" msgstr "ipa_deskprofile_search_base (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:409 +#: sssd-ipa.5.xml:473 msgid "" "Optional. Use the given string as search base for Desktop Profile related " "objects." @@ -12420,17 +12531,17 @@ msgstr "" "skrivbordsprofilrelaterade objekt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:413 sssd-ipa.5.xml:440 +#: sssd-ipa.5.xml:477 sssd-ipa.5.xml:504 msgid "Default: Use base DN" msgstr "Standard: använd bas-DN" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:419 +#: sssd-ipa.5.xml:483 msgid "ipa_subid_ranges_search_base (string)" msgstr "ipa_subid_ranges_search_base (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:422 +#: sssd-ipa.5.xml:486 msgid "" "Optional. Use the given string as search base for subordinate ranges related " "objects." @@ -12439,92 +12550,92 @@ msgstr "" "underordningsintervallsrelaterade objekt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:426 +#: sssd-ipa.5.xml:490 msgid "Default: the value of <emphasis>cn=subids,%basedn</emphasis>" msgstr "Standard: värdet på <emphasis>cn=subids,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:433 +#: sssd-ipa.5.xml:497 msgid "ipa_hbac_search_base (string)" msgstr "ipa_hbac_search_base (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:436 +#: sssd-ipa.5.xml:500 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" "Frivillig. Använd den givna strängen som sökbas för HBAC-relaterade objekt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:446 +#: sssd-ipa.5.xml:510 msgid "ipa_host_search_base (string)" msgstr "ipa_host_search_base (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:449 +#: sssd-ipa.5.xml:513 msgid "Deprecated. Use ldap_host_search_base instead." msgstr "Undanbedes. Använd ldap_host_search_base istället." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:455 +#: sssd-ipa.5.xml:519 msgid "ipa_selinux_search_base (string)" msgstr "ipa_selinux_search_base (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:458 +#: sssd-ipa.5.xml:522 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" "Frivillig. Använd den givna strängen som en sökbas för SELinux-" "användaröversättningar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:474 +#: sssd-ipa.5.xml:538 msgid "ipa_subdomains_search_base (string)" msgstr "ipa_subdomains_search_base (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:477 +#: sssd-ipa.5.xml:541 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" "Frivillig. Använd den givna strängen som en sökbas för betrodda domäner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 +#: sssd-ipa.5.xml:550 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "Standard: värdet på <emphasis>cn=trusts,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:493 +#: sssd-ipa.5.xml:557 msgid "ipa_master_domain_search_base (string)" msgstr "ipa_master_domain_search_base (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:496 +#: sssd-ipa.5.xml:560 msgid "Optional. Use the given string as search base for master domain object." msgstr "" "Frivillig. Använd den givna strängen som en sökbas för huvuddomänobjekt." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:505 +#: sssd-ipa.5.xml:569 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "Standard: värdet av <emphasis>cn=ad,cn=etc,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 +#: sssd-ipa.5.xml:576 msgid "ipa_views_search_base (string)" msgstr "ipa_views_search_base (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 +#: sssd-ipa.5.xml:579 msgid "Optional. Use the given string as search base for views containers." msgstr "Frivillig. Använd den givna strängen som en sökbas för vybehållare." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:524 +#: sssd-ipa.5.xml:588 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "Standard: värdet av <emphasis>cn=views,cn=accounts,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:534 +#: sssd-ipa.5.xml:598 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." @@ -12533,7 +12644,7 @@ msgstr "" "värdet av <quote>ipa_domain</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:538 +#: sssd-ipa.5.xml:602 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." @@ -12542,12 +12653,12 @@ msgstr "" "till bas-DN:en för att användas när LDAP-operationer utförs." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:546 sssd-ad.5.xml:1363 +#: sssd-ipa.5.xml:610 sssd-ad.5.xml:1430 msgid "krb5_confd_path (string)" msgstr "krb5_confd_path (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:549 sssd-ad.5.xml:1366 +#: sssd-ipa.5.xml:613 sssd-ad.5.xml:1433 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." @@ -12556,7 +12667,7 @@ msgstr "" "för Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:553 sssd-ad.5.xml:1370 +#: sssd-ipa.5.xml:617 sssd-ad.5.xml:1437 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." @@ -12565,7 +12676,7 @@ msgstr "" "”none”." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:557 sssd-ad.5.xml:1374 +#: sssd-ipa.5.xml:621 sssd-ad.5.xml:1441 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -12573,12 +12684,12 @@ msgstr "" "katalog)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:564 +#: sssd-ipa.5.xml:628 msgid "ipa_deskprofile_refresh (integer)" msgstr "ipa_deskprofile_refresh (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:567 +#: sssd-ipa.5.xml:631 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server. This will reduce the latency and load on the IPA server if there " @@ -12589,17 +12700,17 @@ msgstr "" "görs många begäranden om skrivbordsprofiler under en kort tid." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:574 sssd-ipa.5.xml:604 sssd-ipa.5.xml:620 sssd-ad.5.xml:600 +#: sssd-ipa.5.xml:638 sssd-ipa.5.xml:668 sssd-ipa.5.xml:684 sssd-ad.5.xml:600 msgid "Default: 5 (seconds)" msgstr "Standard: 5 (sekunder)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:580 +#: sssd-ipa.5.xml:644 msgid "ipa_deskprofile_request_interval (integer)" msgstr "ipa_deskprofile_request_interval (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:583 +#: sssd-ipa.5.xml:647 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server in case the last request did not return any rule." @@ -12608,17 +12719,17 @@ msgstr "" "den senaste förfrågan inte returnerade någon regel." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:588 +#: sssd-ipa.5.xml:652 msgid "Default: 60 (minutes)" msgstr "Standard: 60 (minuter)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:594 +#: sssd-ipa.5.xml:658 msgid "ipa_hbac_refresh (integer)" msgstr "ipa_hbac_refresh (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:597 +#: sssd-ipa.5.xml:661 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -12629,12 +12740,12 @@ msgstr "" "begäranden om åtkomstkontroll under en kort tid." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:610 +#: sssd-ipa.5.xml:674 msgid "ipa_hbac_selinux (integer)" msgstr "ipa_hbac_selinux (heltal)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:613 +#: sssd-ipa.5.xml:677 msgid "" "The amount of time between lookups of the SELinux maps against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -12645,12 +12756,12 @@ msgstr "" "många begäranden om användarinloggningar under en kort tid." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:626 +#: sssd-ipa.5.xml:690 msgid "ipa_server_mode (boolean)" msgstr "ipa_server_mode (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:629 +#: sssd-ipa.5.xml:693 msgid "" "This option will be set by the IPA installer (ipa-server-install) " "automatically and denotes if SSSD is running on an IPA server or not." @@ -12659,7 +12770,7 @@ msgstr "" "och markerar om SSSD kör på en IPA-server eller inte." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:634 +#: sssd-ipa.5.xml:698 msgid "" "On an IPA server SSSD will lookup users and groups from trusted domains " "directly while on a client it will ask an IPA server." @@ -12668,7 +12779,7 @@ msgstr "" "domäner direkt medan på en klient kommer den att fråga en IPA-server." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:639 +#: sssd-ipa.5.xml:703 msgid "" "NOTE: There are currently some assumptions that must be met when SSSD is " "running on an IPA server." @@ -12677,7 +12788,7 @@ msgstr "" "kör på en IPA-server." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:644 +#: sssd-ipa.5.xml:708 msgid "" "The <quote>ipa_server</quote> option must be configured to point to the IPA " "server itself. This is already the default set by the IPA installer, so no " @@ -12688,7 +12799,7 @@ msgstr "" "installeraren, så det behövs inga manuella ändringar." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:653 +#: sssd-ipa.5.xml:717 msgid "" "The <quote>full_name_format</quote> option must not be tweaked to only print " "short names for users from trusted domains." @@ -12697,52 +12808,52 @@ msgstr "" "skriva korta namn på användare från betrodda domäner." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:668 +#: sssd-ipa.5.xml:732 msgid "ipa_automount_location (string)" msgstr "ipa_automount_location (sträng)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:671 +#: sssd-ipa.5.xml:735 msgid "The automounter location this IPA client will be using" msgstr "Automonteringsplatsen denna IPA-klient kommer använda" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:674 +#: sssd-ipa.5.xml:738 msgid "Default: The location named \"default\"" msgstr "Standard: platsen som heter ”default”" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:682 +#: sssd-ipa.5.xml:746 msgid "VIEWS AND OVERRIDES" msgstr "VYER OCH ÅSIDOSÄTTANDEN" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:691 +#: sssd-ipa.5.xml:755 msgid "ipa_view_class (string)" msgstr "ipa_view_class (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:694 +#: sssd-ipa.5.xml:758 msgid "Objectclass of the view container." msgstr "Objektklass för vybehållaren." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:697 +#: sssd-ipa.5.xml:761 msgid "Default: nsContainer" msgstr "Standard: nsContainer" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:703 +#: sssd-ipa.5.xml:767 msgid "ipa_view_name (string)" msgstr "ipa_view_name (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:706 +#: sssd-ipa.5.xml:770 msgid "Name of the attribute holding the name of the view." msgstr "Namn på attributet som har namnet på vyn." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:710 sssd-ldap-attributes.5.xml:496 +#: sssd-ipa.5.xml:774 sssd-ldap-attributes.5.xml:496 #: sssd-ldap-attributes.5.xml:832 sssd-ldap-attributes.5.xml:913 #: sssd-ldap-attributes.5.xml:1010 sssd-ldap-attributes.5.xml:1068 #: sssd-ldap-attributes.5.xml:1226 sssd-ldap-attributes.5.xml:1271 @@ -12750,27 +12861,27 @@ msgid "Default: cn" msgstr "Standard: cn" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:716 +#: sssd-ipa.5.xml:780 msgid "ipa_override_object_class (string)" msgstr "ipa_override_object_class (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:719 +#: sssd-ipa.5.xml:783 msgid "Objectclass of the override objects." msgstr "Objektklass för åsidosättande objekt." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:722 +#: sssd-ipa.5.xml:786 msgid "Default: ipaOverrideAnchor" msgstr "Standard: ipaOverrideAnchor" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:728 +#: sssd-ipa.5.xml:792 msgid "ipa_anchor_uuid (string)" msgstr "ipa_anchor_uuid (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:731 +#: sssd-ipa.5.xml:795 msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." @@ -12779,17 +12890,17 @@ msgstr "" "fjärrdomän." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:735 +#: sssd-ipa.5.xml:799 msgid "Default: ipaAnchorUUID" msgstr "Standard: ipaAnchorUUID" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:741 +#: sssd-ipa.5.xml:805 msgid "ipa_user_override_object_class (string)" msgstr "ipa_user_override_object_class (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:744 +#: sssd-ipa.5.xml:808 msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." @@ -12799,57 +12910,57 @@ msgstr "" "eller en grupp." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:749 +#: sssd-ipa.5.xml:813 msgid "User overrides can contain attributes given by" msgstr "Användaråsidosättanden kan innehålla attribut givna av" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:752 +#: sssd-ipa.5.xml:816 msgid "ldap_user_name" msgstr "ldap_user_name" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:755 +#: sssd-ipa.5.xml:819 msgid "ldap_user_uid_number" msgstr "ldap_user_uid_number" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:758 +#: sssd-ipa.5.xml:822 msgid "ldap_user_gid_number" msgstr "ldap_user_gid_number" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:761 +#: sssd-ipa.5.xml:825 msgid "ldap_user_gecos" msgstr "ldap_user_gecos" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:764 +#: sssd-ipa.5.xml:828 msgid "ldap_user_home_directory" msgstr "ldap_user_home_directory" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:767 +#: sssd-ipa.5.xml:831 msgid "ldap_user_shell" msgstr "ldap_user_shell" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:770 +#: sssd-ipa.5.xml:834 msgid "ldap_user_ssh_public_key" msgstr "ldap_user_ssh_public_key" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:775 +#: sssd-ipa.5.xml:839 msgid "Default: ipaUserOverride" msgstr "Standard: ipaUserOverride" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:781 +#: sssd-ipa.5.xml:845 msgid "ipa_group_override_object_class (string)" msgstr "ipa_group_override_object_class (sträng)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:784 +#: sssd-ipa.5.xml:848 msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." @@ -12859,27 +12970,27 @@ msgstr "" "grupp." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:789 +#: sssd-ipa.5.xml:853 msgid "Group overrides can contain attributes given by" msgstr "Gruppåsidosättanden kan innehålla attribut givna av" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:792 +#: sssd-ipa.5.xml:856 msgid "ldap_group_name" msgstr "ldap_group_name" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:795 +#: sssd-ipa.5.xml:859 msgid "ldap_group_gid_number" msgstr "ldap_group_gid_number" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:800 +#: sssd-ipa.5.xml:864 msgid "Default: ipaGroupOverride" msgstr "Standard: ipaGroupOverride" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:684 +#: sssd-ipa.5.xml:748 msgid "" "SSSD can handle views and overrides which are offered by FreeIPA 4.1 and " "later version. Since all paths and objectclasses are fixed on the server " @@ -12894,12 +13005,12 @@ msgstr "" "standardvärden. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:812 +#: sssd-ipa.5.xml:876 msgid "SUBDOMAINS PROVIDER" msgstr "UNDERDOMÄNSLEVERANTÖR" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:814 +#: sssd-ipa.5.xml:878 msgid "" "The IPA subdomains provider behaves slightly differently if it is configured " "explicitly or implicitly." @@ -12908,7 +13019,7 @@ msgstr "" "explicit eller implicit." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:818 +#: sssd-ipa.5.xml:882 msgid "" "If the option 'subdomains_provider = ipa' is found in the domain section of " "sssd.conf, the IPA subdomains provider is configured explicitly, and all " @@ -12919,7 +13030,7 @@ msgstr "" "av underdomäner skickas till IPA-servern om nödvändigt." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:824 +#: sssd-ipa.5.xml:888 msgid "" "If the option 'subdomains_provider' is not set in the domain section of sssd." "conf but there is the option 'id_provider = ipa', the IPA subdomains " @@ -12938,12 +13049,12 @@ msgstr "" "blir uppkopplad aktiveras underdomänsleverantören igen." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:835 +#: sssd-ipa.5.xml:899 msgid "TRUSTED DOMAINS CONFIGURATION" msgstr "KONFIGURATION AV BETRODDA DOMÄNER" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:843 +#: sssd-ipa.5.xml:907 #, no-wrap msgid "" "[domain/ipa.domain.com/ad.domain.com]\n" @@ -12953,7 +13064,7 @@ msgstr "" "ad_server = dc.ad.domain.com\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:837 +#: sssd-ipa.5.xml:901 msgid "" "Some configuration options can also be set for a trusted domain. A trusted " "domain configuration can be set using the trusted domain subsection as shown " @@ -12968,7 +13079,7 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:848 +#: sssd-ipa.5.xml:912 msgid "" "For more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." @@ -12977,7 +13088,7 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:855 +#: sssd-ipa.5.xml:919 msgid "" "Different configuration options are tunable for a trusted domain depending " "on whether you are configuring SSSD on an IPA server or an IPA client." @@ -12986,61 +13097,61 @@ msgstr "" "på huruvida man konfigurerar SSSD på en IPA-server eller en IPA-klient." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:860 +#: sssd-ipa.5.xml:924 msgid "OPTIONS TUNABLE ON IPA MASTERS" msgstr "ALTERNATIV ATT STÄLLA IN PÅ IPA-MASTRAR" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:862 +#: sssd-ipa.5.xml:926 msgid "" "The following options can be set in a subdomain section on an IPA master:" msgstr "" "Följande alternativ kan sättas i ett underdomänsavsnitt på en IPA-master:" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:866 sssd-ipa.5.xml:896 +#: sssd-ipa.5.xml:930 sssd-ipa.5.xml:960 msgid "ad_server" msgstr "ad_server" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:869 +#: sssd-ipa.5.xml:933 msgid "ad_backup_server" msgstr "ad_backup_server" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:872 sssd-ipa.5.xml:899 +#: sssd-ipa.5.xml:936 sssd-ipa.5.xml:963 msgid "ad_site" msgstr "ad_site" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:875 +#: sssd-ipa.5.xml:939 msgid "ldap_search_base" msgstr "ldap_search_base" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:878 +#: sssd-ipa.5.xml:942 msgid "ldap_user_search_base" msgstr "ldap_user_search_base" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:881 +#: sssd-ipa.5.xml:945 msgid "ldap_group_search_base" msgstr "ldap_group_search_base" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:890 +#: sssd-ipa.5.xml:954 msgid "OPTIONS TUNABLE ON IPA CLIENTS" msgstr "ALTERNATIV ATT STÄLLA IN PÅ IPA-KLIENTER" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:892 +#: sssd-ipa.5.xml:956 msgid "" "The following options can be set in a subdomain section on an IPA client:" msgstr "" "Följande alternativ kan sättas i ett underdomänsavsnitt på en IPA-klient:" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:904 +#: sssd-ipa.5.xml:968 msgid "" "Note that if both options are set, only <quote>ad_server</quote> is " "evaluated." @@ -13049,7 +13160,7 @@ msgstr "" "quote>." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:908 +#: sssd-ipa.5.xml:972 msgid "" "Since any request for a user or a group identity from a trusted domain " "triggered from an IPA client is resolved by the IPA server, the " @@ -13072,7 +13183,7 @@ msgstr "" "<manvolnum>8</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:932 +#: sssd-ipa.5.xml:996 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -13083,7 +13194,7 @@ msgstr "" "exempel visar endast alternativ som är specifika för leverantören ipa." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:939 +#: sssd-ipa.5.xml:1003 #, no-wrap msgid "" "[domain/example.com]\n" @@ -14588,6 +14699,13 @@ msgstr "ad_allow_remote_domain_local_groups (boolean)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:1136 +#, fuzzy +#| msgid "This option can also be set per-domain." +msgid "This option is deprecated." +msgstr "Detta alternativ kan även sättas per domän." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1139 msgid "" "If this option is set to <quote>true</quote> SSSD will not filter out Domain " "Local groups from remote domains in the AD forest. By default they are " @@ -14604,7 +14722,7 @@ msgstr "" "Linuxklienter lades detta alternativ till." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1146 +#: sssd-ad.5.xml:1149 msgid "" "Please note that setting this option to <quote>true</quote> will be against " "the intention of Domain Local group in Active Directory and <emphasis>SHOULD " @@ -14629,7 +14747,7 @@ msgstr "" "också de domänlokala fjärrgrupperna saknas." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1162 +#: sssd-ad.5.xml:1165 msgid "" "Given the comments above, if this option is set to <quote>true</quote> the " "tokenGroups request must be disabled by setting <quote>ldap_use_tokengroups</" @@ -14649,7 +14767,7 @@ msgstr "" "endast finns med en djupare nästningsnivå." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1185 +#: sssd-ad.5.xml:1188 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -14666,12 +14784,12 @@ msgstr "" "på annat sätt med alternativet <quote>dyndns_iface</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1215 +#: sssd-ad.5.xml:1218 msgid "Default: 3600 (seconds)" msgstr "Standard: 3600 (sekunder)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1231 +#: sssd-ad.5.xml:1234 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" @@ -14680,7 +14798,7 @@ msgstr "" "förbindelsen" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1244 +#: sssd-ad.5.xml:1247 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -14695,7 +14813,7 @@ msgstr "" "mindre än 60 ges kommer parametern endast anta det lägsta värdet." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1394 +#: sssd-ad.5.xml:1461 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -14706,7 +14824,7 @@ msgstr "" "exempel visar endast alternativ som är specifika för leverantören AD." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1401 +#: sssd-ad.5.xml:1468 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -14730,7 +14848,7 @@ msgstr "" "ad_domain = example.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1421 +#: sssd-ad.5.xml:1488 #, no-wrap msgid "" "access_provider = ldap\n" @@ -14742,7 +14860,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1417 +#: sssd-ad.5.xml:1484 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -14753,7 +14871,7 @@ msgstr "" "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1427 +#: sssd-ad.5.xml:1494 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -14768,7 +14886,7 @@ msgstr "" "krypteringsdetaljer) manuellt." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1435 +#: sssd-ad.5.xml:1502 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -21548,9 +21666,14 @@ msgstr "" #. type: Content of: <refsect1><refsect2><para> #: include/ldap_id_mapping.xml:67 +#, fuzzy +#| msgid "" +#| "The SSSD ID-mapping algorithm takes a range of available UIDs and divides " +#| "it into equally-sized component sections - called \"slices\"-. Each slice " +#| "represents the space available to an Active Directory domain." msgid "" "The SSSD ID-mapping algorithm takes a range of available UIDs and divides it " -"into equally-sized component sections - called \"slices\"-. Each slice " +"into equally-sized component sections - called \"slices\". Each slice " "represents the space available to an Active Directory domain." msgstr "" "SSSD ID-översättningsalgoritmen tar ett intervall av tillgängliga AID:er och " @@ -21743,11 +21866,18 @@ msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: include/ldap_id_mapping.xml:185 +#, fuzzy +#| msgid "" +#| "For example, if your most recently-added Active Directory user has " +#| "objectSid=S-1-5-21-2153326666-2176343378-3404031434-1107, " +#| "<quote>ldap_idmap_range_size</quote> must be at least 1108 as range size " +#| "is equal to maximal SID minus minimal SID plus one (e.g. 1108 = 1107 - 0 " +#| "+ 1)." msgid "" "For example, if your most recently-added Active Directory user has " "objectSid=S-1-5-21-2153326666-2176343378-3404031434-1107, " "<quote>ldap_idmap_range_size</quote> must be at least 1108 as range size is " -"equal to maximal SID minus minimal SID plus one (e.g. 1108 = 1107 - 0 + 1)." +"equal to maximal RID minus minimal RID plus one (e.g. 1108 = 1107 - 0 + 1)." msgstr "" "Till exempel, om den senaste tillagda Active Directory-användaren har " "objectSid=S-1-5-21-2153326666-2176343378-3404031434-1107, måste " @@ -22973,6 +23103,13 @@ msgstr "" "Anger om värdens och användarens huvudman skall göras kanonisk. Denna " "funktion är tillgänglig med MIT Kerberos 1.7 och senare versioner." +#~ msgid "" +#~ "The RULE_NAME for the <quote>files</quote> provider which tries to find a " +#~ "user with the same name." +#~ msgstr "" +#~ "REGELNAMNet för leverantören <quote>files</quote> som försöker hitta en " +#~ "användare med samma namn." + #~ msgid "reconnection_retries (integer)" #~ msgstr "reconnection_retries (heltal)" diff --git a/src/man/po/tg.po b/src/man/po/tg.po index 7a7092cd040..de138aff06e 100644 --- a/src/man/po/tg.po +++ b/src/man/po/tg.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 2.3.0\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2024-10-15 11:44+0200\n" +"POT-Creation-Date: 2024-12-10 14:33+0100\n" "PO-Revision-Date: 2014-12-15 12:10-0500\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: Tajik (http://www.transifex.com/projects/p/sssd/language/" @@ -116,17 +116,17 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:60 msgid "" -"<filename>sssd.conf</filename> must be a regular file that is owned, " -"readable, and writeable by the same user as configured to run SSSD service." +"<filename>sssd.conf</filename> must be a regular file that is accessible " +"only by the user used to run SSSD service or root." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:67 +#: sssd.conf.5.xml:66 msgid "CONFIGURATION SNIPPETS FROM INCLUDE DIRECTORY" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:70 +#: sssd.conf.5.xml:69 msgid "" "The configuration file <filename>sssd.conf</filename> will include " "configuration snippets using the include directory <filename>conf.d</" @@ -134,7 +134,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:76 +#: sssd.conf.5.xml:75 msgid "" "Any file placed in <filename>conf.d</filename> that ends in " "<quote><filename>.conf</filename></quote> and does not begin with a dot " @@ -143,7 +143,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:84 +#: sssd.conf.5.xml:83 msgid "" "The configuration snippets from <filename>conf.d</filename> have higher " "priority than <filename>sssd.conf</filename> and will override " @@ -156,39 +156,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:98 +#: sssd.conf.5.xml:97 msgid "" "The snippet files require the same owner and permissions as <filename>sssd." "conf</filename>." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:104 +#: sssd.conf.5.xml:103 msgid "GENERAL OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:106 +#: sssd.conf.5.xml:105 msgid "Following options are usable in more than one configuration sections." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:110 +#: sssd.conf.5.xml:109 msgid "Options usable in all sections" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:114 +#: sssd.conf.5.xml:113 msgid "debug_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:118 +#: sssd.conf.5.xml:117 msgid "debug (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:121 +#: sssd.conf.5.xml:120 msgid "" "SSSD 1.14 and later also includes the <replaceable>debug</replaceable> alias " "for <replaceable>debug_level</replaceable> as a convenience feature. If both " @@ -197,62 +197,62 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:131 +#: sssd.conf.5.xml:130 msgid "debug_timestamps (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:134 +#: sssd.conf.5.xml:133 msgid "" "Add a timestamp to the debug messages. If journald is enabled for SSSD " "debug logging this option is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 sssd.conf.5.xml:176 sssd.conf.5.xml:338 -#: sssd.conf.5.xml:698 sssd.conf.5.xml:713 sssd.conf.5.xml:923 -#: sssd.conf.5.xml:1041 sssd.conf.5.xml:2169 sssd-ldap.5.xml:920 -#: sssd-ldap.5.xml:1074 sssd-ldap.5.xml:1177 sssd-ldap.5.xml:1246 -#: sssd-ldap.5.xml:1654 sssd-ldap.5.xml:1788 sssd-ldap.5.xml:1853 -#: sssd-ipa.5.xml:347 sssd-ad.5.xml:252 sssd-ad.5.xml:367 sssd-ad.5.xml:1201 -#: sssd-ad.5.xml:1354 sssd-krb5.5.xml:358 +#: sssd.conf.5.xml:138 sssd.conf.5.xml:175 sssd.conf.5.xml:337 +#: sssd.conf.5.xml:701 sssd.conf.5.xml:716 sssd.conf.5.xml:926 +#: sssd.conf.5.xml:1044 sssd.conf.5.xml:2172 sssd-ldap.5.xml:931 +#: sssd-ldap.5.xml:1085 sssd-ldap.5.xml:1188 sssd-ldap.5.xml:1257 +#: sssd-ldap.5.xml:1665 sssd-ldap.5.xml:1799 sssd-ldap.5.xml:1864 +#: sssd-ipa.5.xml:361 sssd-ad.5.xml:252 sssd-ad.5.xml:367 sssd-ad.5.xml:1204 +#: sssd-ad.5.xml:1371 sssd-krb5.5.xml:358 msgid "Default: true" msgstr "Пешфарз: true" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:144 +#: sssd.conf.5.xml:143 msgid "debug_microseconds (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:147 +#: sssd.conf.5.xml:146 msgid "" "Add microseconds to the timestamp in debug messages. If journald is enabled " "for SSSD debug logging this option is ignored." msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:152 sssd.conf.5.xml:636 sssd.conf.5.xml:920 -#: sssd.conf.5.xml:2072 sssd.conf.5.xml:2139 sssd.conf.5.xml:4231 -#: sssd-ldap.5.xml:313 sssd-ldap.5.xml:939 sssd-ldap.5.xml:1149 -#: sssd-ldap.5.xml:1603 sssd-ldap.5.xml:1877 sssd-ipa.5.xml:152 -#: sssd-ipa.5.xml:254 sssd-ipa.5.xml:662 sssd-ad.5.xml:1107 sssd-krb5.5.xml:268 +#: sssd.conf.5.xml:151 sssd.conf.5.xml:639 sssd.conf.5.xml:923 +#: sssd.conf.5.xml:2075 sssd.conf.5.xml:2142 sssd.conf.5.xml:4234 +#: sssd-ldap.5.xml:324 sssd-ldap.5.xml:950 sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1888 sssd-ipa.5.xml:152 +#: sssd-ipa.5.xml:254 sssd-ipa.5.xml:726 sssd-ad.5.xml:1107 sssd-krb5.5.xml:268 #: sssd-krb5.5.xml:330 sssd-krb5.5.xml:432 include/krb5_options.xml:163 msgid "Default: false" msgstr "Пешфарз: false" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:157 +#: sssd.conf.5.xml:156 msgid "debug_backtrace_enabled (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:160 +#: sssd.conf.5.xml:159 msgid "Enable debug backtrace." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:163 +#: sssd.conf.5.xml:162 msgid "" "In case SSSD is run with debug_level less than 9, everything is logged to a " "ring buffer in memory and flushed to a log file on any error up to and " @@ -262,15 +262,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:172 +#: sssd.conf.5.xml:171 msgid "" "Feature is only supported for `logger == files` (i.e. setting doesn't have " "effect for other logger types)." msgstr "" #. type: Content of: outside any tag (error?) -#: sssd.conf.5.xml:112 sssd.conf.5.xml:187 sssd-ldap.5.xml:1694 -#: sssd-ldap.5.xml:1900 sss-certmap.5.xml:645 sssd-systemtap.5.xml:82 +#: sssd.conf.5.xml:111 sssd.conf.5.xml:186 sssd-ldap.5.xml:1705 +#: sssd-ldap.5.xml:1911 sss-certmap.5.xml:645 sssd-systemtap.5.xml:82 #: sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 #: sssd-systemtap.5.xml:330 sssd-ldap-attributes.5.xml:40 #: sssd-ldap-attributes.5.xml:661 sssd-ldap-attributes.5.xml:803 @@ -282,17 +282,17 @@ msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:185 +#: sssd.conf.5.xml:184 msgid "Options usable in SERVICE and DOMAIN sections" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:189 +#: sssd.conf.5.xml:188 msgid "timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:192 +#: sssd.conf.5.xml:191 msgid "" "Timeout in seconds between heartbeats for this service. This is used to " "ensure that the process is alive and capable of answering requests. Note " @@ -300,33 +300,33 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:199 sssd.conf.5.xml:1261 sssd.conf.5.xml:1738 -#: sssd.conf.5.xml:4247 sssd-ldap.5.xml:766 include/ldap_id_mapping.xml:270 +#: sssd.conf.5.xml:198 sssd.conf.5.xml:1264 sssd.conf.5.xml:1741 +#: sssd.conf.5.xml:4250 sssd-ldap.5.xml:777 include/ldap_id_mapping.xml:270 msgid "Default: 10" msgstr "Пешфарз: 10" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:209 +#: sssd.conf.5.xml:208 msgid "SPECIAL SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:212 +#: sssd.conf.5.xml:211 msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><title> -#: sssd.conf.5.xml:221 +#: sssd.conf.5.xml:220 msgid "Section parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:223 +#: sssd.conf.5.xml:222 msgid "services" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:226 +#: sssd.conf.5.xml:225 msgid "" "Comma separated list of services that are started when sssd itself starts. " "<phrase condition=\"have_systemd\"> The services' list is optional on " @@ -335,7 +335,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:235 +#: sssd.conf.5.xml:234 msgid "" "Supported services: nss, pam, ifp <phrase condition=\"with_sudo\">, sudo</" "phrase> <phrase condition=\"with_autofs\">, autofs</phrase> <phrase " @@ -344,7 +344,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:242 +#: sssd.conf.5.xml:241 msgid "" "<phrase condition=\"have_systemd\"> By default, all services are disabled " "and the administrator must enable the ones allowed to be used by executing: " @@ -352,12 +352,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:251 +#: sssd.conf.5.xml:250 msgid "domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:254 +#: sssd.conf.5.xml:253 msgid "" "A domain is a database containing user information. SSSD can use more " "domains at the same time, but at least one must be configured or SSSD won't " @@ -368,19 +368,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:267 sssd.conf.5.xml:3535 +#: sssd.conf.5.xml:266 sssd.conf.5.xml:3538 msgid "re_expression (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:270 +#: sssd.conf.5.xml:269 msgid "" "Default regular expression that describes how to parse the string containing " "user name and domain into these components." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:275 +#: sssd.conf.5.xml:274 msgid "" "Each domain can have an individual regular expression configured. For some " "ID providers there are also default regular expressions. See DOMAIN SECTIONS " @@ -388,12 +388,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:284 sssd.conf.5.xml:3592 +#: sssd.conf.5.xml:283 sssd.conf.5.xml:3595 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:3595 +#: sssd.conf.5.xml:286 sssd.conf.5.xml:3598 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -401,70 +401,70 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:298 sssd.conf.5.xml:3606 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:3609 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 sssd.conf.5.xml:3607 +#: sssd.conf.5.xml:298 sssd.conf.5.xml:3610 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:302 sssd.conf.5.xml:3610 +#: sssd.conf.5.xml:301 sssd.conf.5.xml:3613 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:305 sssd.conf.5.xml:3613 +#: sssd.conf.5.xml:304 sssd.conf.5.xml:3616 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:311 sssd.conf.5.xml:3619 +#: sssd.conf.5.xml:310 sssd.conf.5.xml:3622 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:314 sssd.conf.5.xml:3622 +#: sssd.conf.5.xml:313 sssd.conf.5.xml:3625 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:295 sssd.conf.5.xml:3603 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:3606 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:324 +#: sssd.conf.5.xml:323 msgid "" "Each domain can have an individual format string configured. See DOMAIN " "SECTIONS for more info on this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:330 +#: sssd.conf.5.xml:329 msgid "monitor_resolv_conf (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:333 +#: sssd.conf.5.xml:332 msgid "" "Controls if SSSD should monitor the state of resolv.conf to identify when it " "needs to update its internal DNS resolver." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:343 +#: sssd.conf.5.xml:342 msgid "try_inotify (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:346 +#: sssd.conf.5.xml:345 msgid "" "By default, SSSD will attempt to use inotify to monitor configuration files " "changes and will fall back to polling every five seconds if inotify cannot " @@ -472,7 +472,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:352 +#: sssd.conf.5.xml:351 msgid "" "There are some limited situations where it is preferred that we should skip " "even trying to use inotify. In these rare cases, this option should be set " @@ -480,52 +480,52 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:358 +#: sssd.conf.5.xml:357 msgid "" "Default: true on platforms where inotify is supported. False on other " "platforms." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:362 +#: sssd.conf.5.xml:361 msgid "" "Note: this option will have no effect on platforms where inotify is " "unavailable. On these platforms, polling will always be used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 +#: sssd.conf.5.xml:368 msgid "krb5_rcache_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 +#: sssd.conf.5.xml:371 msgid "" "Directory on the filesystem where SSSD should store Kerberos replay cache " "files." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:376 +#: sssd.conf.5.xml:375 msgid "" "This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " "SSSD to let libkrb5 decide the appropriate location for the replay cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:382 +#: sssd.conf.5.xml:381 msgid "" "Default: Distribution-specific and specified at build-time. " "(__LIBKRB5_DEFAULTS__ if not configured)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:389 +#: sssd.conf.5.xml:388 msgid "user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:392 +#: sssd.conf.5.xml:391 msgid "" "A legacy (deprecated) method to configure the user to drop the privileges to " "where appropriate to avoid running as the root user. The only supported " @@ -533,14 +533,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 +#: sssd.conf.5.xml:398 msgid "" "This option is ignored if main SSSD process is started under non-root user " "initially (preferred method)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:404 +#: sssd.conf.5.xml:403 msgid "" "This option doesn't apply to socket activated services, as in this case the " "user to run the processes is configured in systemd service files. Keep in " @@ -550,17 +550,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:415 +#: sssd.conf.5.xml:414 msgid "Default: not set, process will run as root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:420 +#: sssd.conf.5.xml:419 msgid "default_domain_suffix (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:423 +#: sssd.conf.5.xml:422 +msgid "" +"Please note that this option is deprecated and domain_resolution_order " +"should be used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:426 msgid "" "This string will be used as a default domain name for all names without a " "domain name component. The main use case is environments where the primary " @@ -570,7 +577,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 +#: sssd.conf.5.xml:436 msgid "" "Please note that if this option is set all users from the primary domain " "have to use their fully qualified name, e.g. user@domain.name, to log in. " @@ -583,8 +590,8 @@ msgid "" msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:450 sssd-ldap.5.xml:878 sssd-ldap.5.xml:890 -#: sssd-ldap.5.xml:983 sssd-ad.5.xml:921 sssd-ad.5.xml:996 sssd-krb5.5.xml:468 +#: sssd.conf.5.xml:453 sssd-ldap.5.xml:889 sssd-ldap.5.xml:901 +#: sssd-ldap.5.xml:994 sssd-ad.5.xml:921 sssd-ad.5.xml:996 sssd-krb5.5.xml:468 #: sssd-ldap-attributes.5.xml:470 sssd-ldap-attributes.5.xml:978 #: include/ldap_id_mapping.xml:211 include/ldap_id_mapping.xml:222 #: include/krb5_options.xml:148 @@ -592,12 +599,12 @@ msgid "Default: not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:455 +#: sssd.conf.5.xml:458 msgid "override_space (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:458 +#: sssd.conf.5.xml:461 msgid "" "This parameter will replace spaces (space bar) with the given character for " "user and group names. e.g. (_). User name "john doe" will be " @@ -607,7 +614,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:467 +#: sssd.conf.5.xml:470 msgid "" "Please note it is a configuration error to use a replacement character that " "might be used in user or group names. If a name contains the replacement " @@ -616,22 +623,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:475 +#: sssd.conf.5.xml:478 msgid "Default: not set (spaces will not be replaced)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:480 +#: sssd.conf.5.xml:483 msgid "certificate_verification (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:488 +#: sssd.conf.5.xml:491 msgid "no_ocsp" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:490 +#: sssd.conf.5.xml:493 msgid "" "Disables Online Certificate Status Protocol (OCSP) checks. This might be " "needed if the OCSP servers defined in the certificate are not reachable from " @@ -639,12 +646,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:498 +#: sssd.conf.5.xml:501 msgid "soft_ocsp" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:500 +#: sssd.conf.5.xml:503 msgid "" "If a connection cannot be established to an OCSP responder the OCSP check is " "skipped. This option should be used to allow authentication when the system " @@ -652,61 +659,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:510 +#: sssd.conf.5.xml:513 msgid "ocsp_dgst" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:512 +#: sssd.conf.5.xml:515 msgid "" "Digest (hash) function used to create the certificate ID for the OCSP " "request. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:516 +#: sssd.conf.5.xml:519 msgid "sha1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:517 +#: sssd.conf.5.xml:520 msgid "sha256" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:518 +#: sssd.conf.5.xml:521 msgid "sha384" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:519 +#: sssd.conf.5.xml:522 msgid "sha512" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:522 +#: sssd.conf.5.xml:525 msgid "Default: sha1 (to allow compatibility with RFC5019-compliant responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:528 +#: sssd.conf.5.xml:531 msgid "no_verification" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:530 +#: sssd.conf.5.xml:533 msgid "" "Disables verification completely. This option should only be used for " "testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:536 +#: sssd.conf.5.xml:539 msgid "partial_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:538 +#: sssd.conf.5.xml:541 msgid "" "Allow verification to succeed even if a <replaceable>complete</replaceable> " "chain cannot be built to a self-signed trust-anchor, provided it is possible " @@ -714,12 +721,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:547 +#: sssd.conf.5.xml:550 msgid "ocsp_default_responder=URL" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:549 +#: sssd.conf.5.xml:552 msgid "" "Sets the OCSP default responder which should be used instead of the one " "mentioned in the certificate. URL must be replaced with the URL of the OCSP " @@ -727,24 +734,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:559 +#: sssd.conf.5.xml:562 msgid "ocsp_default_responder_signing_cert=NAME" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:561 +#: sssd.conf.5.xml:564 msgid "" "This option is currently ignored. All needed certificates must be available " "in the PEM file given by pam_cert_db_path." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:569 +#: sssd.conf.5.xml:572 msgid "crl_file=/PATH/TO/CRL/FILE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:571 +#: sssd.conf.5.xml:574 msgid "" "Use the Certificate Revocation List (CRL) from the given file during the " "verification of the certificate. The CRL must be given in PEM format, see " @@ -753,12 +760,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:584 +#: sssd.conf.5.xml:587 msgid "soft_crl" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:587 +#: sssd.conf.5.xml:590 msgid "" "If a Certificate Revocation List (CRL) is expired ignore the expiration " "time of the CRL and check the related certificates with the expired CRL. " @@ -767,7 +774,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:483 +#: sssd.conf.5.xml:486 msgid "" "With this parameter the certificate verification can be tuned with a comma " "separated list of options. Supported options are: <placeholder " @@ -775,58 +782,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 +#: sssd.conf.5.xml:603 msgid "Unknown options are reported but ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:603 +#: sssd.conf.5.xml:606 msgid "Default: not set, i.e. do not restrict certificate verification" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:609 +#: sssd.conf.5.xml:612 msgid "disable_netlink (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:612 +#: sssd.conf.5.xml:615 msgid "" "SSSD hooks into the netlink interface to monitor changes to routes, " "addresses, links and trigger certain actions." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 +#: sssd.conf.5.xml:620 msgid "" "The SSSD state changes caused by netlink events may be undesirable and can " "be disabled by setting this option to 'true'" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:622 +#: sssd.conf.5.xml:625 msgid "Default: false (netlink changes are detected)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:627 +#: sssd.conf.5.xml:630 msgid "enable_files_domain (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:630 +#: sssd.conf.5.xml:633 msgid "" "When this option is enabled, SSSD prepends an implicit domain with " "<quote>id_provider=files</quote> before any explicitly configured domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:641 +#: sssd.conf.5.xml:644 msgid "domain_resolution_order" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:644 +#: sssd.conf.5.xml:647 msgid "" "Comma separated list of domains and subdomains representing the lookup order " "that will be followed. The list doesn't have to include all possible " @@ -837,7 +844,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:656 +#: sssd.conf.5.xml:659 msgid "" "Please, note that when this option is set the output format of all commands " "is always fully-qualified even when using short names for input <phrase " @@ -855,18 +862,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:684 sssd.conf.5.xml:1762 sssd.conf.5.xml:4297 +#: sssd.conf.5.xml:687 sssd.conf.5.xml:1765 sssd.conf.5.xml:4300 #: sssd-ad.5.xml:187 sssd-ad.5.xml:328 sssd-ad.5.xml:342 msgid "Default: Not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:692 msgid "implicit_pac_responder (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 +#: sssd.conf.5.xml:695 msgid "" "The PAC responder is enabled automatically for the IPA and AD provider to " "evaluate and check the PAC. If it has to be disabled set this option to " @@ -874,12 +881,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:703 +#: sssd.conf.5.xml:706 msgid "core_dumpable (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:706 +#: sssd.conf.5.xml:709 msgid "" "This option can be used for general system hardening: setting it to 'false' " "forbids core dumps for all SSSD processes to avoid leaking plain text " @@ -887,24 +894,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:718 +#: sssd.conf.5.xml:721 msgid "passkey_verification (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:726 +#: sssd.conf.5.xml:729 msgid "user_verification (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 +#: sssd.conf.5.xml:731 msgid "" "Enable or disable the user verification (i.e. PIN, fingerprint) during " "authentication. If enabled, the PIN will always be requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 +#: sssd.conf.5.xml:737 msgid "" "The default is that the key settings decide what to do. In the IPA or " "kerberos pre-authentication case, this value will be overwritten by the " @@ -912,7 +919,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:721 +#: sssd.conf.5.xml:724 msgid "" "With this parameter the passkey verification can be tuned with a comma " "separated list of options. Supported options are: <placeholder " @@ -920,7 +927,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:214 +#: sssd.conf.5.xml:213 msgid "" "Individual pieces of SSSD functionality are provided by special SSSD " "services that are started and stopped together with SSSD. The services are " @@ -931,12 +938,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:753 +#: sssd.conf.5.xml:756 msgid "SERVICES SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:755 +#: sssd.conf.5.xml:758 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -945,22 +952,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:762 +#: sssd.conf.5.xml:765 msgid "General service configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:764 +#: sssd.conf.5.xml:767 msgid "These options can be used to configure any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:768 +#: sssd.conf.5.xml:771 msgid "fd_limit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:771 +#: sssd.conf.5.xml:774 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -970,17 +977,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:780 +#: sssd.conf.5.xml:783 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:785 +#: sssd.conf.5.xml:788 msgid "client_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:788 +#: sssd.conf.5.xml:791 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " @@ -990,19 +997,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:797 +#: sssd.conf.5.xml:800 #, fuzzy #| msgid "Default: 5400" msgid "Default: 60, KCM: 300" msgstr "Пешфарз: 5400" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 +#: sssd.conf.5.xml:805 msgid "offline_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 +#: sssd.conf.5.xml:808 msgid "" "When SSSD switches to offline mode the amount of time before it tries to go " "back online will increase based upon the time spent disconnected. By " @@ -1013,14 +1020,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:816 sssd.conf.5.xml:872 +#: sssd.conf.5.xml:819 sssd.conf.5.xml:875 msgid "" "new_delay = Minimum(old_delay * 2, offline_timeout_max) + random[0..." "offline_timeout_random_offset]" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:822 msgid "" "The offline_timeout default value is 60. The offline_timeout_max default " "value is 3600. The offline_timeout_random_offset default value is 30. The " @@ -1028,44 +1035,44 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:825 +#: sssd.conf.5.xml:828 msgid "" "Note that the maximum length of each interval is defined by " "offline_timeout_max (apart of random part)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:829 sssd.conf.5.xml:1172 sssd.conf.5.xml:1555 -#: sssd.conf.5.xml:1851 sssd-ldap.5.xml:495 +#: sssd.conf.5.xml:832 sssd.conf.5.xml:1175 sssd.conf.5.xml:1558 +#: sssd.conf.5.xml:1854 sssd-ldap.5.xml:506 msgid "Default: 60" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:834 +#: sssd.conf.5.xml:837 msgid "offline_timeout_max (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:837 +#: sssd.conf.5.xml:840 msgid "" "Controls by how much the time between attempts to go online can be " "incremented following unsuccessful attempts to go online." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:842 +#: sssd.conf.5.xml:845 msgid "A value of 0 disables the incrementing behaviour." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:845 +#: sssd.conf.5.xml:848 msgid "" "The value of this parameter should be set in correlation to offline_timeout " "parameter value." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:849 +#: sssd.conf.5.xml:852 msgid "" "With offline_timeout set to 60 (default value) there is no point in setting " "offlinet_timeout_max to less than 120 as it will saturate instantly. General " @@ -1074,62 +1081,62 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:858 msgid "" "Although a value between 0 and offline_timeout may be specified, it has the " "effect of overriding the offline_timeout value so is of little use." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:863 #, fuzzy #| msgid "Default: 3" msgid "Default: 3600" msgstr "Пешфарз: 3" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:865 +#: sssd.conf.5.xml:868 msgid "offline_timeout_random_offset (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:868 +#: sssd.conf.5.xml:871 msgid "" "When SSSD is in offline mode it keeps probing backend servers in specified " "time intervals:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:875 +#: sssd.conf.5.xml:878 msgid "" "This parameter controls the value of the random offset used for the above " "equation. Final random_offset value will be random number in range:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:880 +#: sssd.conf.5.xml:883 msgid "[0 - offline_timeout_random_offset]" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:883 +#: sssd.conf.5.xml:886 msgid "A value of 0 disables the random offset addition." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:886 +#: sssd.conf.5.xml:889 #, fuzzy #| msgid "Default: 3" msgid "Default: 30" msgstr "Пешфарз: 3" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:894 msgid "responder_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:894 +#: sssd.conf.5.xml:897 msgid "" "This option specifies the number of seconds that an SSSD responder process " "can be up without being used. This value is limited in order to avoid " @@ -1141,58 +1148,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:908 sssd.conf.5.xml:1185 sssd.conf.5.xml:2304 -#: sssd-ldap.5.xml:332 +#: sssd.conf.5.xml:911 sssd.conf.5.xml:1188 sssd.conf.5.xml:2307 +#: sssd-ldap.5.xml:343 msgid "Default: 300" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:913 +#: sssd.conf.5.xml:916 msgid "cache_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:916 +#: sssd.conf.5.xml:919 msgid "" "This option specifies whether the responder should query all caches before " "querying the Data Providers." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:934 msgid "NSS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:933 +#: sssd.conf.5.xml:936 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:938 +#: sssd.conf.5.xml:941 msgid "enum_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:941 +#: sssd.conf.5.xml:944 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:945 +#: sssd.conf.5.xml:948 msgid "Default: 120" msgstr "Пешфарз: 120" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:950 +#: sssd.conf.5.xml:953 msgid "entry_cache_nowait_percentage (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:956 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -1200,7 +1207,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:959 +#: sssd.conf.5.xml:962 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -1210,7 +1217,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:969 +#: sssd.conf.5.xml:972 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -1219,17 +1226,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:977 sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:980 sssd.conf.5.xml:2096 msgid "Default: 50" msgstr "Пешфарз: 50" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:985 msgid "entry_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:985 +#: sssd.conf.5.xml:988 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -1237,17 +1244,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:991 sssd.conf.5.xml:1750 sssd.conf.5.xml:2117 +#: sssd.conf.5.xml:994 sssd.conf.5.xml:1753 sssd.conf.5.xml:2120 msgid "Default: 15" msgstr "Пешфарз: 15" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:996 +#: sssd.conf.5.xml:999 msgid "local_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:999 +#: sssd.conf.5.xml:1002 msgid "" "Specifies for how many seconds nss_sss should keep local users and groups in " "negative cache before trying to look it up in the back end again. Setting " @@ -1255,17 +1262,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1005 +#: sssd.conf.5.xml:1008 msgid "Default: 14400 (4 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1013 msgid "filter_users, filter_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1013 +#: sssd.conf.5.xml:1016 msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " @@ -1274,7 +1281,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1024 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1283,41 +1290,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1029 +#: sssd.conf.5.xml:1032 msgid "Default: root" msgstr "Пешфарз: root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1037 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1037 +#: sssd.conf.5.xml:1040 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1048 +#: sssd.conf.5.xml:1051 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 +#: sssd.conf.5.xml:1054 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1056 +#: sssd.conf.5.xml:1059 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1062 +#: sssd.conf.5.xml:1065 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1325,23 +1332,23 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 sssd.conf.5.xml:1622 sssd.conf.5.xml:1641 -#: sssd.conf.5.xml:1718 sssd-krb5.5.xml:451 include/override_homedir.xml:66 +#: sssd.conf.5.xml:1063 sssd.conf.5.xml:1625 sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1721 sssd-krb5.5.xml:451 include/override_homedir.xml:66 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1069 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1072 +#: sssd.conf.5.xml:1075 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 +#: sssd.conf.5.xml:1078 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1349,47 +1356,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1084 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1090 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1093 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:1096 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1097 +#: sssd.conf.5.xml:1100 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1105 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 +#: sssd.conf.5.xml:1110 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1110 +#: sssd.conf.5.xml:1113 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1397,113 +1404,113 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1117 +#: sssd.conf.5.xml:1120 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1123 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1127 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1132 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1132 +#: sssd.conf.5.xml:1135 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1140 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1143 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1147 msgid "Default: /bin/sh" msgstr "Пешфарз: /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1152 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1155 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1161 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 sssd.conf.5.xml:1548 +#: sssd.conf.5.xml:1168 sssd.conf.5.xml:1551 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 sssd.conf.5.xml:1551 +#: sssd.conf.5.xml:1171 sssd.conf.5.xml:1554 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1180 msgid "memcache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1180 +#: sssd.conf.5.xml:1183 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1191 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 sssd.conf.5.xml:1219 sssd.conf.5.xml:1244 -#: sssd.conf.5.xml:1269 sssd.conf.5.xml:1296 +#: sssd.conf.5.xml:1197 sssd.conf.5.xml:1222 sssd.conf.5.xml:1247 +#: sssd.conf.5.xml:1272 sssd.conf.5.xml:1299 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1202 +#: sssd.conf.5.xml:1205 msgid "memcache_size_passwd (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1205 +#: sssd.conf.5.xml:1208 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for passwd requests. Setting the size to 0 will disable the passwd in-" @@ -1511,25 +1518,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:2963 sssd-ldap.5.xml:549 +#: sssd.conf.5.xml:1214 sssd.conf.5.xml:2966 sssd-ldap.5.xml:560 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1214 sssd.conf.5.xml:1239 sssd.conf.5.xml:1264 -#: sssd.conf.5.xml:1291 +#: sssd.conf.5.xml:1217 sssd.conf.5.xml:1242 sssd.conf.5.xml:1267 +#: sssd.conf.5.xml:1294 msgid "" "WARNING: Disabled or too small in-memory cache can have significant negative " "impact on SSSD's performance." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1230 msgid "memcache_size_group (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1233 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for group requests. Setting the size to 0 will disable the group in-memory " @@ -1537,19 +1544,19 @@ msgid "" msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1236 sssd.conf.5.xml:1288 sssd.conf.5.xml:3724 -#: sssd-ldap.5.xml:474 sssd-ldap.5.xml:526 include/failover.xml:116 +#: sssd.conf.5.xml:1239 sssd.conf.5.xml:1291 sssd.conf.5.xml:3727 +#: sssd-ldap.5.xml:485 sssd-ldap.5.xml:537 include/failover.xml:116 #: include/krb5_options.xml:11 msgid "Default: 6" msgstr "Пешфарз: 6" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1252 +#: sssd.conf.5.xml:1255 msgid "memcache_size_initgroups (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1255 +#: sssd.conf.5.xml:1258 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for initgroups requests. Setting the size to 0 will disable the initgroups " @@ -1557,12 +1564,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 +#: sssd.conf.5.xml:1280 msgid "memcache_size_sid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 +#: sssd.conf.5.xml:1283 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for SID related requests. Only SID-by-ID and ID-by-SID requests are " @@ -1571,12 +1578,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1304 sssd-ifp.5.xml:90 +#: sssd.conf.5.xml:1307 sssd-ifp.5.xml:90 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1307 +#: sssd.conf.5.xml:1310 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1587,45 +1594,45 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1320 +#: sssd.conf.5.xml:1323 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1325 +#: sssd.conf.5.xml:1328 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1330 +#: sssd.conf.5.xml:1333 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1336 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1341 #, fuzzy #| msgid "Default: true" msgid "Default: <quote>*</quote>" msgstr "Пешфарз: true" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1341 +#: sssd.conf.5.xml:1344 msgid "" "Note: This option can also be set per-domain which overwrites the value in " "[nss] section." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1348 msgid "" "Default: <quote>not set</quote> (remote domains), <phrase " "condition=\"with_files_provider\"> <quote>x</quote> (the files domain), </" @@ -1634,60 +1641,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1360 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1359 +#: sssd.conf.5.xml:1362 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1364 +#: sssd.conf.5.xml:1367 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1367 +#: sssd.conf.5.xml:1370 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1372 sssd.conf.5.xml:1385 +#: sssd.conf.5.xml:1375 sssd.conf.5.xml:1388 msgid "Default: 0 (No limit)" msgstr "Пешфарз: 0 (Номаҳдуд)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1381 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1384 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1391 +#: sssd.conf.5.xml:1394 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1394 +#: sssd.conf.5.xml:1397 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1399 +#: sssd.conf.5.xml:1402 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1695,59 +1702,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1405 sssd.conf.5.xml:1515 +#: sssd.conf.5.xml:1408 sssd.conf.5.xml:1518 msgid "Default: 5" msgstr "Пешфарз: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1411 +#: sssd.conf.5.xml:1414 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1414 +#: sssd.conf.5.xml:1417 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1422 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1422 +#: sssd.conf.5.xml:1425 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1425 +#: sssd.conf.5.xml:1428 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1432 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1435 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1436 sssd.8.xml:63 +#: sssd.conf.5.xml:1439 sssd.8.xml:63 msgid "Default: 1" msgstr "Пешфарз: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1442 +#: sssd.conf.5.xml:1445 msgid "pam_response_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:1448 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1756,51 +1763,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1453 +#: sssd.conf.5.xml:1456 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1463 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1461 +#: sssd.conf.5.xml:1464 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1464 +#: sssd.conf.5.xml:1467 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1465 +#: sssd.conf.5.xml:1468 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:1472 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1470 +#: sssd.conf.5.xml:1473 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1458 +#: sssd.conf.5.xml:1461 msgid "" "Currently the following filters are supported: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1477 +#: sssd.conf.5.xml:1480 msgid "" "The list of strings can either be the list of filters which would set this " "list of filters and overwrite the defaults. Or each element of the list can " @@ -1811,23 +1818,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1488 +#: sssd.conf.5.xml:1491 msgid "Default: ENV:KRB5CCNAME:sudo, ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1491 +#: sssd.conf.5.xml:1494 msgid "" "Example: -ENV:KRB5CCNAME:sudo-i will remove the filter from the default list" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1498 +#: sssd.conf.5.xml:1501 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1501 +#: sssd.conf.5.xml:1504 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1835,7 +1842,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1507 +#: sssd.conf.5.xml:1510 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1844,17 +1851,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1521 +#: sssd.conf.5.xml:1524 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1524 sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:1527 sssd.conf.5.xml:2990 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1527 +#: sssd.conf.5.xml:1530 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1862,32 +1869,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1533 sssd.conf.5.xml:2990 +#: sssd.conf.5.xml:1536 sssd.conf.5.xml:2993 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1541 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1543 sssd.conf.5.xml:3990 sssd-ldap.5.xml:607 -#: sssd-ldap.5.xml:1673 sssd.8.xml:79 +#: sssd.conf.5.xml:1546 sssd.conf.5.xml:3993 sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:1684 sssd.8.xml:79 msgid "Default: 0" msgstr "Пешфарз: 0" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1560 +#: sssd.conf.5.xml:1563 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1563 +#: sssd.conf.5.xml:1566 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1897,75 +1904,75 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1573 +#: sssd.conf.5.xml:1576 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1577 +#: sssd.conf.5.xml:1580 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1584 +#: sssd.conf.5.xml:1587 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1587 +#: sssd.conf.5.xml:1590 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1591 +#: sssd.conf.5.xml:1594 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1595 +#: sssd.conf.5.xml:1598 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1602 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1603 sssd.conf.5.xml:1628 sssd.conf.5.xml:1647 -#: sssd.conf.5.xml:1884 sssd.conf.5.xml:2725 sssd.conf.5.xml:3919 -#: sssd-ldap.5.xml:1210 +#: sssd.conf.5.xml:1606 sssd.conf.5.xml:1631 sssd.conf.5.xml:1650 +#: sssd.conf.5.xml:1887 sssd.conf.5.xml:2728 sssd.conf.5.xml:3922 +#: sssd-ldap.5.xml:1221 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1611 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1611 +#: sssd.conf.5.xml:1614 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1616 +#: sssd.conf.5.xml:1619 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1627 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1973,19 +1980,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1633 +#: sssd.conf.5.xml:1636 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1639 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1643 +#: sssd.conf.5.xml:1646 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1993,46 +2000,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1652 +#: sssd.conf.5.xml:1655 msgid "pam_passkey_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1655 +#: sssd.conf.5.xml:1658 msgid "Enable passkey device based authentication." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1658 sssd.conf.5.xml:1970 sssd-ad.5.xml:1272 +#: sssd.conf.5.xml:1661 sssd.conf.5.xml:1973 sssd-ad.5.xml:1275 #: sss_rpcidmapd.5.xml:76 sssd-files.5.xml:145 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1663 +#: sssd.conf.5.xml:1666 msgid "passkey_debug_libfido2 (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1666 +#: sssd.conf.5.xml:1669 msgid "Enable libfido2 library debug messages." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1669 sssd.conf.5.xml:1683 sssd-ldap.5.xml:672 -#: sssd-ldap.5.xml:693 sssd-ldap.5.xml:789 sssd-ldap.5.xml:1296 -#: sssd-ad.5.xml:506 sssd-ad.5.xml:582 sssd-ad.5.xml:1127 sssd-ad.5.xml:1176 +#: sssd.conf.5.xml:1672 sssd.conf.5.xml:1686 sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:704 sssd-ldap.5.xml:800 sssd-ldap.5.xml:1307 +#: sssd-ad.5.xml:506 sssd-ad.5.xml:582 sssd-ad.5.xml:1127 sssd-ad.5.xml:1179 #: include/ldap_id_mapping.xml:250 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1674 +#: sssd.conf.5.xml:1677 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1677 +#: sssd.conf.5.xml:1680 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -2040,34 +2047,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1688 +#: sssd.conf.5.xml:1691 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1691 +#: sssd.conf.5.xml:1694 msgid "The path to the certificate database." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1694 sssd.conf.5.xml:2219 sssd.conf.5.xml:4411 +#: sssd.conf.5.xml:1697 sssd.conf.5.xml:2222 sssd.conf.5.xml:4414 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1696 sssd.conf.5.xml:2221 +#: sssd.conf.5.xml:1699 sssd.conf.5.xml:2224 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (path to a file with trusted CA " "certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:1709 msgid "pam_cert_verification (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:1712 msgid "" "With this parameter the PAM certificate verification can be tuned with a " "comma separated list of options that override the " @@ -2077,7 +2084,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:1723 #, no-wrap msgid "" "pam_cert_verification = partial_chain\n" @@ -2085,59 +2092,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:1727 msgid "" "Default: not set, i.e. use default <quote>certificate_verification</quote> " "option defined in <quote>[sssd]</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1731 +#: sssd.conf.5.xml:1734 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1734 +#: sssd.conf.5.xml:1737 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1743 +#: sssd.conf.5.xml:1746 msgid "passkey_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 +#: sssd.conf.5.xml:1749 msgid "" "How many seconds will the PAM responder wait for passkey_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1758 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1761 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1767 +#: sssd.conf.5.xml:1770 msgid "pam_p11_allowed_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1770 +#: sssd.conf.5.xml:1773 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1785 +#: sssd.conf.5.xml:1788 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -2145,7 +2152,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1774 +#: sssd.conf.5.xml:1777 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -2157,63 +2164,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1789 sssd-ad.5.xml:645 sssd-ad.5.xml:754 sssd-ad.5.xml:812 +#: sssd.conf.5.xml:1792 sssd-ad.5.xml:645 sssd-ad.5.xml:754 sssd-ad.5.xml:812 #: sssd-ad.5.xml:870 sssd-ad.5.xml:948 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1794 sssd-ad.5.xml:649 +#: sssd.conf.5.xml:1797 sssd-ad.5.xml:649 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1799 sssd-ad.5.xml:654 +#: sssd.conf.5.xml:1802 sssd-ad.5.xml:654 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1804 sssd-ad.5.xml:659 +#: sssd.conf.5.xml:1807 sssd-ad.5.xml:659 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1809 sssd-ad.5.xml:674 +#: sssd.conf.5.xml:1812 sssd-ad.5.xml:674 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1814 sssd-ad.5.xml:669 +#: sssd.conf.5.xml:1817 sssd-ad.5.xml:669 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1819 sssd-ad.5.xml:679 +#: sssd.conf.5.xml:1822 sssd-ad.5.xml:679 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1824 sssd-ad.5.xml:957 +#: sssd.conf.5.xml:1827 sssd-ad.5.xml:957 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1829 sssd-ad.5.xml:962 +#: sssd.conf.5.xml:1832 sssd-ad.5.xml:962 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1837 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1845 msgid "p11_wait_for_card_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1845 +#: sssd.conf.5.xml:1848 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2221,12 +2228,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1856 +#: sssd.conf.5.xml:1859 msgid "p11_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1859 +#: sssd.conf.5.xml:1862 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " @@ -2237,7 +2244,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1872 +#: sssd.conf.5.xml:1875 #, no-wrap msgid "" "p11_uri = pkcs11:slot-description=My%20Smartcard%20Reader\n" @@ -2245,7 +2252,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1876 +#: sssd.conf.5.xml:1879 #, no-wrap msgid "" "p11_uri = pkcs11:library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2253,7 +2260,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1870 +#: sssd.conf.5.xml:1873 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2262,47 +2269,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1892 msgid "pam_initgroups_scheme" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1897 +#: sssd.conf.5.xml:1900 msgid "always" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1898 +#: sssd.conf.5.xml:1901 msgid "" "Always do an online lookup, please note that pam_id_timeout still applies" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1902 +#: sssd.conf.5.xml:1905 msgid "no_session" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1903 +#: sssd.conf.5.xml:1906 msgid "" "Only do an online lookup if there is no active session of the user, i.e. if " "the user is currently not logged in" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1908 +#: sssd.conf.5.xml:1911 msgid "never" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1909 +#: sssd.conf.5.xml:1912 msgid "" "Never force an online lookup, use the data from the cache as long as they " "are not expired" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1892 +#: sssd.conf.5.xml:1895 msgid "" "The PAM responder can force an online lookup to get the current group " "memberships of the user trying to log in. This option controls when this " @@ -2311,30 +2318,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1916 +#: sssd.conf.5.xml:1919 msgid "Default: no_session" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1921 sssd.conf.5.xml:4350 +#: sssd.conf.5.xml:1924 sssd.conf.5.xml:4353 msgid "pam_gssapi_services" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1924 +#: sssd.conf.5.xml:1927 msgid "" "Comma separated list of PAM services that are allowed to try GSSAPI " "authentication using pam_sss_gss.so module." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:1932 msgid "" "To disable GSSAPI authentication, set this option to <quote>-</quote> (dash)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1933 sssd.conf.5.xml:1964 sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:1936 sssd.conf.5.xml:1967 sssd.conf.5.xml:2005 msgid "" "Note: This option can also be set per-domain which overwrites the value in " "[pam] section. It can also be set for trusted domain which overwrites the " @@ -2342,7 +2349,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1941 +#: sssd.conf.5.xml:1944 #, no-wrap msgid "" "pam_gssapi_services = sudo, sudo-i\n" @@ -2350,22 +2357,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1939 sssd.conf.5.xml:3913 +#: sssd.conf.5.xml:1942 sssd.conf.5.xml:3916 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1945 +#: sssd.conf.5.xml:1948 msgid "Default: - (GSSAPI authentication is disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1950 sssd.conf.5.xml:4351 +#: sssd.conf.5.xml:1953 sssd.conf.5.xml:4354 msgid "pam_gssapi_check_upn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1953 +#: sssd.conf.5.xml:1956 msgid "" "If True, SSSD will require that the Kerberos user principal that " "successfully authenticated through GSSAPI can be associated with the user " @@ -2373,19 +2380,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1960 +#: sssd.conf.5.xml:1963 msgid "" "If False, every user that is able to obtained required service ticket will " "be authenticated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:1978 msgid "pam_gssapi_indicators_map" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1978 +#: sssd.conf.5.xml:1981 msgid "" "Comma separated list of authentication indicators required to be present in " "a Kerberos ticket to access a PAM service that is allowed to try GSSAPI " @@ -2393,7 +2400,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1984 +#: sssd.conf.5.xml:1987 msgid "" "Each element of the list can be either an authentication indicator name or a " "pair <quote>service:indicator</quote>. Indicators not prefixed with the PAM " @@ -2408,7 +2415,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1997 +#: sssd.conf.5.xml:2000 msgid "" "To disable GSSAPI authentication indicator check, set this option to <quote>-" "</quote> (dash). To disable the check for a specific PAM service, add " @@ -2416,45 +2423,45 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2008 +#: sssd.conf.5.xml:2011 msgid "" "Following authentication indicators are supported by IPA Kerberos " "deployments:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2011 +#: sssd.conf.5.xml:2014 msgid "" "pkinit -- pre-authentication using X.509 certificates -- whether stored in " "files or on smart cards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2014 +#: sssd.conf.5.xml:2017 msgid "" "hardened -- SPAKE pre-authentication or any pre-authentication wrapped in a " "FAST channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2017 +#: sssd.conf.5.xml:2020 msgid "radius -- pre-authentication with the help of a RADIUS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2020 +#: sssd.conf.5.xml:2023 msgid "" "otp -- pre-authentication using integrated two-factor authentication (2FA or " "one-time password, OTP) in IPA." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2023 +#: sssd.conf.5.xml:2026 msgid "idp -- pre-authentication using external identity provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2033 +#: sssd.conf.5.xml:2036 #, no-wrap msgid "" "pam_gssapi_indicators_map = sudo:pkinit, sudo-i:pkinit\n" @@ -2462,7 +2469,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2028 +#: sssd.conf.5.xml:2031 msgid "" "Example: to require access to SUDO services only for users which obtained " "their Kerberos tickets with a X.509 certificate pre-authentication (PKINIT), " @@ -2470,17 +2477,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2037 +#: sssd.conf.5.xml:2040 msgid "Default: not set (use of authentication indicators is not required)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2048 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2047 +#: sssd.conf.5.xml:2050 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2491,24 +2498,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2064 +#: sssd.conf.5.xml:2067 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2067 +#: sssd.conf.5.xml:2070 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2079 +#: sssd.conf.5.xml:2082 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2082 +#: sssd.conf.5.xml:2085 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2518,22 +2525,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2101 +#: sssd.conf.5.xml:2104 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2103 +#: sssd.conf.5.xml:2106 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2107 +#: sssd.conf.5.xml:2110 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2110 +#: sssd.conf.5.xml:2113 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2541,51 +2548,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2126 +#: sssd.conf.5.xml:2129 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2128 +#: sssd.conf.5.xml:2131 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:2135 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2135 +#: sssd.conf.5.xml:2138 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2144 +#: sssd.conf.5.xml:2147 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2147 +#: sssd.conf.5.xml:2150 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2154 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2156 +#: sssd.conf.5.xml:2159 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2159 +#: sssd.conf.5.xml:2162 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2594,12 +2601,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2174 +#: sssd.conf.5.xml:2177 msgid "ssh_use_certificate_matching_rules (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2177 +#: sssd.conf.5.xml:2180 msgid "" "By default the ssh responder will use all available certificate matching " "rules to filter the certificates so that ssh keys are only derived from the " @@ -2609,7 +2616,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2186 +#: sssd.conf.5.xml:2189 msgid "" "There are two special key words 'all_rules' and 'no_rules' which will enable " "all or no rules, respectively. The latter means that no certificates will be " @@ -2617,7 +2624,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2193 +#: sssd.conf.5.xml:2196 msgid "" "If no rules are configured using 'all_rules' will enable a default rule " "which enables all certificates suitable for client authentication. This is " @@ -2626,38 +2633,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2200 +#: sssd.conf.5.xml:2203 msgid "" "A non-existing rule name is considered an error. If as a result no rule is " "selected all certificates will be ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2205 +#: sssd.conf.5.xml:2208 msgid "" "Default: not set, equivalent to 'all_rules', all found rules or the default " "rule are used" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2211 +#: sssd.conf.5.xml:2214 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2214 +#: sssd.conf.5.xml:2217 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2234 +#: sssd.conf.5.xml:2237 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2239 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2668,7 +2675,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2245 +#: sssd.conf.5.xml:2248 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2679,24 +2686,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2253 +#: sssd.conf.5.xml:2256 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2259 +#: sssd.conf.5.xml:2262 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2263 sssd-ifp.5.xml:66 +#: sssd.conf.5.xml:2266 sssd-ifp.5.xml:66 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2266 +#: sssd.conf.5.xml:2269 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2704,19 +2711,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2272 +#: sssd.conf.5.xml:2275 msgid "" "Default: 0, &sssd_user_name; (only root and SSSD service users are allowed " "to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2279 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2280 +#: sssd.conf.5.xml:2283 msgid "" "Please note that defaults will be overwritten with this option. If you still " "want to allow the root and/or '&sssd_user_name;' user to access the PAC " @@ -2725,7 +2732,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2287 +#: sssd.conf.5.xml:2290 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2734,24 +2741,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2296 +#: sssd.conf.5.xml:2299 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2299 +#: sssd.conf.5.xml:2302 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2309 +#: sssd.conf.5.xml:2312 msgid "pac_check (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2312 +#: sssd.conf.5.xml:2315 msgid "" "Apply additional checks on the PAC of the Kerberos ticket which is available " "in Active Directory and FreeIPA domains, if configured. Please note that " @@ -2762,24 +2769,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2326 +#: sssd.conf.5.xml:2329 msgid "no_check" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2328 +#: sssd.conf.5.xml:2331 msgid "" "The PAC must not be present and even if it is present no additional checks " "will be done." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2334 +#: sssd.conf.5.xml:2337 msgid "pac_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:2339 msgid "" "The PAC must be present in the service ticket which SSSD will request with " "the help of the user's TGT. If the PAC is not available the authentication " @@ -2787,24 +2794,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2344 +#: sssd.conf.5.xml:2347 msgid "check_upn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2346 +#: sssd.conf.5.xml:2349 msgid "" "If the PAC is present check if the user principal name (UPN) information is " "consistent." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2352 +#: sssd.conf.5.xml:2355 msgid "check_upn_allow_missing" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2357 msgid "" "This option should be used together with 'check_upn' and handles the case " "where a UPN is set on the server-side but is not read by SSSD. The typical " @@ -2816,7 +2823,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2366 +#: sssd.conf.5.xml:2369 msgid "" "Currently this option is set by default to avoid regressions in such " "environments. A log message will be added to the system log and SSSD's debug " @@ -2827,60 +2834,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2380 +#: sssd.conf.5.xml:2383 msgid "upn_dns_info_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2382 +#: sssd.conf.5.xml:2385 msgid "The PAC must contain the UPN-DNS-INFO buffer, implies 'check_upn'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2387 +#: sssd.conf.5.xml:2390 msgid "check_upn_dns_info_ex" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2389 +#: sssd.conf.5.xml:2392 msgid "" "If the PAC is present and the extension to the UPN-DNS-INFO buffer is " "available check if the information in the extension is consistent." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2396 +#: sssd.conf.5.xml:2399 msgid "upn_dns_info_ex_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2401 msgid "" "The PAC must contain the extension of the UPN-DNS-INFO buffer, implies " "'check_upn_dns_info_ex', 'upn_dns_info_present' and 'check_upn'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2325 msgid "" "The following options can be used alone or in a comma-separated list: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2408 +#: sssd.conf.5.xml:2411 msgid "" "Default: no_check (AD and IPA provider 'check_upn, check_upn_allow_missing, " "check_upn_dns_info_ex')" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2417 +#: sssd.conf.5.xml:2420 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2419 +#: sssd.conf.5.xml:2422 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2890,66 +2897,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2432 +#: sssd.conf.5.xml:2435 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2436 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:2439 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2443 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:2446 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2446 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:2449 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2451 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:2454 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2454 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:2457 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2463 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:2466 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2466 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:2469 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2439 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:2442 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:2476 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2478 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:2481 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2481 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:2484 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2957,17 +2964,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2487 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:2490 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2492 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:2495 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2495 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:2498 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2975,7 +2982,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2501 sssd.conf.5.xml:2533 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:2504 sssd.conf.5.xml:2536 sssd-session-recording.5.xml:129 #: sssd-session-recording.5.xml:161 msgid "" "NOTE: using this option (having it set to anything) has a considerable " @@ -2984,57 +2991,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2508 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:2511 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2513 sssd-session-recording.5.xml:141 +#: sssd.conf.5.xml:2516 sssd-session-recording.5.xml:141 msgid "exclude_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2516 sssd-session-recording.5.xml:144 +#: sssd.conf.5.xml:2519 sssd-session-recording.5.xml:144 msgid "" "A comma-separated list of users to be excluded from recording, only " "applicable with 'scope=all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2520 sssd-session-recording.5.xml:148 +#: sssd.conf.5.xml:2523 sssd-session-recording.5.xml:148 msgid "Default: Empty. No users excluded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2525 sssd-session-recording.5.xml:153 +#: sssd.conf.5.xml:2528 sssd-session-recording.5.xml:153 msgid "exclude_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2528 sssd-session-recording.5.xml:156 +#: sssd.conf.5.xml:2531 sssd-session-recording.5.xml:156 msgid "" "A comma-separated list of groups, members of which should be excluded from " "recording. Only applicable with 'scope=all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2540 sssd-session-recording.5.xml:168 +#: sssd.conf.5.xml:2543 sssd-session-recording.5.xml:168 msgid "Default: Empty. No groups excluded." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:2550 +#: sssd.conf.5.xml:2553 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para> -#: sssd.conf.5.xml:2557 sssd.conf.5.xml:4041 sssd.conf.5.xml:4042 -#: sssd.conf.5.xml:4045 +#: sssd.conf.5.xml:2560 sssd.conf.5.xml:4044 sssd.conf.5.xml:4045 +#: sssd.conf.5.xml:4048 msgid "enabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2560 +#: sssd.conf.5.xml:2563 msgid "" "Explicitly enable or disable the domain. If <quote>true</quote>, the domain " "is always <quote>enabled</quote>. If <quote>false</quote>, the domain is " @@ -3044,12 +3051,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2572 +#: sssd.conf.5.xml:2575 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2578 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -3058,14 +3065,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2583 +#: sssd.conf.5.xml:2586 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2587 +#: sssd.conf.5.xml:2590 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -3074,38 +3081,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2595 +#: sssd.conf.5.xml:2598 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2602 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2603 +#: sssd.conf.5.xml:2606 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2609 +#: sssd.conf.5.xml:2612 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2615 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2617 +#: sssd.conf.5.xml:2620 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -3114,24 +3121,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2627 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2631 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2637 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2637 +#: sssd.conf.5.xml:2640 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -3140,36 +3147,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:2648 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:2651 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2651 sssd.conf.5.xml:2942 sssd.conf.5.xml:3119 +#: sssd.conf.5.xml:2654 sssd.conf.5.xml:2945 sssd.conf.5.xml:3122 msgid "Default: FALSE" msgstr "Пешфарз: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2654 +#: sssd.conf.5.xml:2657 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2659 +#: sssd.conf.5.xml:2662 msgid "" "Feature is only supported for domains with id_provider = ldap or id_provider " "= proxy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2663 +#: sssd.conf.5.xml:2666 msgid "" "Note: Enabling enumeration has a severe performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -3183,14 +3190,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2678 +#: sssd.conf.5.xml:2681 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2683 +#: sssd.conf.5.xml:2686 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -3199,14 +3206,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2694 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2696 +#: sssd.conf.5.xml:2699 msgid "" "Note: the proxy provider is tested with open source modules like " "'libnss_files' and 'libnss_ldap'. 3rd party modules must follow the " @@ -3214,32 +3221,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2705 +#: sssd.conf.5.xml:2708 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2712 +#: sssd.conf.5.xml:2715 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2716 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2716 +#: sssd.conf.5.xml:2719 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2717 +#: sssd.conf.5.xml:2720 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2708 +#: sssd.conf.5.xml:2711 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -3248,19 +3255,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2731 +#: sssd.conf.5.xml:2734 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2734 +#: sssd.conf.5.xml:2737 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2738 +#: sssd.conf.5.xml:2741 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -3271,139 +3278,139 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2751 +#: sssd.conf.5.xml:2754 msgid "Default: 5400" msgstr "Пешфарз: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2757 +#: sssd.conf.5.xml:2760 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2760 +#: sssd.conf.5.xml:2763 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2764 sssd.conf.5.xml:2777 sssd.conf.5.xml:2790 -#: sssd.conf.5.xml:2803 sssd.conf.5.xml:2817 sssd.conf.5.xml:2830 -#: sssd.conf.5.xml:2844 sssd.conf.5.xml:2858 sssd.conf.5.xml:2871 +#: sssd.conf.5.xml:2767 sssd.conf.5.xml:2780 sssd.conf.5.xml:2793 +#: sssd.conf.5.xml:2806 sssd.conf.5.xml:2820 sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2847 sssd.conf.5.xml:2861 sssd.conf.5.xml:2874 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2773 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2776 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2783 +#: sssd.conf.5.xml:2786 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2786 +#: sssd.conf.5.xml:2789 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2796 +#: sssd.conf.5.xml:2799 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2799 +#: sssd.conf.5.xml:2802 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2812 msgid "entry_cache_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2812 +#: sssd.conf.5.xml:2815 msgid "" "How many seconds should nss_sss consider hosts and networks entries valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:2826 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2826 +#: sssd.conf.5.xml:2829 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2836 +#: sssd.conf.5.xml:2839 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2839 +#: sssd.conf.5.xml:2842 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2850 +#: sssd.conf.5.xml:2853 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2853 +#: sssd.conf.5.xml:2856 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2867 msgid "entry_cache_computer_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2867 +#: sssd.conf.5.xml:2870 msgid "" "How many seconds to keep the local computer entry before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2877 +#: sssd.conf.5.xml:2880 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2880 +#: sssd.conf.5.xml:2883 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2885 +#: sssd.conf.5.xml:2888 msgid "" "The background refresh will process users, groups and netgroups in the " "cache. For users who have performed the initgroups (get group membership for " @@ -3412,17 +3419,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2893 +#: sssd.conf.5.xml:2896 msgid "This option is automatically inherited for all trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2897 +#: sssd.conf.5.xml:2900 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2901 +#: sssd.conf.5.xml:2904 msgid "" "Cache entry will be refreshed by background task when 2/3 of cache timeout " "has already passed. If there are existing cached entries, the background " @@ -3434,18 +3441,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2914 sssd-ldap.5.xml:361 sssd-ldap.5.xml:1774 +#: sssd.conf.5.xml:2917 sssd-ldap.5.xml:372 sssd-ldap.5.xml:1785 #: sssd-ipa.5.xml:270 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2920 +#: sssd.conf.5.xml:2923 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:2926 msgid "" "Determines if user credentials are also cached in the local LDB cache. The " "cached credentials refer to passwords, which includes the first (long term) " @@ -3456,7 +3463,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2934 +#: sssd.conf.5.xml:2937 msgid "" "Take a note that while credentials are stored as a salted SHA512 hash, this " "still potentially poses some security risk in case an attacker manages to " @@ -3465,12 +3472,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:2951 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2951 +#: sssd.conf.5.xml:2954 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -3478,19 +3485,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2958 +#: sssd.conf.5.xml:2961 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:2972 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:2975 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -3499,17 +3506,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2979 +#: sssd.conf.5.xml:2982 msgid "Default: 0 (unlimited)" msgstr "Пешфарз: 0 (номаҳдуд)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:2987 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2995 +#: sssd.conf.5.xml:2998 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -3518,28 +3525,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3002 +#: sssd.conf.5.xml:3005 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3008 +#: sssd.conf.5.xml:3011 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3011 +#: sssd.conf.5.xml:3014 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3015 +#: sssd.conf.5.xml:3018 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3018 +#: sssd.conf.5.xml:3021 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3547,7 +3554,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3026 +#: sssd.conf.5.xml:3029 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3555,8 +3562,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3034 sssd.conf.5.xml:3145 sssd.conf.5.xml:3196 -#: sssd.conf.5.xml:3259 +#: sssd.conf.5.xml:3037 sssd.conf.5.xml:3148 sssd.conf.5.xml:3199 +#: sssd.conf.5.xml:3262 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Identity Management provider. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3564,8 +3571,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3043 sssd.conf.5.xml:3154 sssd.conf.5.xml:3205 -#: sssd.conf.5.xml:3268 +#: sssd.conf.5.xml:3046 sssd.conf.5.xml:3157 sssd.conf.5.xml:3208 +#: sssd.conf.5.xml:3271 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3573,19 +3580,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3054 +#: sssd.conf.5.xml:3057 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3057 +#: sssd.conf.5.xml:3060 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3062 +#: sssd.conf.5.xml:3065 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -3594,7 +3601,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3070 +#: sssd.conf.5.xml:3073 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -3602,24 +3609,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3077 +#: sssd.conf.5.xml:3080 msgid "" "Default: FALSE (TRUE for trusted domain/sub-domains or if " "default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3084 +#: sssd.conf.5.xml:3087 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3087 +#: sssd.conf.5.xml:3090 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3090 +#: sssd.conf.5.xml:3093 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -3631,7 +3638,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3111 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -3639,30 +3646,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3114 sssd.conf.5.xml:3835 sssd-ldap.5.xml:327 -#: sssd-ldap.5.xml:356 sssd-ldap.5.xml:409 sssd-ldap.5.xml:469 -#: sssd-ldap.5.xml:490 sssd-ldap.5.xml:521 sssd-ldap.5.xml:544 -#: sssd-ldap.5.xml:583 sssd-ldap.5.xml:602 sssd-ldap.5.xml:626 -#: sssd-ldap.5.xml:1054 sssd-ldap.5.xml:1087 +#: sssd.conf.5.xml:3117 sssd.conf.5.xml:3838 sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:367 sssd-ldap.5.xml:420 sssd-ldap.5.xml:480 +#: sssd-ldap.5.xml:501 sssd-ldap.5.xml:532 sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:594 sssd-ldap.5.xml:613 sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:1065 sssd-ldap.5.xml:1098 msgid "" "This option can be also set per subdomain or inherited via " "<emphasis>subdomain_inherit</emphasis>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3124 +#: sssd.conf.5.xml:3127 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3127 +#: sssd.conf.5.xml:3130 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3131 sssd.conf.5.xml:3189 +#: sssd.conf.5.xml:3134 sssd.conf.5.xml:3192 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3670,7 +3677,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3138 +#: sssd.conf.5.xml:3141 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3678,30 +3685,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3162 +#: sssd.conf.5.xml:3165 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3168 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3168 +#: sssd.conf.5.xml:3171 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3174 +#: sssd.conf.5.xml:3177 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3177 +#: sssd.conf.5.xml:3180 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3709,19 +3716,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3183 +#: sssd.conf.5.xml:3186 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3186 +#: sssd.conf.5.xml:3189 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3213 +#: sssd.conf.5.xml:3216 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3730,7 +3737,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3223 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3738,29 +3745,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3227 +#: sssd.conf.5.xml:3230 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3230 +#: sssd.conf.5.xml:3233 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3235 +#: sssd.conf.5.xml:3238 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3238 +#: sssd.conf.5.xml:3241 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3243 +#: sssd.conf.5.xml:3246 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3768,7 +3775,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3251 +#: sssd.conf.5.xml:3254 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3776,35 +3783,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3276 +#: sssd.conf.5.xml:3279 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3280 +#: sssd.conf.5.xml:3283 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3283 +#: sssd.conf.5.xml:3286 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3290 +#: sssd.conf.5.xml:3293 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3293 +#: sssd.conf.5.xml:3296 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3297 +#: sssd.conf.5.xml:3300 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3812,32 +3819,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3305 +#: sssd.conf.5.xml:3308 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3309 +#: sssd.conf.5.xml:3312 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3313 +#: sssd.conf.5.xml:3316 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3316 sssd.conf.5.xml:3402 sssd.conf.5.xml:3467 -#: sssd.conf.5.xml:3492 sssd.conf.5.xml:3528 +#: sssd.conf.5.xml:3319 sssd.conf.5.xml:3405 sssd.conf.5.xml:3470 +#: sssd.conf.5.xml:3495 sssd.conf.5.xml:3531 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3320 +#: sssd.conf.5.xml:3323 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3848,7 +3855,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3335 +#: sssd.conf.5.xml:3338 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3857,12 +3864,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3345 +#: sssd.conf.5.xml:3348 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3348 +#: sssd.conf.5.xml:3351 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3870,7 +3877,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3354 +#: sssd.conf.5.xml:3357 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3878,31 +3885,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3362 +#: sssd.conf.5.xml:3365 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3365 +#: sssd.conf.5.xml:3368 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3371 +#: sssd.conf.5.xml:3374 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3374 +#: sssd.conf.5.xml:3377 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3380 +#: sssd.conf.5.xml:3383 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3910,7 +3917,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3389 +#: sssd.conf.5.xml:3392 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3919,17 +3926,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3398 +#: sssd.conf.5.xml:3401 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3408 +#: sssd.conf.5.xml:3411 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3411 +#: sssd.conf.5.xml:3414 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3937,36 +3944,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3418 +#: sssd.conf.5.xml:3421 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3422 +#: sssd.conf.5.xml:3425 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3426 +#: sssd.conf.5.xml:3429 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3433 +#: sssd.conf.5.xml:3436 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3436 +#: sssd.conf.5.xml:3439 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3440 +#: sssd.conf.5.xml:3443 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3974,7 +3981,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3447 +#: sssd.conf.5.xml:3450 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3982,7 +3989,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3455 +#: sssd.conf.5.xml:3458 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3990,24 +3997,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3464 +#: sssd.conf.5.xml:3467 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3474 +#: sssd.conf.5.xml:3477 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3477 +#: sssd.conf.5.xml:3480 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3481 +#: sssd.conf.5.xml:3484 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -4015,31 +4022,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3492 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3499 +#: sssd.conf.5.xml:3502 msgid "resolver_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3502 +#: sssd.conf.5.xml:3505 msgid "" "The provider which should handle hosts and networks lookups. Supported " "resolver providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3506 +#: sssd.conf.5.xml:3509 msgid "" "<quote>proxy</quote> to forward lookups to another NSS library. See " "<quote>proxy_resolver_lib_name</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3510 +#: sssd.conf.5.xml:3513 msgid "" "<quote>ldap</quote> to fetch hosts and networks stored in LDAP. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -4047,7 +4054,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3517 +#: sssd.conf.5.xml:3520 msgid "" "<quote>ad</quote> to fetch hosts and networks stored in AD. See " "<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" @@ -4056,12 +4063,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3525 +#: sssd.conf.5.xml:3528 msgid "<quote>none</quote> disallows fetching hosts and networks explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3538 +#: sssd.conf.5.xml:3541 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -4071,24 +4078,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3547 +#: sssd.conf.5.xml:3550 msgid "" "Default: <quote>^((?P<name>.+)@(?P<domain>[^@]*)|(?P<name>" "[^@]+))$</quote> which allows two different styles for user names:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3552 sssd.conf.5.xml:3566 +#: sssd.conf.5.xml:3555 sssd.conf.5.xml:3569 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3555 sssd.conf.5.xml:3569 +#: sssd.conf.5.xml:3558 sssd.conf.5.xml:3572 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3560 +#: sssd.conf.5.xml:3563 msgid "" "Default for the AD and IPA provider: <quote>^(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+))|((?P<name>.+)@(?P<domain>[^@]+))|((?P<" @@ -4097,19 +4104,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3572 +#: sssd.conf.5.xml:3575 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3575 +#: sssd.conf.5.xml:3578 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3580 +#: sssd.conf.5.xml:3583 msgid "" "The default re_expression uses the <quote>@</quote> character as a separator " "between the name and the domain. As a result of this setting the default " @@ -4119,89 +4126,89 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3632 +#: sssd.conf.5.xml:3635 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3638 +#: sssd.conf.5.xml:3641 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3641 +#: sssd.conf.5.xml:3644 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3645 +#: sssd.conf.5.xml:3648 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3648 +#: sssd.conf.5.xml:3651 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3651 +#: sssd.conf.5.xml:3654 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3654 +#: sssd.conf.5.xml:3657 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3657 +#: sssd.conf.5.xml:3660 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3660 +#: sssd.conf.5.xml:3663 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3666 +#: sssd.conf.5.xml:3669 msgid "dns_resolver_server_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3669 +#: sssd.conf.5.xml:3672 msgid "" "Defines the amount of time (in milliseconds) SSSD would try to talk to DNS " "server before trying next DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3674 +#: sssd.conf.5.xml:3677 msgid "" "The AD provider will use this option for the CLDAP ping timeouts as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3678 sssd.conf.5.xml:3698 sssd.conf.5.xml:3719 +#: sssd.conf.5.xml:3681 sssd.conf.5.xml:3701 sssd.conf.5.xml:3722 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3683 sssd-ldap.5.xml:645 include/failover.xml:84 +#: sssd.conf.5.xml:3686 sssd-ldap.5.xml:656 include/failover.xml:84 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3689 +#: sssd.conf.5.xml:3692 msgid "dns_resolver_op_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3692 +#: sssd.conf.5.xml:3695 msgid "" "Defines the amount of time (in seconds) to wait to resolve single DNS query " "(e.g. resolution of a hostname or an SRV record) before trying the next " @@ -4209,17 +4216,17 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3703 include/failover.xml:100 +#: sssd.conf.5.xml:3706 include/failover.xml:100 msgid "Default: 3" msgstr "Пешфарз: 3" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3709 +#: sssd.conf.5.xml:3712 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3712 +#: sssd.conf.5.xml:3715 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -4228,12 +4235,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3730 +#: sssd.conf.5.xml:3733 msgid "dns_resolver_use_search_list (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3733 +#: sssd.conf.5.xml:3736 msgid "" "Normally, the DNS resolver searches the domain list defined in the " "\"search\" directive from the resolv.conf file. This can lead to delays in " @@ -4241,7 +4248,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3739 +#: sssd.conf.5.xml:3742 msgid "" "If fully qualified domain names (or _srv_) are used in the SSSD " "configuration, setting this option to FALSE can prevent unnecessary DNS " @@ -4249,34 +4256,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3745 +#: sssd.conf.5.xml:3748 msgid "Default: TRUE" msgstr "Пешфарз: TRUE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3751 +#: sssd.conf.5.xml:3754 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3754 +#: sssd.conf.5.xml:3757 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3758 +#: sssd.conf.5.xml:3761 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3764 +#: sssd.conf.5.xml:3767 msgid "failover_primary_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3767 +#: sssd.conf.5.xml:3770 msgid "" "When no primary server is available, SSSD fails over to a backup server. " "This option defines the number of seconds SSSD waits before attempting to " @@ -4284,59 +4291,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3774 +#: sssd.conf.5.xml:3777 msgid "Note: The minimum value is 31." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3777 +#: sssd.conf.5.xml:3780 #, fuzzy #| msgid "Default: 3" msgid "Default: 31" msgstr "Пешфарз: 3" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3783 +#: sssd.conf.5.xml:3786 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3786 +#: sssd.conf.5.xml:3789 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3792 +#: sssd.conf.5.xml:3795 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3799 +#: sssd.conf.5.xml:3802 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3802 +#: sssd.conf.5.xml:3805 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3808 +#: sssd.conf.5.xml:3811 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3810 +#: sssd.conf.5.xml:3813 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3814 +#: sssd.conf.5.xml:3817 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3817 +#: sssd.conf.5.xml:3820 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -4344,31 +4351,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3825 +#: sssd.conf.5.xml:3828 msgid "" "If you want to set this value for trusted domain with IPA provider, you need " "to set it on both the client and SSSD on the server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3795 +#: sssd.conf.5.xml:3798 msgid "" "Treat user and group names as case sensitive. Possible option values are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3840 +#: sssd.conf.5.xml:3843 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3846 +#: sssd.conf.5.xml:3849 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3849 +#: sssd.conf.5.xml:3852 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -4376,104 +4383,104 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3855 +#: sssd.conf.5.xml:3858 msgid "ldap_search_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3858 +#: sssd.conf.5.xml:3861 msgid "ldap_network_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3861 +#: sssd.conf.5.xml:3864 msgid "ldap_opt_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3864 +#: sssd.conf.5.xml:3867 msgid "ldap_offline_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3867 +#: sssd.conf.5.xml:3870 msgid "ldap_enumeration_refresh_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3870 +#: sssd.conf.5.xml:3873 msgid "ldap_enumeration_refresh_offset" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3873 +#: sssd.conf.5.xml:3876 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3876 +#: sssd.conf.5.xml:3879 msgid "ldap_purge_cache_offset" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3879 +#: sssd.conf.5.xml:3882 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3883 +#: sssd.conf.5.xml:3886 msgid "ldap_krb5_ticket_lifetime" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3886 +#: sssd.conf.5.xml:3889 msgid "ldap_enumeration_search_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3889 +#: sssd.conf.5.xml:3892 msgid "ldap_connection_expire_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3892 +#: sssd.conf.5.xml:3895 msgid "ldap_connection_expire_offset" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3895 +#: sssd.conf.5.xml:3898 msgid "ldap_connection_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3898 sssd-ldap.5.xml:401 +#: sssd.conf.5.xml:3901 sssd-ldap.5.xml:412 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3901 +#: sssd.conf.5.xml:3904 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3904 +#: sssd.conf.5.xml:3907 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3907 +#: sssd.conf.5.xml:3910 msgid "auto_private_groups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3910 +#: sssd.conf.5.xml:3913 msgid "case_sensitive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3915 +#: sssd.conf.5.xml:3918 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -4481,27 +4488,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3922 +#: sssd.conf.5.xml:3925 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3929 +#: sssd.conf.5.xml:3932 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3940 +#: sssd.conf.5.xml:3943 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3941 +#: sssd.conf.5.xml:3944 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3932 +#: sssd.conf.5.xml:3935 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -4511,34 +4518,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3946 +#: sssd.conf.5.xml:3949 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3950 +#: sssd.conf.5.xml:3953 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3955 +#: sssd.conf.5.xml:3958 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3958 +#: sssd.conf.5.xml:3961 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3964 +#: sssd.conf.5.xml:3967 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3967 +#: sssd.conf.5.xml:3970 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -4547,19 +4554,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3975 +#: sssd.conf.5.xml:3978 msgid "" "This option's value is inherited by all trusted domains. At the moment it is " "not possible to set a different value per trusted domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3980 +#: sssd.conf.5.xml:3983 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3984 +#: sssd.conf.5.xml:3987 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -4567,12 +4574,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3995 +#: sssd.conf.5.xml:3998 msgid "local_auth_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3998 +#: sssd.conf.5.xml:4001 msgid "" "Local authentication methods policy. Some backends (i.e. LDAP, proxy " "provider) only support a password based authentication, while others can " @@ -4584,7 +4591,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4010 +#: sssd.conf.5.xml:4013 msgid "" "There are three possible values for this option: match, only, enable. " "<quote>match</quote> is used to match offline and online states for Kerberos " @@ -4596,7 +4603,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4023 +#: sssd.conf.5.xml:4026 msgid "" "The following table shows which authentication methods, if configured " "properly, are currently enabled or disabled for each backend, with the " @@ -4604,42 +4611,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4036 +#: sssd.conf.5.xml:4039 msgid "local_auth_policy = match (default)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4037 +#: sssd.conf.5.xml:4040 msgid "Passkey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4038 +#: sssd.conf.5.xml:4041 msgid "Smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4041 sssd-ldap.5.xml:189 +#: sssd.conf.5.xml:4044 sssd-ldap.5.xml:189 msgid "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4044 sssd-ldap.5.xml:194 +#: sssd.conf.5.xml:4047 sssd-ldap.5.xml:194 msgid "AD" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para> -#: sssd.conf.5.xml:4044 sssd.conf.5.xml:4047 sssd.conf.5.xml:4048 +#: sssd.conf.5.xml:4047 sssd.conf.5.xml:4050 sssd.conf.5.xml:4051 msgid "disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry> -#: sssd.conf.5.xml:4047 +#: sssd.conf.5.xml:4050 msgid "LDAP" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4052 +#: sssd.conf.5.xml:4055 msgid "" "Please note that if local Smartcard authentication is enabled and a " "Smartcard is present, Smartcard authentication will be preferred over the " @@ -4648,7 +4655,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4064 +#: sssd.conf.5.xml:4067 #, no-wrap msgid "" "[domain/shadowutils]\n" @@ -4659,7 +4666,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4060 +#: sssd.conf.5.xml:4063 msgid "" "The following configuration example allows local users to authenticate " "locally using any enabled method (i.e. smartcard, passkey). <placeholder " @@ -4667,38 +4674,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4072 +#: sssd.conf.5.xml:4075 msgid "" "It is expected that the <quote>files</quote> provider ignores the " "local_auth_policy option and supports Smartcard authentication by default." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4077 +#: sssd.conf.5.xml:4080 #, fuzzy #| msgid "Default: 3" msgid "Default: match" msgstr "Пешфарз: 3" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4082 +#: sssd.conf.5.xml:4085 msgid "auto_private_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4088 +#: sssd.conf.5.xml:4091 msgid "true" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4091 +#: sssd.conf.5.xml:4094 msgid "" "Create user's private group unconditionally from user's UID number. The GID " "number is ignored in this case." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4095 +#: sssd.conf.5.xml:4098 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -4707,24 +4714,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4104 +#: sssd.conf.5.xml:4107 msgid "false" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4107 +#: sssd.conf.5.xml:4110 msgid "" "Always use the user's primary GID number. The GID number must refer to a " "group object in the LDAP database." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4113 +#: sssd.conf.5.xml:4116 msgid "hybrid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4116 +#: sssd.conf.5.xml:4119 msgid "" "A primary group is autogenerated for user entries whose UID and GID numbers " "have the same value and at the same time the GID number does not correspond " @@ -4734,14 +4741,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4129 +#: sssd.conf.5.xml:4132 msgid "" "If the UID and GID of a user are different, then the GID must correspond to " "a group entry, otherwise the GID is simply not resolvable." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4136 +#: sssd.conf.5.xml:4139 msgid "" "This feature is useful for environments that wish to stop maintaining a " "separate group objects for the user private groups, but also wish to retain " @@ -4749,21 +4756,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4085 +#: sssd.conf.5.xml:4088 msgid "" "This option takes any of three available values: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4148 +#: sssd.conf.5.xml:4151 msgid "" "For subdomains, the default value is False for subdomains that use assigned " "POSIX IDs and True for subdomains that use automatic ID-mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4156 +#: sssd.conf.5.xml:4159 #, no-wrap msgid "" "[domain/forest.domain/sub.domain]\n" @@ -4771,7 +4778,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4162 +#: sssd.conf.5.xml:4165 #, no-wrap msgid "" "[domain/forest.domain]\n" @@ -4780,7 +4787,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4153 +#: sssd.conf.5.xml:4156 msgid "" "The value of auto_private_groups can either be set per subdomains in a " "subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " @@ -4789,7 +4796,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2552 +#: sssd.conf.5.xml:2555 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -4797,17 +4804,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4177 +#: sssd.conf.5.xml:4180 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4180 +#: sssd.conf.5.xml:4183 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4183 +#: sssd.conf.5.xml:4186 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here. As an alternative you can " @@ -4815,12 +4822,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4193 +#: sssd.conf.5.xml:4196 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4196 +#: sssd.conf.5.xml:4199 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -4828,12 +4835,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4206 +#: sssd.conf.5.xml:4209 msgid "proxy_resolver_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4209 +#: sssd.conf.5.xml:4212 msgid "" "The name of the NSS library to use for hosts and networks lookups in proxy " "domains. The NSS functions searched for in the library are in the form of " @@ -4841,12 +4848,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4220 +#: sssd.conf.5.xml:4223 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4223 +#: sssd.conf.5.xml:4226 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -4855,12 +4862,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4237 +#: sssd.conf.5.xml:4240 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4240 +#: sssd.conf.5.xml:4243 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -4868,19 +4875,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4173 +#: sssd.conf.5.xml:4176 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" " "id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:4256 +#: sssd.conf.5.xml:4259 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4258 +#: sssd.conf.5.xml:4261 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -4897,7 +4904,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4278 +#: sssd.conf.5.xml:4281 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -4905,17 +4912,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:4284 +#: sssd.conf.5.xml:4287 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4286 +#: sssd.conf.5.xml:4289 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4289 +#: sssd.conf.5.xml:4292 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -4924,7 +4931,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4303 +#: sssd.conf.5.xml:4306 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -4934,7 +4941,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:4311 +#: sssd.conf.5.xml:4314 #, no-wrap msgid "" "[sssd]\n" @@ -4954,12 +4961,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4331 +#: sssd.conf.5.xml:4334 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4333 +#: sssd.conf.5.xml:4336 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -4970,69 +4977,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4340 +#: sssd.conf.5.xml:4343 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4341 +#: sssd.conf.5.xml:4344 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4342 +#: sssd.conf.5.xml:4345 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4343 +#: sssd.conf.5.xml:4346 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4344 +#: sssd.conf.5.xml:4347 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4345 +#: sssd.conf.5.xml:4348 msgid "ldap_sasl_mech," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4346 +#: sssd.conf.5.xml:4349 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4347 +#: sssd.conf.5.xml:4350 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4348 +#: sssd.conf.5.xml:4351 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4349 sssd-ipa.5.xml:884 +#: sssd.conf.5.xml:4352 sssd-ipa.5.xml:948 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4353 +#: sssd.conf.5.xml:4356 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4359 +#: sssd.conf.5.xml:4362 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4361 +#: sssd.conf.5.xml:4364 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -5045,7 +5052,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4375 +#: sssd.conf.5.xml:4378 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -5053,7 +5060,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4384 +#: sssd.conf.5.xml:4387 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -5062,55 +5069,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4391 +#: sssd.conf.5.xml:4394 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4394 +#: sssd.conf.5.xml:4397 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4398 +#: sssd.conf.5.xml:4401 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4405 +#: sssd.conf.5.xml:4408 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4408 +#: sssd.conf.5.xml:4411 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4414 +#: sssd.conf.5.xml:4417 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4420 +#: sssd.conf.5.xml:4423 msgid "" -"The RULE_NAME for the <quote>files</quote> provider which tries to find a " -"user with the same name." +"If maprule is not set and provider is <quote>proxy</quote><phrase " +"condition=\"with_files_provider\">  or <quote>files</quote></phrase>, " +"the RULE_NAME name is assumed to be the name of the matching user." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4429 +#: sssd.conf.5.xml:4434 msgid "domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4432 +#: sssd.conf.5.xml:4437 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -5119,17 +5127,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4439 +#: sssd.conf.5.xml:4444 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4444 +#: sssd.conf.5.xml:4449 msgid "priority (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4447 +#: sssd.conf.5.xml:4452 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -5137,26 +5145,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4453 +#: sssd.conf.5.xml:4458 msgid "Default: the lowest priority" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4459 +#: sssd.conf.5.xml:4464 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4465 +#: sssd.conf.5.xml:4470 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4471 +#: sssd.conf.5.xml:4476 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -5165,17 +5173,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4480 +#: sssd.conf.5.xml:4485 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4488 +#: sssd.conf.5.xml:4493 msgid "PROMPTING CONFIGURATION SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4490 +#: sssd.conf.5.xml:4495 msgid "" "If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" "filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " @@ -5185,7 +5193,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4498 +#: sssd.conf.5.xml:4503 msgid "" "With the growing number of authentication methods and the possibility that " "there are multiple ones for a single user the heuristic used by pam_sss to " @@ -5194,59 +5202,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4510 +#: sssd.conf.5.xml:4515 msgid "[prompting/password]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4513 +#: sssd.conf.5.xml:4518 msgid "password_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4514 +#: sssd.conf.5.xml:4519 msgid "to change the string of the password prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4512 +#: sssd.conf.5.xml:4517 msgid "" "to configure password prompting, allowed options are: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4522 +#: sssd.conf.5.xml:4527 msgid "[prompting/2fa]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4526 +#: sssd.conf.5.xml:4531 msgid "first_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4527 +#: sssd.conf.5.xml:4532 msgid "to change the string of the prompt for the first factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4530 +#: sssd.conf.5.xml:4535 msgid "second_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4531 +#: sssd.conf.5.xml:4536 msgid "to change the string of the prompt for the second factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4534 +#: sssd.conf.5.xml:4539 msgid "single_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4535 +#: sssd.conf.5.xml:4540 msgid "" "boolean value, if True there will be only a single prompt using the value of " "first_prompt where it is expected that both factors are entered as a single " @@ -5255,7 +5263,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4524 +#: sssd.conf.5.xml:4529 msgid "" "to configure two-factor authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/> If the second factor is " @@ -5264,7 +5272,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4548 +#: sssd.conf.5.xml:4553 msgid "" "Some clients, such as SSH with 'PasswordAuthentication yes', generate their " "own prompts and do not use prompts provided by SSSD or other PAM modules. " @@ -5275,17 +5283,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4563 +#: sssd.conf.5.xml:4568 msgid "[prompting/passkey]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4569 sssd-ad.5.xml:1022 +#: sssd.conf.5.xml:4574 sssd-ad.5.xml:1022 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4571 +#: sssd.conf.5.xml:4576 msgid "" "boolean value, if True prompt a message and wait before testing the presence " "of a passkey device. Recommended if your device doesn’t have a tactile " @@ -5293,46 +5301,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4579 +#: sssd.conf.5.xml:4584 msgid "interactive_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4581 +#: sssd.conf.5.xml:4586 msgid "to change the message of the interactive prompt." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4586 +#: sssd.conf.5.xml:4591 msgid "touch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4588 +#: sssd.conf.5.xml:4593 msgid "" "boolean value, if True prompt a message to remind the user to touch the " "device." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4594 +#: sssd.conf.5.xml:4599 msgid "touch_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4596 +#: sssd.conf.5.xml:4601 msgid "to change the message of the touch prompt." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4565 +#: sssd.conf.5.xml:4570 msgid "" "to configure passkey authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4505 +#: sssd.conf.5.xml:4510 msgid "" "Each supported authentication method has its own configuration subsection " "under <quote>[prompting/...]</quote>. Currently there are: <placeholder " @@ -5341,7 +5349,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4607 +#: sssd.conf.5.xml:4612 msgid "" "It is possible to add a subsection for specific PAM services, e.g. " "<quote>[prompting/password/sshd]</quote> to individual change the prompting " @@ -5349,12 +5357,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4614 pam_sss_gss.8.xml:157 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:4619 pam_sss_gss.8.xml:157 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4620 +#: sssd.conf.5.xml:4625 #, no-wrap msgid "" "[sssd]\n" @@ -5383,7 +5391,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4616 +#: sssd.conf.5.xml:4621 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -5392,7 +5400,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4652 +#: sssd.conf.5.xml:4657 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -5400,7 +5408,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4646 +#: sssd.conf.5.xml:4651 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -5411,7 +5419,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4663 +#: sssd.conf.5.xml:4668 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -5422,7 +5430,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4657 +#: sssd.conf.5.xml:4662 msgid "" "3. The following example shows the configuration of a certificate mapping " "rule. It is valid for the configured domain <quote>my.domain</quote> and " @@ -5692,8 +5700,17 @@ msgstr "" msgid "ldap_modify - Direct modification of userPassword (not recommended)." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:239 +msgid "" +"exop_force - Try Password Modify Extended Operation (RFC 3062) even if there " +"are no grace logins left. Depending on the type and configuration of the " +"LDAP server the password change might fail because an authenticated bind is " +"not possible." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:240 +#: sssd-ldap.5.xml:251 msgid "" "Note: First, a new connection is established to verify current password by " "binding as the user that requested password change. If successful, this " @@ -5702,74 +5719,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:248 +#: sssd-ldap.5.xml:259 msgid "Default: exop" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:265 msgid "ldap_default_bind_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:268 msgid "The default bind DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:264 +#: sssd-ldap.5.xml:275 msgid "ldap_default_authtok_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:267 +#: sssd-ldap.5.xml:278 msgid "The type of the authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:271 +#: sssd-ldap.5.xml:282 msgid "The two mechanisms currently supported are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:274 +#: sssd-ldap.5.xml:285 msgid "password" msgstr "парол" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:288 msgid "obfuscated_password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:291 msgid "Default: password" msgstr "Пешфарз: парол" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:283 +#: sssd-ldap.5.xml:294 msgid "" "See the <citerefentry> <refentrytitle>sss_obfuscate</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> manual page for more information." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:294 +#: sssd-ldap.5.xml:305 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 +#: sssd-ldap.5.xml:308 msgid "The authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:314 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:317 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -5778,24 +5795,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:319 +#: sssd-ldap.5.xml:330 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:322 +#: sssd-ldap.5.xml:333 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:349 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:341 +#: sssd-ldap.5.xml:352 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -5803,7 +5820,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:358 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -5812,12 +5829,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:367 +#: sssd-ldap.5.xml:378 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:370 +#: sssd-ldap.5.xml:381 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5825,7 +5842,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:377 +#: sssd-ldap.5.xml:388 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5835,7 +5852,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:397 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5845,67 +5862,67 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:395 +#: sssd-ldap.5.xml:406 msgid "Default: 2" msgstr "Пешфарз: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 +#: sssd-ldap.5.xml:415 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:414 +#: sssd-ldap.5.xml:425 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:420 +#: sssd-ldap.5.xml:431 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:423 +#: sssd-ldap.5.xml:434 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:427 sssd-ipa.5.xml:462 sssd-ipa.5.xml:481 sssd-ipa.5.xml:500 -#: sssd-ipa.5.xml:519 +#: sssd-ldap.5.xml:438 sssd-ipa.5.xml:526 sssd-ipa.5.xml:545 sssd-ipa.5.xml:564 +#: sssd-ipa.5.xml:583 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " "multiple search bases." msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:432 sssd-ipa.5.xml:467 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:443 sssd-ipa.5.xml:531 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:450 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:444 +#: sssd-ldap.5.xml:455 msgid "ldap_iphost_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:449 +#: sssd-ldap.5.xml:460 msgid "ldap_ipnetwork_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:465 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:468 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5913,7 +5930,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:463 +#: sssd-ldap.5.xml:474 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5921,12 +5938,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:480 +#: sssd-ldap.5.xml:491 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:483 +#: sssd-ldap.5.xml:494 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5934,12 +5951,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:501 +#: sssd-ldap.5.xml:512 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:504 +#: sssd-ldap.5.xml:515 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5950,12 +5967,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:532 +#: sssd-ldap.5.xml:543 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:546 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5964,12 +5981,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:566 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:569 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5978,7 +5995,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:577 msgid "" "If the connection is idle (not actively running an operation) within " "<emphasis>ldap_opt_timeout</emphasis> seconds of expiration, then it will be " @@ -5989,36 +6006,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:578 +#: sssd-ldap.5.xml:589 msgid "" "This timeout can be extended of a random value specified by " "<emphasis>ldap_connection_expire_offset</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:588 sssd-ldap.5.xml:631 sssd-ldap.5.xml:1749 +#: sssd-ldap.5.xml:599 sssd-ldap.5.xml:642 sssd-ldap.5.xml:1760 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:594 +#: sssd-ldap.5.xml:605 msgid "ldap_connection_expire_offset (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:597 +#: sssd-ldap.5.xml:608 msgid "" "Random offset between 0 and configured value is added to " "<emphasis>ldap_connection_expire_timeout</emphasis>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:624 msgid "ldap_connection_idle_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 +#: sssd-ldap.5.xml:627 msgid "" "Specifies a timeout (in seconds) that an idle connection to an LDAP server " "will be maintained. If the connection is idle for more than this time then " @@ -6026,29 +6043,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:622 +#: sssd-ldap.5.xml:633 msgid "You can disable this timeout by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:648 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:651 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:662 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:654 +#: sssd-ldap.5.xml:665 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -6056,14 +6073,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:660 +#: sssd-ldap.5.xml:671 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:666 +#: sssd-ldap.5.xml:677 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -6071,17 +6088,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:678 +#: sssd-ldap.5.xml:689 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:681 +#: sssd-ldap.5.xml:692 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:684 +#: sssd-ldap.5.xml:695 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -6091,12 +6108,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:699 +#: sssd-ldap.5.xml:710 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 +#: sssd-ldap.5.xml:713 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -6104,17 +6121,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:708 sssd-ldap.5.xml:724 +#: sssd-ldap.5.xml:719 sssd-ldap.5.xml:735 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:715 +#: sssd-ldap.5.xml:726 msgid "ldap_sasl_maxssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:718 +#: sssd-ldap.5.xml:729 msgid "" "When communicating with an LDAP server using SASL, specify the maximal " "security level necessary to establish the connection. The values of this " @@ -6122,12 +6139,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:742 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:734 +#: sssd-ldap.5.xml:745 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -6135,7 +6152,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:740 +#: sssd-ldap.5.xml:751 msgid "" "You can turn off dereference lookups completely by setting the value to 0. " "Please note that there are some codepaths in SSSD, like the IPA HBAC " @@ -6146,7 +6163,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:751 +#: sssd-ldap.5.xml:762 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -6155,7 +6172,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 +#: sssd-ldap.5.xml:770 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -6163,12 +6180,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:783 msgid "ldap_ignore_unreadable_references (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 +#: sssd-ldap.5.xml:786 msgid "" "Ignore unreadable LDAP entries referenced in group's member attribute. If " "this parameter is set to false an error will be returned and the operation " @@ -6176,7 +6193,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:782 +#: sssd-ldap.5.xml:793 msgid "" "This parameter may be useful when using the AD provider and the computer " "account that sssd uses to connect to AD does not have access to a particular " @@ -6184,26 +6201,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:795 +#: sssd-ldap.5.xml:806 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:798 +#: sssd-ldap.5.xml:809 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 +#: sssd-ldap.5.xml:815 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:808 +#: sssd-ldap.5.xml:819 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6211,7 +6228,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:826 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6219,7 +6236,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:821 +#: sssd-ldap.5.xml:832 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -6227,41 +6244,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:838 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:831 +#: sssd-ldap.5.xml:842 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:837 +#: sssd-ldap.5.xml:848 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:840 +#: sssd-ldap.5.xml:851 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 sssd-ldap.5.xml:864 sssd-ldap.5.xml:905 +#: sssd-ldap.5.xml:856 sssd-ldap.5.xml:875 sssd-ldap.5.xml:916 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:852 +#: sssd-ldap.5.xml:863 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:866 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -6271,32 +6288,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:871 +#: sssd-ldap.5.xml:882 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:885 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 +#: sssd-ldap.5.xml:895 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:898 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:907 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:910 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -6304,12 +6321,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 +#: sssd-ldap.5.xml:923 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:926 msgid "" "Specifies that the id_provider connection must also use <systemitem " "class=\"protocol\">tls</systemitem> to protect the channel. <emphasis>true</" @@ -6317,12 +6334,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:937 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:940 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -6330,17 +6347,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:946 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:945 +#: sssd-ldap.5.xml:956 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:959 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -6351,24 +6368,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:960 +#: sssd-ldap.5.xml:971 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:966 +#: sssd-ldap.5.xml:977 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:969 +#: sssd-ldap.5.xml:980 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " "tested and supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 +#: sssd-ldap.5.xml:984 msgid "" "If the backend supports sub-domains the value of ldap_sasl_mech is " "automatically inherited to the sub-domains. If a different value is needed " @@ -6379,12 +6396,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:989 +#: sssd-ldap.5.xml:1000 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1001 +#: sssd-ldap.5.xml:1012 #, no-wrap msgid "" "hostname@REALM\n" @@ -6397,7 +6414,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:992 +#: sssd-ldap.5.xml:1003 msgid "" "Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " "this represents the Kerberos principal used for authentication to the " @@ -6409,17 +6426,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1012 +#: sssd-ldap.5.xml:1023 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1018 +#: sssd-ldap.5.xml:1029 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1032 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6427,49 +6444,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1038 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 +#: sssd-ldap.5.xml:1044 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 +#: sssd-ldap.5.xml:1047 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1041 +#: sssd-ldap.5.xml:1052 msgid "Default: false;" msgstr "Пешфарз: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1047 +#: sssd-ldap.5.xml:1058 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1050 +#: sssd-ldap.5.xml:1061 msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 sssd-krb5.5.xml:247 +#: sssd-ldap.5.xml:1070 sssd-krb5.5.xml:247 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 +#: sssd-ldap.5.xml:1076 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 +#: sssd-ldap.5.xml:1079 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -6477,28 +6494,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1080 +#: sssd-ldap.5.xml:1091 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1094 msgid "" "Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1092 sssd-ad.5.xml:1253 +#: sssd-ldap.5.xml:1103 sssd-ad.5.xml:1256 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1098 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1109 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1101 +#: sssd-ldap.5.xml:1112 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6510,7 +6527,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1113 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1124 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6518,7 +6535,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1118 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1129 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -6526,39 +6543,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1127 sssd-ipa.5.xml:531 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1138 sssd-ipa.5.xml:595 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1130 +#: sssd-ldap.5.xml:1141 msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1134 +#: sssd-ldap.5.xml:1145 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1140 include/krb5_options.xml:154 +#: sssd-ldap.5.xml:1151 include/krb5_options.xml:154 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1143 +#: sssd-ldap.5.xml:1154 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1155 sssd-krb5.5.xml:336 +#: sssd-ldap.5.xml:1166 sssd-krb5.5.xml:336 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1158 sssd-krb5.5.xml:339 +#: sssd-ldap.5.xml:1169 sssd-krb5.5.xml:339 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -6568,7 +6585,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 sssd-krb5.5.xml:350 +#: sssd-ldap.5.xml:1180 sssd-krb5.5.xml:350 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -6576,26 +6593,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1183 +#: sssd-ldap.5.xml:1194 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1186 +#: sssd-ldap.5.xml:1197 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1202 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1196 +#: sssd-ldap.5.xml:1207 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -6604,7 +6621,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1204 +#: sssd-ldap.5.xml:1215 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -6612,31 +6629,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1213 +#: sssd-ldap.5.xml:1224 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1232 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1235 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 +#: sssd-ldap.5.xml:1239 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1233 +#: sssd-ldap.5.xml:1244 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6649,51 +6666,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1263 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1255 +#: sssd-ldap.5.xml:1266 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1259 +#: sssd-ldap.5.xml:1270 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1265 +#: sssd-ldap.5.xml:1276 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1279 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 +#: sssd-ldap.5.xml:1284 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1290 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 +#: sssd-ldap.5.xml:1293 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1288 +#: sssd-ldap.5.xml:1299 msgid "" "It is recommend to set this option explicitly if \"ldap_pwd_policy = " "shadow\" is used to let SSSD know if the LDAP server will update " @@ -6702,12 +6719,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1313 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1305 +#: sssd-ldap.5.xml:1316 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6723,12 +6740,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1336 msgid "Example:" msgstr "Намуна:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1328 +#: sssd-ldap.5.xml:1339 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6737,14 +6754,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1332 +#: sssd-ldap.5.xml:1343 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 +#: sssd-ldap.5.xml:1348 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6753,24 +6770,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1345 sssd-ldap.5.xml:1401 +#: sssd-ldap.5.xml:1356 sssd-ldap.5.xml:1412 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1351 +#: sssd-ldap.5.xml:1362 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1354 +#: sssd-ldap.5.xml:1365 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1358 +#: sssd-ldap.5.xml:1369 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6778,19 +6795,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1365 +#: sssd-ldap.5.xml:1376 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1368 +#: sssd-ldap.5.xml:1379 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1373 +#: sssd-ldap.5.xml:1384 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6799,7 +6816,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1380 +#: sssd-ldap.5.xml:1391 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6807,7 +6824,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1386 +#: sssd-ldap.5.xml:1397 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6816,7 +6833,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1394 +#: sssd-ldap.5.xml:1405 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6824,22 +6841,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1407 +#: sssd-ldap.5.xml:1418 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1410 sssd-ipa.5.xml:356 +#: sssd-ldap.5.xml:1421 sssd-ipa.5.xml:420 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 +#: sssd-ldap.5.xml:1425 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1417 +#: sssd-ldap.5.xml:1428 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6849,14 +6866,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1427 +#: sssd-ldap.5.xml:1438 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1434 +#: sssd-ldap.5.xml:1445 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6869,12 +6886,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1451 +#: sssd-ldap.5.xml:1462 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 sssd-ipa.5.xml:364 +#: sssd-ldap.5.xml:1466 sssd-ipa.5.xml:428 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6884,31 +6901,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1465 sssd-ipa.5.xml:374 +#: sssd-ldap.5.xml:1476 sssd-ipa.5.xml:438 msgid "" "The difference between these options is the action taken if user password is " "expired:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1470 sssd-ipa.5.xml:379 +#: sssd-ldap.5.xml:1481 sssd-ipa.5.xml:443 msgid "pwd_expire_policy_reject - user is denied to log in," msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1476 sssd-ipa.5.xml:385 +#: sssd-ldap.5.xml:1487 sssd-ipa.5.xml:449 msgid "pwd_expire_policy_warn - user is still able to log in," msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1482 sssd-ipa.5.xml:391 +#: sssd-ldap.5.xml:1493 sssd-ipa.5.xml:455 msgid "" "pwd_expire_policy_renew - user is prompted to change their password " "immediately." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1490 +#: sssd-ldap.5.xml:1501 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to shadow or mit_kerberos, these " @@ -6916,50 +6933,50 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1507 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1501 +#: sssd-ldap.5.xml:1512 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1505 +#: sssd-ldap.5.xml:1516 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1520 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1514 +#: sssd-ldap.5.xml:1525 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1528 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1524 +#: sssd-ldap.5.xml:1535 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 +#: sssd-ldap.5.xml:1538 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6968,74 +6985,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:1546 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1538 +#: sssd-ldap.5.xml:1549 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1555 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1558 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1563 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1556 +#: sssd-ldap.5.xml:1567 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1561 +#: sssd-ldap.5.xml:1572 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1566 +#: sssd-ldap.5.xml:1577 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 +#: sssd-ldap.5.xml:1582 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1579 +#: sssd-ldap.5.xml:1590 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1593 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1586 +#: sssd-ldap.5.xml:1597 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -7046,7 +7063,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1597 +#: sssd-ldap.5.xml:1608 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -7054,58 +7071,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1609 sssd-ifp.5.xml:152 +#: sssd-ldap.5.xml:1620 sssd-ifp.5.xml:152 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1612 +#: sssd-ldap.5.xml:1623 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1616 +#: sssd-ldap.5.xml:1627 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1631 msgid "Default: 1000 (often the size of one page)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1626 +#: sssd-ldap.5.xml:1637 msgid "ldap_library_debug_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1629 +#: sssd-ldap.5.xml:1640 msgid "" "Switches on libldap debugging with the given level. The libldap debug " "messages will be written independent of the general debug_level." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1634 +#: sssd-ldap.5.xml:1645 msgid "" "OpenLDAP uses a bitmap to enable debugging for specific components, -1 will " "enable full debug output." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1639 +#: sssd-ldap.5.xml:1650 msgid "Default: 0 (libldap debugging disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1645 +#: sssd-ldap.5.xml:1656 msgid "ldap_use_ppolicy (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1659 msgid "" "Turns on requesting and relying on the server-side password policy controls. " "Disabling this allows interacting with services which send back invalid " @@ -7113,12 +7130,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1671 msgid "ldap_ppolicy_pwd_change_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1663 +#: sssd-ldap.5.xml:1674 msgid "" "Forces a password change when server side password policy controls are " "enabled and remaining grace logins returned by the server after the " @@ -7141,12 +7158,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1683 +#: sssd-ldap.5.xml:1694 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1685 +#: sssd-ldap.5.xml:1696 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -7154,43 +7171,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 +#: sssd-ldap.5.xml:1707 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 +#: sssd-ldap.5.xml:1710 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1715 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1709 +#: sssd-ldap.5.xml:1720 msgid "" "You can disable full refresh by setting this option to 0. However, either " "smart or full refresh must be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1725 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1720 +#: sssd-ldap.5.xml:1731 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1734 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest " @@ -7198,14 +7215,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1740 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1733 +#: sssd-ldap.5.xml:1744 msgid "" "<emphasis>Note:</emphasis> the highest USN value can be updated by three " "tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " @@ -7215,19 +7232,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1744 +#: sssd-ldap.5.xml:1755 msgid "" "You can disable smart refresh by setting this option to 0. However, either " "smart or full refresh must be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1755 +#: sssd-ldap.5.xml:1766 msgid "ldap_sudo_random_offset (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1758 +#: sssd-ldap.5.xml:1769 msgid "" "Random offset between 0 and configured value is added to smart and full " "refresh periods each time the periodic task is scheduled. The value is in " @@ -7235,7 +7252,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 +#: sssd-ldap.5.xml:1775 msgid "" "Note that this random offset is also applied on the first SSSD start which " "delays the first sudo rules refresh. This prolongs the time when the sudo " @@ -7243,106 +7260,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1770 +#: sssd-ldap.5.xml:1781 msgid "You can disable this offset by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1780 +#: sssd-ldap.5.xml:1791 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1794 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1794 +#: sssd-ldap.5.xml:1805 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1797 +#: sssd-ldap.5.xml:1808 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1813 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1807 sssd-ldap.5.xml:1830 sssd-ldap.5.xml:1848 -#: sssd-ldap.5.xml:1866 +#: sssd-ldap.5.xml:1818 sssd-ldap.5.xml:1841 sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1877 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1812 sssd-ldap.5.xml:1835 +#: sssd-ldap.5.xml:1823 sssd-ldap.5.xml:1846 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1818 +#: sssd-ldap.5.xml:1829 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1821 +#: sssd-ldap.5.xml:1832 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1826 +#: sssd-ldap.5.xml:1837 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1841 +#: sssd-ldap.5.xml:1852 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1855 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1870 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1862 +#: sssd-ldap.5.xml:1873 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:1872 +#: sssd-ldap.5.xml:1883 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1884 +#: sssd-ldap.5.xml:1895 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7351,59 +7368,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1894 +#: sssd-ldap.5.xml:1905 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1896 +#: sssd-ldap.5.xml:1907 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1913 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1905 +#: sssd-ldap.5.xml:1916 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1919 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1919 +#: sssd-ldap.5.xml:1930 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1926 +#: sssd-ldap.5.xml:1937 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1931 +#: sssd-ldap.5.xml:1942 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1936 +#: sssd-ldap.5.xml:1947 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:1941 +#: sssd-ldap.5.xml:1952 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:1943 +#: sssd-ldap.5.xml:1954 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -7412,22 +7429,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:1950 +#: sssd-ldap.5.xml:1961 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:1963 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1968 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1921 +#: sssd-ldap.5.xml:1932 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -7436,14 +7453,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1972 sssd-simple.5.xml:131 sssd-ipa.5.xml:930 -#: sssd-ad.5.xml:1392 sssd-krb5.5.xml:483 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:1983 sssd-simple.5.xml:131 sssd-ipa.5.xml:994 +#: sssd-ad.5.xml:1459 sssd-krb5.5.xml:483 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:155 sssd-session-recording.5.xml:176 msgid "EXAMPLE" msgstr "НАМУНА" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1974 +#: sssd-ldap.5.xml:1985 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -7451,7 +7468,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1980 +#: sssd-ldap.5.xml:1991 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7464,27 +7481,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:1979 sssd-ldap.5.xml:1997 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:938 sssd-ad.5.xml:1400 sssd-sudo.5.xml:56 sssd-krb5.5.xml:492 -#: sssd-files.5.xml:162 sssd-files.5.xml:173 sssd-session-recording.5.xml:182 -#: include/ldap_id_mapping.xml:105 +#: sssd-ldap.5.xml:1990 sssd-ldap.5.xml:2008 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:1002 sssd-ad.5.xml:1467 sssd-sudo.5.xml:56 +#: sssd-krb5.5.xml:492 sssd-files.5.xml:162 sssd-files.5.xml:173 +#: sssd-session-recording.5.xml:182 include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1991 +#: sssd-ldap.5.xml:2002 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1993 +#: sssd-ldap.5.xml:2004 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1998 +#: sssd-ldap.5.xml:2009 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7500,13 +7517,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2013 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1415 sssd.8.xml:270 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2024 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1482 sssd.8.xml:270 sss_seed.8.xml:163 msgid "NOTES" msgstr "ЭЗОҲҲО" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2015 +#: sssd-ldap.5.xml:2026 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -9745,7 +9762,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 sssd-ad.5.xml:1182 +#: sssd-ipa.5.xml:129 sssd-ad.5.xml:1185 msgid "dyndns_update (boolean)" msgstr "" @@ -9760,7 +9777,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:141 sssd-ad.5.xml:1196 +#: sssd-ipa.5.xml:141 sssd-ad.5.xml:1199 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -9775,12 +9792,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:158 sssd-ad.5.xml:1207 +#: sssd-ipa.5.xml:158 sssd-ad.5.xml:1210 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:161 sssd-ad.5.xml:1210 +#: sssd-ipa.5.xml:161 sssd-ad.5.xml:1213 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -9801,12 +9818,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:178 sssd-ad.5.xml:1221 +#: sssd-ipa.5.xml:178 sssd-ad.5.xml:1224 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:181 sssd-ad.5.xml:1224 +#: sssd-ipa.5.xml:181 sssd-ad.5.xml:1227 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -9830,17 +9847,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:198 sssd-ad.5.xml:1235 +#: sssd-ipa.5.xml:198 sssd-ad.5.xml:1238 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:204 sssd-ad.5.xml:1291 +#: sssd-ipa.5.xml:204 sssd-ad.5.xml:1294 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:207 sssd-ad.5.xml:1294 +#: sssd-ipa.5.xml:207 sssd-ad.5.xml:1297 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -9848,17 +9865,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:213 sssd-ad.5.xml:1300 +#: sssd-ipa.5.xml:213 sssd-ad.5.xml:1303 msgid "Default: GSS-TSIG" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:219 sssd-ad.5.xml:1306 +#: sssd-ipa.5.xml:219 sssd-ad.5.xml:1309 msgid "dyndns_auth_ptr (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:222 sssd-ad.5.xml:1309 +#: sssd-ipa.5.xml:222 sssd-ad.5.xml:1312 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "PTR updates with the DNS server, insecure updates can be sent by setting " @@ -9866,7 +9883,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:228 sssd-ad.5.xml:1315 +#: sssd-ipa.5.xml:228 sssd-ad.5.xml:1318 msgid "Default: Same as dyndns_auth" msgstr "" @@ -9893,7 +9910,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1241 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1244 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -9906,12 +9923,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:276 sssd-ad.5.xml:1259 +#: sssd-ipa.5.xml:276 sssd-ad.5.xml:1262 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 sssd-ad.5.xml:1262 +#: sssd-ipa.5.xml:279 sssd-ad.5.xml:1265 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -9925,7 +9942,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:290 sssd-ad.5.xml:1267 +#: sssd-ipa.5.xml:290 sssd-ad.5.xml:1270 msgid "" "Note that <emphasis>dyndns_update_per_family</emphasis> parameter does not " "apply for PTR record updates. Those updates are always sent separately." @@ -9937,60 +9954,77 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1278 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1281 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:304 sssd-ad.5.xml:1281 +#: sssd-ipa.5.xml:304 sssd-ad.5.xml:1284 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:308 sssd-ad.5.xml:1285 +#: sssd-ipa.5.xml:308 sssd-ad.5.xml:1288 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:314 sssd-ad.5.xml:1321 +#: sssd-ipa.5.xml:314 sssd-ad.5.xml:1324 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1324 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1327 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 sssd-ad.5.xml:1329 +#: sssd-ipa.5.xml:322 sssd-ad.5.xml:1332 msgid "" "Setting this option makes sense for environments where the DNS server is " -"different from the identity server." +"different from the identity server or when we use encrypted DNS." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:327 sssd-ad.5.xml:1337 +msgid "" +"The parameter can be a simple string containing DNS name or IP address. It " +"can also be an URI. The URI can look like <emphasis>dns://servername/</" +"emphasis> or <emphasis>dns+tls://1.2.3.4:853#servername/</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:334 sssd-ad.5.xml:1344 +msgid "" +"The second example enables DNS-over-TLS protocol for DNS updates. The " +"nsupdate utility must support DoT - check the <emphasis>man nsupdate</" +"emphasis> before enabling it in SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:327 sssd-ad.5.xml:1334 +#: sssd-ipa.5.xml:340 sssd-ad.5.xml:1350 msgid "" "Please note that this option will be only used in fallback attempt when " -"previous attempt using autodetected settings failed." +"previous attempt using autodetected settings failed or when DNS-over-TLS is " +"enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:332 sssd-ad.5.xml:1339 +#: sssd-ipa.5.xml:346 sssd-ad.5.xml:1356 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:338 sssd-ad.5.xml:1345 +#: sssd-ipa.5.xml:352 sssd-ad.5.xml:1362 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:341 sssd-ad.5.xml:1348 +#: sssd-ipa.5.xml:355 sssd-ad.5.xml:1365 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -9998,177 +10032,233 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:353 +#: sssd-ipa.5.xml:367 sssd-ad.5.xml:1377 +msgid "dyndns_dot_cacert (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:370 sssd-ad.5.xml:1380 +msgid "" +"This option specifies the file of the certificate authorities certificates " +"(in PEM format) in order to verify the remote server TLS certificate when " +"using DoT." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:376 sssd-ad.5.xml:1386 +msgid "Default: None (use global certificate store)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:382 sssd-ad.5.xml:1392 +msgid "dyndns_dot_cert (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:385 sssd-ad.5.xml:1395 +msgid "" +"This option sets the certificate(s) file for authentication for the DoT " +"transport to the remote server. The certificate chain file is expected to be " +"in PEM format." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:391 sssd-ad.5.xml:1401 +msgid "" +"The <emphasis>dyndns_dot_cert</emphasis> and <emphasis>dyndns_dot_key</" +"emphasis> options must be both set to achieve mutual TLS authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:396 sssd-ipa.5.xml:411 sssd-ad.5.xml:1406 sssd-ad.5.xml:1421 +msgid "Default: None (Do not use TLS authentication)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:402 sssd-ad.5.xml:1412 +msgid "dyndns_dot_key (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:405 sssd-ad.5.xml:1415 +msgid "" +"This option sets the key file for authenticated encryption for the DoT " +"transport to the remote server. The private key file is expected to be in " +"PEM format." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:417 msgid "ipa_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:360 +#: sssd-ipa.5.xml:424 msgid "<emphasis>expire</emphasis>: use IPA's account expiration policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:399 +#: sssd-ipa.5.xml:463 msgid "" "Please note that 'access_provider = ipa' must be set for this feature to " "work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:406 +#: sssd-ipa.5.xml:470 msgid "ipa_deskprofile_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:409 +#: sssd-ipa.5.xml:473 msgid "" "Optional. Use the given string as search base for Desktop Profile related " "objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:413 sssd-ipa.5.xml:440 +#: sssd-ipa.5.xml:477 sssd-ipa.5.xml:504 msgid "Default: Use base DN" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:419 +#: sssd-ipa.5.xml:483 msgid "ipa_subid_ranges_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:422 +#: sssd-ipa.5.xml:486 msgid "" "Optional. Use the given string as search base for subordinate ranges related " "objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:426 +#: sssd-ipa.5.xml:490 msgid "Default: the value of <emphasis>cn=subids,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:433 +#: sssd-ipa.5.xml:497 msgid "ipa_hbac_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:436 +#: sssd-ipa.5.xml:500 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:446 +#: sssd-ipa.5.xml:510 msgid "ipa_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:449 +#: sssd-ipa.5.xml:513 msgid "Deprecated. Use ldap_host_search_base instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:455 +#: sssd-ipa.5.xml:519 msgid "ipa_selinux_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:458 +#: sssd-ipa.5.xml:522 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:474 +#: sssd-ipa.5.xml:538 msgid "ipa_subdomains_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:477 +#: sssd-ipa.5.xml:541 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 +#: sssd-ipa.5.xml:550 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:493 +#: sssd-ipa.5.xml:557 msgid "ipa_master_domain_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:496 +#: sssd-ipa.5.xml:560 msgid "Optional. Use the given string as search base for master domain object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:505 +#: sssd-ipa.5.xml:569 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 +#: sssd-ipa.5.xml:576 msgid "ipa_views_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 +#: sssd-ipa.5.xml:579 msgid "Optional. Use the given string as search base for views containers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:524 +#: sssd-ipa.5.xml:588 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:534 +#: sssd-ipa.5.xml:598 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:538 +#: sssd-ipa.5.xml:602 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:546 sssd-ad.5.xml:1363 +#: sssd-ipa.5.xml:610 sssd-ad.5.xml:1430 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:549 sssd-ad.5.xml:1366 +#: sssd-ipa.5.xml:613 sssd-ad.5.xml:1433 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:553 sssd-ad.5.xml:1370 +#: sssd-ipa.5.xml:617 sssd-ad.5.xml:1437 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:557 sssd-ad.5.xml:1374 +#: sssd-ipa.5.xml:621 sssd-ad.5.xml:1441 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:564 +#: sssd-ipa.5.xml:628 msgid "ipa_deskprofile_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:567 +#: sssd-ipa.5.xml:631 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server. This will reduce the latency and load on the IPA server if there " @@ -10176,34 +10266,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:574 sssd-ipa.5.xml:604 sssd-ipa.5.xml:620 sssd-ad.5.xml:600 +#: sssd-ipa.5.xml:638 sssd-ipa.5.xml:668 sssd-ipa.5.xml:684 sssd-ad.5.xml:600 msgid "Default: 5 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:580 +#: sssd-ipa.5.xml:644 msgid "ipa_deskprofile_request_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:583 +#: sssd-ipa.5.xml:647 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server in case the last request did not return any rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:588 +#: sssd-ipa.5.xml:652 msgid "Default: 60 (minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:594 +#: sssd-ipa.5.xml:658 msgid "ipa_hbac_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:597 +#: sssd-ipa.5.xml:661 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -10211,12 +10301,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:610 +#: sssd-ipa.5.xml:674 msgid "ipa_hbac_selinux (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:613 +#: sssd-ipa.5.xml:677 msgid "" "The amount of time between lookups of the SELinux maps against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -10224,33 +10314,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:626 +#: sssd-ipa.5.xml:690 msgid "ipa_server_mode (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:629 +#: sssd-ipa.5.xml:693 msgid "" "This option will be set by the IPA installer (ipa-server-install) " "automatically and denotes if SSSD is running on an IPA server or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:634 +#: sssd-ipa.5.xml:698 msgid "" "On an IPA server SSSD will lookup users and groups from trusted domains " "directly while on a client it will ask an IPA server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:639 +#: sssd-ipa.5.xml:703 msgid "" "NOTE: There are currently some assumptions that must be met when SSSD is " "running on an IPA server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:644 +#: sssd-ipa.5.xml:708 msgid "" "The <quote>ipa_server</quote> option must be configured to point to the IPA " "server itself. This is already the default set by the IPA installer, so no " @@ -10258,59 +10348,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:653 +#: sssd-ipa.5.xml:717 msgid "" "The <quote>full_name_format</quote> option must not be tweaked to only print " "short names for users from trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:668 +#: sssd-ipa.5.xml:732 msgid "ipa_automount_location (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:671 +#: sssd-ipa.5.xml:735 msgid "The automounter location this IPA client will be using" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:674 +#: sssd-ipa.5.xml:738 msgid "Default: The location named \"default\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:682 +#: sssd-ipa.5.xml:746 msgid "VIEWS AND OVERRIDES" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:691 +#: sssd-ipa.5.xml:755 msgid "ipa_view_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:694 +#: sssd-ipa.5.xml:758 msgid "Objectclass of the view container." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:697 +#: sssd-ipa.5.xml:761 msgid "Default: nsContainer" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:703 +#: sssd-ipa.5.xml:767 msgid "ipa_view_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:706 +#: sssd-ipa.5.xml:770 msgid "Name of the attribute holding the name of the view." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:710 sssd-ldap-attributes.5.xml:496 +#: sssd-ipa.5.xml:774 sssd-ldap-attributes.5.xml:496 #: sssd-ldap-attributes.5.xml:832 sssd-ldap-attributes.5.xml:913 #: sssd-ldap-attributes.5.xml:1010 sssd-ldap-attributes.5.xml:1068 #: sssd-ldap-attributes.5.xml:1226 sssd-ldap-attributes.5.xml:1271 @@ -10318,128 +10408,128 @@ msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:716 +#: sssd-ipa.5.xml:780 msgid "ipa_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:719 +#: sssd-ipa.5.xml:783 msgid "Objectclass of the override objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:722 +#: sssd-ipa.5.xml:786 msgid "Default: ipaOverrideAnchor" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:728 +#: sssd-ipa.5.xml:792 msgid "ipa_anchor_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:731 +#: sssd-ipa.5.xml:795 msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:735 +#: sssd-ipa.5.xml:799 msgid "Default: ipaAnchorUUID" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:741 +#: sssd-ipa.5.xml:805 msgid "ipa_user_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:744 +#: sssd-ipa.5.xml:808 msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:749 +#: sssd-ipa.5.xml:813 msgid "User overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:752 +#: sssd-ipa.5.xml:816 msgid "ldap_user_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:755 +#: sssd-ipa.5.xml:819 msgid "ldap_user_uid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:758 +#: sssd-ipa.5.xml:822 msgid "ldap_user_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:761 +#: sssd-ipa.5.xml:825 msgid "ldap_user_gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:764 +#: sssd-ipa.5.xml:828 msgid "ldap_user_home_directory" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:767 +#: sssd-ipa.5.xml:831 msgid "ldap_user_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:770 +#: sssd-ipa.5.xml:834 msgid "ldap_user_ssh_public_key" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:775 +#: sssd-ipa.5.xml:839 msgid "Default: ipaUserOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:781 +#: sssd-ipa.5.xml:845 msgid "ipa_group_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:784 +#: sssd-ipa.5.xml:848 msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:789 +#: sssd-ipa.5.xml:853 msgid "Group overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:792 +#: sssd-ipa.5.xml:856 msgid "ldap_group_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:795 +#: sssd-ipa.5.xml:859 msgid "ldap_group_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:800 +#: sssd-ipa.5.xml:864 msgid "Default: ipaGroupOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:684 +#: sssd-ipa.5.xml:748 msgid "" "SSSD can handle views and overrides which are offered by FreeIPA 4.1 and " "later version. Since all paths and objectclasses are fixed on the server " @@ -10449,19 +10539,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:812 +#: sssd-ipa.5.xml:876 msgid "SUBDOMAINS PROVIDER" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:814 +#: sssd-ipa.5.xml:878 msgid "" "The IPA subdomains provider behaves slightly differently if it is configured " "explicitly or implicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:818 +#: sssd-ipa.5.xml:882 msgid "" "If the option 'subdomains_provider = ipa' is found in the domain section of " "sssd.conf, the IPA subdomains provider is configured explicitly, and all " @@ -10469,7 +10559,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:824 +#: sssd-ipa.5.xml:888 msgid "" "If the option 'subdomains_provider' is not set in the domain section of sssd." "conf but there is the option 'id_provider = ipa', the IPA subdomains " @@ -10481,12 +10571,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:835 +#: sssd-ipa.5.xml:899 msgid "TRUSTED DOMAINS CONFIGURATION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:843 +#: sssd-ipa.5.xml:907 #, no-wrap msgid "" "[domain/ipa.domain.com/ad.domain.com]\n" @@ -10494,7 +10584,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:837 +#: sssd-ipa.5.xml:901 msgid "" "Some configuration options can also be set for a trusted domain. A trusted " "domain configuration can be set using the trusted domain subsection as shown " @@ -10504,80 +10594,80 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:848 +#: sssd-ipa.5.xml:912 msgid "" "For more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:855 +#: sssd-ipa.5.xml:919 msgid "" "Different configuration options are tunable for a trusted domain depending " "on whether you are configuring SSSD on an IPA server or an IPA client." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:860 +#: sssd-ipa.5.xml:924 msgid "OPTIONS TUNABLE ON IPA MASTERS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:862 +#: sssd-ipa.5.xml:926 msgid "" "The following options can be set in a subdomain section on an IPA master:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:866 sssd-ipa.5.xml:896 +#: sssd-ipa.5.xml:930 sssd-ipa.5.xml:960 msgid "ad_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:869 +#: sssd-ipa.5.xml:933 msgid "ad_backup_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:872 sssd-ipa.5.xml:899 +#: sssd-ipa.5.xml:936 sssd-ipa.5.xml:963 msgid "ad_site" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:875 +#: sssd-ipa.5.xml:939 msgid "ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:878 +#: sssd-ipa.5.xml:942 msgid "ldap_user_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:881 +#: sssd-ipa.5.xml:945 msgid "ldap_group_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:890 +#: sssd-ipa.5.xml:954 msgid "OPTIONS TUNABLE ON IPA CLIENTS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:892 +#: sssd-ipa.5.xml:956 msgid "" "The following options can be set in a subdomain section on an IPA client:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:904 +#: sssd-ipa.5.xml:968 msgid "" "Note that if both options are set, only <quote>ad_server</quote> is " "evaluated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:908 +#: sssd-ipa.5.xml:972 msgid "" "Since any request for a user or a group identity from a trusted domain " "triggered from an IPA client is resolved by the IPA server, the " @@ -10591,7 +10681,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:932 +#: sssd-ipa.5.xml:996 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10599,7 +10689,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:939 +#: sssd-ipa.5.xml:1003 #, no-wrap msgid "" "[domain/example.com]\n" @@ -11725,6 +11815,11 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:1136 +msgid "This option is deprecated." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1139 msgid "" "If this option is set to <quote>true</quote> SSSD will not filter out Domain " "Local groups from remote domains in the AD forest. By default they are " @@ -11735,7 +11830,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1146 +#: sssd-ad.5.xml:1149 msgid "" "Please note that setting this option to <quote>true</quote> will be against " "the intention of Domain Local group in Active Directory and <emphasis>SHOULD " @@ -11750,7 +11845,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1162 +#: sssd-ad.5.xml:1165 msgid "" "Given the comments above, if this option is set to <quote>true</quote> the " "tokenGroups request must be disabled by setting <quote>ldap_use_tokengroups</" @@ -11762,7 +11857,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1185 +#: sssd-ad.5.xml:1188 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -11773,19 +11868,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1215 +#: sssd-ad.5.xml:1218 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1231 +#: sssd-ad.5.xml:1234 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1244 +#: sssd-ad.5.xml:1247 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -11795,7 +11890,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1394 +#: sssd-ad.5.xml:1461 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -11803,7 +11898,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1401 +#: sssd-ad.5.xml:1468 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -11818,7 +11913,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1421 +#: sssd-ad.5.xml:1488 #, no-wrap msgid "" "access_provider = ldap\n" @@ -11827,7 +11922,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1417 +#: sssd-ad.5.xml:1484 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -11835,7 +11930,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1427 +#: sssd-ad.5.xml:1494 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -11845,7 +11940,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1435 +#: sssd-ad.5.xml:1502 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -17406,7 +17501,7 @@ msgstr "" #: include/ldap_id_mapping.xml:67 msgid "" "The SSSD ID-mapping algorithm takes a range of available UIDs and divides it " -"into equally-sized component sections - called \"slices\"-. Each slice " +"into equally-sized component sections - called \"slices\". Each slice " "represents the space available to an Active Directory domain." msgstr "" @@ -17551,7 +17646,7 @@ msgid "" "For example, if your most recently-added Active Directory user has " "objectSid=S-1-5-21-2153326666-2176343378-3404031434-1107, " "<quote>ldap_idmap_range_size</quote> must be at least 1108 as range size is " -"equal to maximal SID minus minimal SID plus one (e.g. 1108 = 1107 - 0 + 1)." +"equal to maximal RID minus minimal RID plus one (e.g. 1108 = 1107 - 0 + 1)." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> diff --git a/src/man/po/uk.po b/src/man/po/uk.po index 0311507f1db..08642c84c78 100644 --- a/src/man/po/uk.po +++ b/src/man/po/uk.po @@ -15,7 +15,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 2.3.0\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2024-10-15 11:44+0200\n" +"POT-Creation-Date: 2024-12-10 14:33+0100\n" "PO-Revision-Date: 2024-06-27 05:36+0000\n" "Last-Translator: Yuri Chornoivan <yurchor@ukr.net>\n" "Language-Team: Ukrainian <https://translate.fedoraproject.org/projects/sssd/" @@ -142,21 +142,26 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:60 +#, fuzzy +#| msgid "" +#| "<filename>sssd.conf</filename> must be a regular file that is owned, " +#| "readable, and writeable by the same user as configured to run SSSD " +#| "service." msgid "" -"<filename>sssd.conf</filename> must be a regular file that is owned, " -"readable, and writeable by the same user as configured to run SSSD service." +"<filename>sssd.conf</filename> must be a regular file that is accessible " +"only by the user used to run SSSD service or root." msgstr "" "<filename>sssd.conf</filename> має бути звичайним файлом, який є власністю, " "придатним до читання і запису для того самого користувача, від імені якого " "буде запущено службу SSSD за налаштуваннями." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:67 +#: sssd.conf.5.xml:66 msgid "CONFIGURATION SNIPPETS FROM INCLUDE DIRECTORY" msgstr "ФРАГМЕНТИ НАЛАШТУВАНЬ З КАТАЛОГУ ВКЛЮЧЕННЯ" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:70 +#: sssd.conf.5.xml:69 msgid "" "The configuration file <filename>sssd.conf</filename> will include " "configuration snippets using the include directory <filename>conf.d</" @@ -166,7 +171,7 @@ msgstr "" "налаштувань з каталогу <filename>conf.d</filename>." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:76 +#: sssd.conf.5.xml:75 msgid "" "Any file placed in <filename>conf.d</filename> that ends in " "<quote><filename>.conf</filename></quote> and does not begin with a dot " @@ -179,7 +184,7 @@ msgstr "" "filename> для налаштовування SSSD." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:84 +#: sssd.conf.5.xml:83 msgid "" "The configuration snippets from <filename>conf.d</filename> have higher " "priority than <filename>sssd.conf</filename> and will override " @@ -200,7 +205,7 @@ msgstr "" "пріоритетності (більше число означає вищу пріоритетність)." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:98 +#: sssd.conf.5.xml:97 msgid "" "The snippet files require the same owner and permissions as <filename>sssd." "conf</filename>." @@ -209,34 +214,34 @@ msgstr "" "доступу із файлом <filename>sssd.conf</filename>." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:104 +#: sssd.conf.5.xml:103 msgid "GENERAL OPTIONS" msgstr "ЗАГАЛЬНІ ПАРАМЕТРИ" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:106 +#: sssd.conf.5.xml:105 msgid "Following options are usable in more than one configuration sections." msgstr "" "Нижче наведено параметри, які можна використовувати у декількох розділах " "налаштувань." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:110 +#: sssd.conf.5.xml:109 msgid "Options usable in all sections" msgstr "Параметри, які можна використовувати у всіх розділах" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:114 +#: sssd.conf.5.xml:113 msgid "debug_level (integer)" msgstr "debug_level (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:118 +#: sssd.conf.5.xml:117 msgid "debug (integer)" msgstr "debug (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:121 +#: sssd.conf.5.xml:120 msgid "" "SSSD 1.14 and later also includes the <replaceable>debug</replaceable> alias " "for <replaceable>debug_level</replaceable> as a convenience feature. If both " @@ -249,12 +254,12 @@ msgstr "" "буде використано варіант <replaceable>debug_level</replaceable>." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:131 +#: sssd.conf.5.xml:130 msgid "debug_timestamps (bool)" msgstr "debug_timestamps (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:134 +#: sssd.conf.5.xml:133 msgid "" "Add a timestamp to the debug messages. If journald is enabled for SSSD " "debug logging this option is ignored." @@ -264,23 +269,23 @@ msgstr "" "проігноровано." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 sssd.conf.5.xml:176 sssd.conf.5.xml:338 -#: sssd.conf.5.xml:698 sssd.conf.5.xml:713 sssd.conf.5.xml:923 -#: sssd.conf.5.xml:1041 sssd.conf.5.xml:2169 sssd-ldap.5.xml:920 -#: sssd-ldap.5.xml:1074 sssd-ldap.5.xml:1177 sssd-ldap.5.xml:1246 -#: sssd-ldap.5.xml:1654 sssd-ldap.5.xml:1788 sssd-ldap.5.xml:1853 -#: sssd-ipa.5.xml:347 sssd-ad.5.xml:252 sssd-ad.5.xml:367 sssd-ad.5.xml:1201 -#: sssd-ad.5.xml:1354 sssd-krb5.5.xml:358 +#: sssd.conf.5.xml:138 sssd.conf.5.xml:175 sssd.conf.5.xml:337 +#: sssd.conf.5.xml:701 sssd.conf.5.xml:716 sssd.conf.5.xml:926 +#: sssd.conf.5.xml:1044 sssd.conf.5.xml:2172 sssd-ldap.5.xml:931 +#: sssd-ldap.5.xml:1085 sssd-ldap.5.xml:1188 sssd-ldap.5.xml:1257 +#: sssd-ldap.5.xml:1665 sssd-ldap.5.xml:1799 sssd-ldap.5.xml:1864 +#: sssd-ipa.5.xml:361 sssd-ad.5.xml:252 sssd-ad.5.xml:367 sssd-ad.5.xml:1204 +#: sssd-ad.5.xml:1371 sssd-krb5.5.xml:358 msgid "Default: true" msgstr "Типове значення: true" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:144 +#: sssd.conf.5.xml:143 msgid "debug_microseconds (bool)" msgstr "debug_microseconds (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:147 +#: sssd.conf.5.xml:146 msgid "" "Add microseconds to the timestamp in debug messages. If journald is enabled " "for SSSD debug logging this option is ignored." @@ -290,27 +295,27 @@ msgstr "" "journald, цей параметр буде проігноровано." #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:152 sssd.conf.5.xml:636 sssd.conf.5.xml:920 -#: sssd.conf.5.xml:2072 sssd.conf.5.xml:2139 sssd.conf.5.xml:4231 -#: sssd-ldap.5.xml:313 sssd-ldap.5.xml:939 sssd-ldap.5.xml:1149 -#: sssd-ldap.5.xml:1603 sssd-ldap.5.xml:1877 sssd-ipa.5.xml:152 -#: sssd-ipa.5.xml:254 sssd-ipa.5.xml:662 sssd-ad.5.xml:1107 sssd-krb5.5.xml:268 +#: sssd.conf.5.xml:151 sssd.conf.5.xml:639 sssd.conf.5.xml:923 +#: sssd.conf.5.xml:2075 sssd.conf.5.xml:2142 sssd.conf.5.xml:4234 +#: sssd-ldap.5.xml:324 sssd-ldap.5.xml:950 sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1888 sssd-ipa.5.xml:152 +#: sssd-ipa.5.xml:254 sssd-ipa.5.xml:726 sssd-ad.5.xml:1107 sssd-krb5.5.xml:268 #: sssd-krb5.5.xml:330 sssd-krb5.5.xml:432 include/krb5_options.xml:163 msgid "Default: false" msgstr "Типове значення: false" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:157 +#: sssd.conf.5.xml:156 msgid "debug_backtrace_enabled (bool)" msgstr "debug_backtrace_enabled (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:160 +#: sssd.conf.5.xml:159 msgid "Enable debug backtrace." msgstr "Увімкнути діагностичне зворотне трасування." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:163 +#: sssd.conf.5.xml:162 msgid "" "In case SSSD is run with debug_level less than 9, everything is logged to a " "ring buffer in memory and flushed to a log file on any error up to and " @@ -326,7 +331,7 @@ msgstr "" "помилки рівнів до 2)." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:172 +#: sssd.conf.5.xml:171 msgid "" "Feature is only supported for `logger == files` (i.e. setting doesn't have " "effect for other logger types)." @@ -335,8 +340,8 @@ msgstr "" "встановлення цього значення не впливає на інші типи журналювання)." #. type: Content of: outside any tag (error?) -#: sssd.conf.5.xml:112 sssd.conf.5.xml:187 sssd-ldap.5.xml:1694 -#: sssd-ldap.5.xml:1900 sss-certmap.5.xml:645 sssd-systemtap.5.xml:82 +#: sssd.conf.5.xml:111 sssd.conf.5.xml:186 sssd-ldap.5.xml:1705 +#: sssd-ldap.5.xml:1911 sss-certmap.5.xml:645 sssd-systemtap.5.xml:82 #: sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 #: sssd-systemtap.5.xml:330 sssd-ldap-attributes.5.xml:40 #: sssd-ldap-attributes.5.xml:661 sssd-ldap-attributes.5.xml:803 @@ -348,17 +353,17 @@ msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:185 +#: sssd.conf.5.xml:184 msgid "Options usable in SERVICE and DOMAIN sections" msgstr "Параметри які можна використовувати у розділах SERVICE та DOMAIN" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:189 +#: sssd.conf.5.xml:188 msgid "timeout (integer)" msgstr "timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:192 +#: sssd.conf.5.xml:191 msgid "" "Timeout in seconds between heartbeats for this service. This is used to " "ensure that the process is alive and capable of answering requests. Note " @@ -370,33 +375,33 @@ msgstr "" "самостійно." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:199 sssd.conf.5.xml:1261 sssd.conf.5.xml:1738 -#: sssd.conf.5.xml:4247 sssd-ldap.5.xml:766 include/ldap_id_mapping.xml:270 +#: sssd.conf.5.xml:198 sssd.conf.5.xml:1264 sssd.conf.5.xml:1741 +#: sssd.conf.5.xml:4250 sssd-ldap.5.xml:777 include/ldap_id_mapping.xml:270 msgid "Default: 10" msgstr "Типове значення: 10" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:209 +#: sssd.conf.5.xml:208 msgid "SPECIAL SECTIONS" msgstr "ОСОБЛИВІ РОЗДІЛИ" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:212 +#: sssd.conf.5.xml:211 msgid "The [sssd] section" msgstr "Розділ [sssd]" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><title> -#: sssd.conf.5.xml:221 +#: sssd.conf.5.xml:220 msgid "Section parameters" msgstr "Параметри розділу" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:223 +#: sssd.conf.5.xml:222 msgid "services" msgstr "services" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:226 +#: sssd.conf.5.xml:225 msgid "" "Comma separated list of services that are started when sssd itself starts. " "<phrase condition=\"have_systemd\"> The services' list is optional on " @@ -409,7 +414,7 @@ msgstr "" "допомогою сокетів або D-Bus.</phrase>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:235 +#: sssd.conf.5.xml:234 #, fuzzy #| msgid "" #| "Supported services: nss, pam <phrase condition=\"with_sudo\">, sudo</" @@ -430,7 +435,7 @@ msgstr "" "condition=\"with_ifp\">, ifp</phrase>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:242 +#: sssd.conf.5.xml:241 msgid "" "<phrase condition=\"have_systemd\"> By default, all services are disabled " "and the administrator must enable the ones allowed to be used by executing: " @@ -441,12 +446,12 @@ msgstr "" "\"systemctl enable sssd-@service@.socket\". </phrase>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:251 +#: sssd.conf.5.xml:250 msgid "domains" msgstr "domains" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:254 +#: sssd.conf.5.xml:253 msgid "" "A domain is a database containing user information. SSSD can use more " "domains at the same time, but at least one must be configured or SSSD won't " @@ -464,12 +469,12 @@ msgstr "" "використовувати символ «/»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:267 sssd.conf.5.xml:3535 +#: sssd.conf.5.xml:266 sssd.conf.5.xml:3538 msgid "re_expression (string)" msgstr "re_expression (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:270 +#: sssd.conf.5.xml:269 msgid "" "Default regular expression that describes how to parse the string containing " "user name and domain into these components." @@ -478,7 +483,7 @@ msgstr "" "користувача і доменом на його частини." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:275 +#: sssd.conf.5.xml:274 msgid "" "Each domain can have an individual regular expression configured. For some " "ID providers there are also default regular expressions. See DOMAIN SECTIONS " @@ -490,12 +495,12 @@ msgstr "" "ДОМЕНІВ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:284 sssd.conf.5.xml:3592 +#: sssd.conf.5.xml:283 sssd.conf.5.xml:3595 msgid "full_name_format (string)" msgstr "full_name_format (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:3595 +#: sssd.conf.5.xml:286 sssd.conf.5.xml:3598 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -507,32 +512,32 @@ msgstr "" "домену." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:298 sssd.conf.5.xml:3606 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:3609 msgid "%1$s" msgstr "%1$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 sssd.conf.5.xml:3607 +#: sssd.conf.5.xml:298 sssd.conf.5.xml:3610 msgid "user name" msgstr "ім’я користувача" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:302 sssd.conf.5.xml:3610 +#: sssd.conf.5.xml:301 sssd.conf.5.xml:3613 msgid "%2$s" msgstr "%2$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:305 sssd.conf.5.xml:3613 +#: sssd.conf.5.xml:304 sssd.conf.5.xml:3616 msgid "domain name as specified in the SSSD config file." msgstr "назва домену у форматі, вказаному у файлі налаштувань SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:311 sssd.conf.5.xml:3619 +#: sssd.conf.5.xml:310 sssd.conf.5.xml:3622 msgid "%3$s" msgstr "%3$s" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:314 sssd.conf.5.xml:3622 +#: sssd.conf.5.xml:313 sssd.conf.5.xml:3625 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." @@ -541,7 +546,7 @@ msgstr "" "Directory, налаштованих та автоматично виявлених за зв’язками довіри IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:295 sssd.conf.5.xml:3603 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:3606 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -550,7 +555,7 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:324 +#: sssd.conf.5.xml:323 msgid "" "Each domain can have an individual format string configured. See DOMAIN " "SECTIONS for more info on this option." @@ -559,12 +564,12 @@ msgstr "" "про ці рядки можна дізнатися з довідки до РОЗДІЛІВ ДОМЕНІВ." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:330 +#: sssd.conf.5.xml:329 msgid "monitor_resolv_conf (boolean)" msgstr "monitor_resolv_conf (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:333 +#: sssd.conf.5.xml:332 msgid "" "Controls if SSSD should monitor the state of resolv.conf to identify when it " "needs to update its internal DNS resolver." @@ -573,12 +578,12 @@ msgstr "" "моменту, коли слід оновити дані вбудованого інструмента визначення DNS." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:343 +#: sssd.conf.5.xml:342 msgid "try_inotify (boolean)" msgstr "try_inotify (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:346 +#: sssd.conf.5.xml:345 msgid "" "By default, SSSD will attempt to use inotify to monitor configuration files " "changes and will fall back to polling every five seconds if inotify cannot " @@ -589,7 +594,7 @@ msgstr "" "виконуватиметься опитування resolv.conf кожні п’ять секунд." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:352 +#: sssd.conf.5.xml:351 msgid "" "There are some limited situations where it is preferred that we should skip " "even trying to use inotify. In these rare cases, this option should be set " @@ -599,7 +604,7 @@ msgstr "" "рідкісних випадках слід встановити для цього параметра значення «false»." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:358 +#: sssd.conf.5.xml:357 msgid "" "Default: true on platforms where inotify is supported. False on other " "platforms." @@ -608,7 +613,7 @@ msgstr "" "інших платформах." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:362 +#: sssd.conf.5.xml:361 msgid "" "Note: this option will have no effect on platforms where inotify is " "unavailable. On these platforms, polling will always be used." @@ -618,12 +623,12 @@ msgstr "" "опитування файла." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 +#: sssd.conf.5.xml:368 msgid "krb5_rcache_dir (string)" msgstr "krb5_rcache_dir (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 +#: sssd.conf.5.xml:371 msgid "" "Directory on the filesystem where SSSD should store Kerberos replay cache " "files." @@ -632,7 +637,7 @@ msgstr "" "Kerberos." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:376 +#: sssd.conf.5.xml:375 msgid "" "This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " "SSSD to let libkrb5 decide the appropriate location for the replay cache." @@ -642,7 +647,7 @@ msgstr "" "для кешу відтворення." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:382 +#: sssd.conf.5.xml:381 msgid "" "Default: Distribution-specific and specified at build-time. " "(__LIBKRB5_DEFAULTS__ if not configured)" @@ -651,12 +656,12 @@ msgstr "" "(__LIBKRB5_DEFAULTS__, якщо не вказано)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:389 +#: sssd.conf.5.xml:388 msgid "user (string)" msgstr "user (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:392 +#: sssd.conf.5.xml:391 msgid "" "A legacy (deprecated) method to configure the user to drop the privileges to " "where appropriate to avoid running as the root user. The only supported " @@ -667,7 +672,7 @@ msgstr "" "підтримуваним значенням є «&sssd_user_name;»." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 +#: sssd.conf.5.xml:398 msgid "" "This option is ignored if main SSSD process is started under non-root user " "initially (preferred method)." @@ -676,7 +681,7 @@ msgstr "" "запущено від імені користувача, відмінного від root (бажаний спосіб)." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:404 +#: sssd.conf.5.xml:403 msgid "" "This option doesn't apply to socket activated services, as in this case the " "user to run the processes is configured in systemd service files. Keep in " @@ -692,17 +697,24 @@ msgstr "" "«&sssd_user_name;», або від імені «root»." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:415 +#: sssd.conf.5.xml:414 msgid "Default: not set, process will run as root" msgstr "Типове значення: не встановлено, процес буде запущено від імені root" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:420 +#: sssd.conf.5.xml:419 msgid "default_domain_suffix (string)" msgstr "default_domain_suffix (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:423 +#: sssd.conf.5.xml:422 +msgid "" +"Please note that this option is deprecated and domain_resolution_order " +"should be used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:426 msgid "" "This string will be used as a default domain name for all names without a " "domain name component. The main use case is environments where the primary " @@ -718,7 +730,7 @@ msgstr "" "лише імені користувача без додавання до нього назви домену." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 +#: sssd.conf.5.xml:436 msgid "" "Please note that if this option is set all users from the primary domain " "have to use their fully qualified name, e.g. user@domain.name, to log in. " @@ -742,8 +754,8 @@ msgstr "" "default_domain_suffix.</phrase>" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:450 sssd-ldap.5.xml:878 sssd-ldap.5.xml:890 -#: sssd-ldap.5.xml:983 sssd-ad.5.xml:921 sssd-ad.5.xml:996 sssd-krb5.5.xml:468 +#: sssd.conf.5.xml:453 sssd-ldap.5.xml:889 sssd-ldap.5.xml:901 +#: sssd-ldap.5.xml:994 sssd-ad.5.xml:921 sssd-ad.5.xml:996 sssd-krb5.5.xml:468 #: sssd-ldap-attributes.5.xml:470 sssd-ldap-attributes.5.xml:978 #: include/ldap_id_mapping.xml:211 include/ldap_id_mapping.xml:222 #: include/krb5_options.xml:148 @@ -751,12 +763,12 @@ msgid "Default: not set" msgstr "Типове значення: not set" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:455 +#: sssd.conf.5.xml:458 msgid "override_space (string)" msgstr "override_space (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:458 +#: sssd.conf.5.xml:461 msgid "" "This parameter will replace spaces (space bar) with the given character for " "user and group names. e.g. (_). User name "john doe" will be " @@ -771,7 +783,7 @@ msgstr "" "через типовий роздільник полів у оболонці." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:467 +#: sssd.conf.5.xml:470 msgid "" "Please note it is a configuration error to use a replacement character that " "might be used in user or group names. If a name contains the replacement " @@ -784,22 +796,22 @@ msgstr "" "але, загалом, результат пошуку буде невизначеним." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:475 +#: sssd.conf.5.xml:478 msgid "Default: not set (spaces will not be replaced)" msgstr "Типове значення: не встановлено (пробіли не замінятимуться)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:480 +#: sssd.conf.5.xml:483 msgid "certificate_verification (string)" msgstr "certificate_verification (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:488 +#: sssd.conf.5.xml:491 msgid "no_ocsp" msgstr "no_ocsp" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:490 +#: sssd.conf.5.xml:493 msgid "" "Disables Online Certificate Status Protocol (OCSP) checks. This might be " "needed if the OCSP servers defined in the certificate are not reachable from " @@ -810,12 +822,12 @@ msgstr "" "у сертифікаті, є недоступними з клієнта." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:498 +#: sssd.conf.5.xml:501 msgid "soft_ocsp" msgstr "soft_ocsp" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:500 +#: sssd.conf.5.xml:503 msgid "" "If a connection cannot be established to an OCSP responder the OCSP check is " "skipped. This option should be used to allow authentication when the system " @@ -827,12 +839,12 @@ msgstr "" "недоступним." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:510 +#: sssd.conf.5.xml:513 msgid "ocsp_dgst" msgstr "ocsp_dgst" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:512 +#: sssd.conf.5.xml:515 msgid "" "Digest (hash) function used to create the certificate ID for the OCSP " "request. Allowed values are:" @@ -841,39 +853,39 @@ msgstr "" "створення ідентифікатора сертифіката для запиту OCSP. Можливі значення:" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:516 +#: sssd.conf.5.xml:519 msgid "sha1" msgstr "sha1" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:517 +#: sssd.conf.5.xml:520 msgid "sha256" msgstr "sha256" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:518 +#: sssd.conf.5.xml:521 msgid "sha384" msgstr "sha384" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:519 +#: sssd.conf.5.xml:522 msgid "sha512" msgstr "sha512" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:522 +#: sssd.conf.5.xml:525 msgid "Default: sha1 (to allow compatibility with RFC5019-compliant responder)" msgstr "" "Типове значення: sha1 (для уможливлення сумісності із відповідачем, який є " "сумісним із RFC5019)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:528 +#: sssd.conf.5.xml:531 msgid "no_verification" msgstr "no_verification" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:530 +#: sssd.conf.5.xml:533 msgid "" "Disables verification completely. This option should only be used for " "testing." @@ -882,12 +894,12 @@ msgstr "" "тестування." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:536 +#: sssd.conf.5.xml:539 msgid "partial_chain" msgstr "partial_chain" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:538 +#: sssd.conf.5.xml:541 msgid "" "Allow verification to succeed even if a <replaceable>complete</replaceable> " "chain cannot be built to a self-signed trust-anchor, provided it is possible " @@ -899,12 +911,12 @@ msgstr "" "бути не самопідписаним." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:547 +#: sssd.conf.5.xml:550 msgid "ocsp_default_responder=URL" msgstr "ocsp_default_responder=URL" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:549 +#: sssd.conf.5.xml:552 msgid "" "Sets the OCSP default responder which should be used instead of the one " "mentioned in the certificate. URL must be replaced with the URL of the OCSP " @@ -915,12 +927,12 @@ msgstr "" "відповідача, наприклад http://example.com:80/ocsp." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:559 +#: sssd.conf.5.xml:562 msgid "ocsp_default_responder_signing_cert=NAME" msgstr "ocsp_default_responder_signing_cert=НАЗВА" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:561 +#: sssd.conf.5.xml:564 msgid "" "This option is currently ignored. All needed certificates must be available " "in the PEM file given by pam_cert_db_path." @@ -929,12 +941,12 @@ msgstr "" "мають бути у файлі PEM, який вказано параметром pam_cert_db_path." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:569 +#: sssd.conf.5.xml:572 msgid "crl_file=/PATH/TO/CRL/FILE" msgstr "crl_file=/ШЛЯХ/ДО/ФАЙЛА/CRL" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:571 +#: sssd.conf.5.xml:574 msgid "" "Use the Certificate Revocation List (CRL) from the given file during the " "verification of the certificate. The CRL must be given in PEM format, see " @@ -947,12 +959,12 @@ msgstr "" "manvolnum> </citerefentry>, щоб дізнатися більше." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:584 +#: sssd.conf.5.xml:587 msgid "soft_crl" msgstr "soft_crl" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:587 +#: sssd.conf.5.xml:590 msgid "" "If a Certificate Revocation List (CRL) is expired ignore the expiration " "time of the CRL and check the related certificates with the expired CRL. " @@ -965,7 +977,7 @@ msgstr "" "автономному режимі, коли оновлення CRL є неможливим." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:483 +#: sssd.conf.5.xml:486 msgid "" "With this parameter the certificate verification can be tuned with a comma " "separated list of options. Supported options are: <placeholder " @@ -976,26 +988,26 @@ msgstr "" "параметри: <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 +#: sssd.conf.5.xml:603 msgid "Unknown options are reported but ignored." msgstr "" "Обробник параметрів повідомлятиме про невідомі параметри і просто " "ігноруватиме їх." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:603 +#: sssd.conf.5.xml:606 msgid "Default: not set, i.e. do not restrict certificate verification" msgstr "" "Типове значення: не встановлено, тобто перевірка сертифікатів нічим не " "обмежуватиметься" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:609 +#: sssd.conf.5.xml:612 msgid "disable_netlink (boolean)" msgstr "disable_netlink (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:612 +#: sssd.conf.5.xml:615 msgid "" "SSSD hooks into the netlink interface to monitor changes to routes, " "addresses, links and trigger certain actions." @@ -1004,7 +1016,7 @@ msgstr "" "адресах, посилання та виконання певних дій." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 +#: sssd.conf.5.xml:620 msgid "" "The SSSD state changes caused by netlink events may be undesirable and can " "be disabled by setting this option to 'true'" @@ -1013,17 +1025,17 @@ msgstr "" "можна вимкнути встановленням для цього параметра значення «true»" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:622 +#: sssd.conf.5.xml:625 msgid "Default: false (netlink changes are detected)" msgstr "Типове значення: false (виявлення змін у netlink)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:627 +#: sssd.conf.5.xml:630 msgid "enable_files_domain (boolean)" msgstr "enable_files_domain (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:630 +#: sssd.conf.5.xml:633 msgid "" "When this option is enabled, SSSD prepends an implicit domain with " "<quote>id_provider=files</quote> before any explicitly configured domains." @@ -1032,12 +1044,12 @@ msgstr "" "<quote>id_provider=files</quote> до усіх явним чином налаштованих доменів." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:641 +#: sssd.conf.5.xml:644 msgid "domain_resolution_order" msgstr "domain_resolution_order" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:644 +#: sssd.conf.5.xml:647 msgid "" "Comma separated list of domains and subdomains representing the lookup order " "that will be followed. The list doesn't have to include all possible " @@ -1054,7 +1066,7 @@ msgstr "" "відбуватиметься у випадковому порядку для кожного батьківського домену." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:656 +#: sssd.conf.5.xml:659 msgid "" "Please, note that when this option is set the output format of all commands " "is always fully-qualified even when using short names for input <phrase " @@ -1087,18 +1099,18 @@ msgstr "" "різних доменах можуть бути однаковими." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:684 sssd.conf.5.xml:1762 sssd.conf.5.xml:4297 +#: sssd.conf.5.xml:687 sssd.conf.5.xml:1765 sssd.conf.5.xml:4300 #: sssd-ad.5.xml:187 sssd-ad.5.xml:328 sssd-ad.5.xml:342 msgid "Default: Not set" msgstr "Типове значення: не встановлено" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:692 msgid "implicit_pac_responder (boolean)" msgstr "implicit_pac_responder (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 +#: sssd.conf.5.xml:695 msgid "" "The PAC responder is enabled automatically for the IPA and AD provider to " "evaluate and check the PAC. If it has to be disabled set this option to " @@ -1109,12 +1121,12 @@ msgstr "" "цього параметра значення «false»." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:703 +#: sssd.conf.5.xml:706 msgid "core_dumpable (boolean)" msgstr "core_dumpable (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:706 +#: sssd.conf.5.xml:709 msgid "" "This option can be used for general system hardening: setting it to 'false' " "forbids core dumps for all SSSD processes to avoid leaking plain text " @@ -1127,17 +1139,17 @@ msgstr "" "більше." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:718 +#: sssd.conf.5.xml:721 msgid "passkey_verification (string)" msgstr "passkey_verification (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:726 +#: sssd.conf.5.xml:729 msgid "user_verification (boolean)" msgstr "user_verification (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 +#: sssd.conf.5.xml:731 msgid "" "Enable or disable the user verification (i.e. PIN, fingerprint) during " "authentication. If enabled, the PIN will always be requested." @@ -1146,7 +1158,7 @@ msgstr "" "розпізнавання. Якщо увімкнено, програма завжди надсилатиме запит щодо PIN." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 +#: sssd.conf.5.xml:737 msgid "" "The default is that the key settings decide what to do. In the IPA or " "kerberos pre-authentication case, this value will be overwritten by the " @@ -1157,7 +1169,7 @@ msgstr "" "перезаписано сервером." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:721 +#: sssd.conf.5.xml:724 msgid "" "With this parameter the passkey verification can be tuned with a comma " "separated list of options. Supported options are: <placeholder " @@ -1168,7 +1180,7 @@ msgstr "" "параметри: <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:214 +#: sssd.conf.5.xml:213 msgid "" "Individual pieces of SSSD functionality are provided by special SSSD " "services that are started and stopped together with SSSD. The services are " @@ -1184,12 +1196,12 @@ msgstr "" "профілів. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:753 +#: sssd.conf.5.xml:756 msgid "SERVICES SECTIONS" msgstr "РОЗДІЛИ СЛУЖБ" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:755 +#: sssd.conf.5.xml:758 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -1202,22 +1214,22 @@ msgstr "" "у розділі <quote>[nss]</quote>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:762 +#: sssd.conf.5.xml:765 msgid "General service configuration options" msgstr "Загальні параметри налаштування служб" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:764 +#: sssd.conf.5.xml:767 msgid "These options can be used to configure any service." msgstr "Цими параметрами можна скористатися для налаштування будь-яких служб." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:768 +#: sssd.conf.5.xml:771 msgid "fd_limit" msgstr "fd_limit" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:771 +#: sssd.conf.5.xml:774 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -1233,17 +1245,17 @@ msgstr "" "цього параметра і обмеженням \"hard\" у limits.conf." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:780 +#: sssd.conf.5.xml:783 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "Типове значення: 8192 (або обмеження у limits.conf \"hard\")" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:785 +#: sssd.conf.5.xml:788 msgid "client_idle_timeout" msgstr "client_idle_timeout" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:788 +#: sssd.conf.5.xml:791 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " @@ -1259,17 +1271,17 @@ msgstr "" "до 10 секунд." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:797 +#: sssd.conf.5.xml:800 msgid "Default: 60, KCM: 300" msgstr "Типове значення: 60, KCM: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 +#: sssd.conf.5.xml:805 msgid "offline_timeout (integer)" msgstr "offline_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 +#: sssd.conf.5.xml:808 msgid "" "When SSSD switches to offline mode the amount of time before it tries to go " "back online will increase based upon the time spent disconnected. By " @@ -1287,7 +1299,7 @@ msgstr "" "із мережею нове значення обчислюється за такою формулою:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:816 sssd.conf.5.xml:872 +#: sssd.conf.5.xml:819 sssd.conf.5.xml:875 msgid "" "new_delay = Minimum(old_delay * 2, offline_timeout_max) + random[0..." "offline_timeout_random_offset]" @@ -1296,7 +1308,7 @@ msgstr "" "offline_timeout_random_offset]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:822 msgid "" "The offline_timeout default value is 60. The offline_timeout_max default " "value is 3600. The offline_timeout_random_offset default value is 30. The " @@ -1307,7 +1319,7 @@ msgstr "" "є 30. Кінцевий результат є кількістю секунд до наступної повторної спроби." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:825 +#: sssd.conf.5.xml:828 msgid "" "Note that the maximum length of each interval is defined by " "offline_timeout_max (apart of random part)." @@ -1316,18 +1328,18 @@ msgstr "" "offline_timeout_max (окрім випадкової частини)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:829 sssd.conf.5.xml:1172 sssd.conf.5.xml:1555 -#: sssd.conf.5.xml:1851 sssd-ldap.5.xml:495 +#: sssd.conf.5.xml:832 sssd.conf.5.xml:1175 sssd.conf.5.xml:1558 +#: sssd.conf.5.xml:1854 sssd-ldap.5.xml:506 msgid "Default: 60" msgstr "Типове значення: 60" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:834 +#: sssd.conf.5.xml:837 msgid "offline_timeout_max (integer)" msgstr "offline_timeout_max (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:837 +#: sssd.conf.5.xml:840 msgid "" "Controls by how much the time between attempts to go online can be " "incremented following unsuccessful attempts to go online." @@ -1336,12 +1348,12 @@ msgstr "" "з'єднання із мережею після неуспішних спроби відновити з'єднання." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:842 +#: sssd.conf.5.xml:845 msgid "A value of 0 disables the incrementing behaviour." msgstr "Значення 0 вимикає збільшення проміжку часу." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:845 +#: sssd.conf.5.xml:848 msgid "" "The value of this parameter should be set in correlation to offline_timeout " "parameter value." @@ -1350,7 +1362,7 @@ msgstr "" "параметра offline_timeout." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:849 +#: sssd.conf.5.xml:852 msgid "" "With offline_timeout set to 60 (default value) there is no point in setting " "offlinet_timeout_max to less than 120 as it will saturate instantly. General " @@ -1364,7 +1376,7 @@ msgstr "" "offline_timeout_max, яке є принаймні учетверо більшим за offline_timeout." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:858 msgid "" "Although a value between 0 and offline_timeout may be specified, it has the " "effect of overriding the offline_timeout value so is of little use." @@ -1373,17 +1385,17 @@ msgstr "" "стане перевизначення значення offline_timeout, тому не варто цього робити." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:863 msgid "Default: 3600" msgstr "Типове значення: 3600" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:865 +#: sssd.conf.5.xml:868 msgid "offline_timeout_random_offset (integer)" msgstr "offline_timeout_random_offset (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:868 +#: sssd.conf.5.xml:871 msgid "" "When SSSD is in offline mode it keeps probing backend servers in specified " "time intervals:" @@ -1392,7 +1404,7 @@ msgstr "" "обробників із вказаними інтервалами часу:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:875 +#: sssd.conf.5.xml:878 msgid "" "This parameter controls the value of the random offset used for the above " "equation. Final random_offset value will be random number in range:" @@ -1402,27 +1414,27 @@ msgstr "" "числом у такому діапазоні:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:880 +#: sssd.conf.5.xml:883 msgid "[0 - offline_timeout_random_offset]" msgstr "[0 - offline_timeout_random_offset]" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:883 +#: sssd.conf.5.xml:886 msgid "A value of 0 disables the random offset addition." msgstr "Значення 0 призводить до вимикання додавання випадкового зсуву." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:886 +#: sssd.conf.5.xml:889 msgid "Default: 30" msgstr "Типове значення: 30" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:894 msgid "responder_idle_timeout" msgstr "responder_idle_timeout" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:894 +#: sssd.conf.5.xml:897 msgid "" "This option specifies the number of seconds that an SSSD responder process " "can be up without being used. This value is limited in order to avoid " @@ -1441,18 +1453,18 @@ msgstr "" "і якщо служби активуються за допомогою або сокетів або D-Bus." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:908 sssd.conf.5.xml:1185 sssd.conf.5.xml:2304 -#: sssd-ldap.5.xml:332 +#: sssd.conf.5.xml:911 sssd.conf.5.xml:1188 sssd.conf.5.xml:2307 +#: sssd-ldap.5.xml:343 msgid "Default: 300" msgstr "Типове значення: 300" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:913 +#: sssd.conf.5.xml:916 msgid "cache_first" msgstr "cache_first" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:916 +#: sssd.conf.5.xml:919 msgid "" "This option specifies whether the responder should query all caches before " "querying the Data Providers." @@ -1461,12 +1473,12 @@ msgstr "" "запису до модулів засобів надання даних." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:934 msgid "NSS configuration options" msgstr "Параметри налаштування NSS" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:933 +#: sssd.conf.5.xml:936 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" @@ -1474,12 +1486,12 @@ msgstr "" "Switch (NSS або перемикання служби визначення назв)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:938 +#: sssd.conf.5.xml:941 msgid "enum_cache_timeout (integer)" msgstr "enum_cache_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:941 +#: sssd.conf.5.xml:944 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" @@ -1488,17 +1500,17 @@ msgstr "" "кеші nss_sss у секундах" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:945 +#: sssd.conf.5.xml:948 msgid "Default: 120" msgstr "Типове значення: 120" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:950 +#: sssd.conf.5.xml:953 msgid "entry_cache_nowait_percentage (integer)" msgstr "entry_cache_nowait_percentage (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:956 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -1509,7 +1521,7 @@ msgstr "" "entry_cache_timeout для домену період часу." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:959 +#: sssd.conf.5.xml:962 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -1524,7 +1536,7 @@ msgstr "" "розблокування після оновлення кешу." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:969 +#: sssd.conf.5.xml:972 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -1538,17 +1550,17 @@ msgstr "" "можливість." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:977 sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:980 sssd.conf.5.xml:2096 msgid "Default: 50" msgstr "Типове значення: 50" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:985 msgid "entry_negative_timeout (integer)" msgstr "entry_negative_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:985 +#: sssd.conf.5.xml:988 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -1559,17 +1571,17 @@ msgstr "" "даних, зокрема неіснуючих) перед повторним запитом до сервера обробки." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:991 sssd.conf.5.xml:1750 sssd.conf.5.xml:2117 +#: sssd.conf.5.xml:994 sssd.conf.5.xml:1753 sssd.conf.5.xml:2120 msgid "Default: 15" msgstr "Типове значення: 15" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:996 +#: sssd.conf.5.xml:999 msgid "local_negative_timeout (integer)" msgstr "local_negative_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:999 +#: sssd.conf.5.xml:1002 msgid "" "Specifies for how many seconds nss_sss should keep local users and groups in " "negative cache before trying to look it up in the back end again. Setting " @@ -1581,17 +1593,17 @@ msgstr "" "цю можливість." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1005 +#: sssd.conf.5.xml:1008 msgid "Default: 14400 (4 hours)" msgstr "Типове значення: 14400 (4 години)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1013 msgid "filter_users, filter_groups (string)" msgstr "filter_users, filter_groups (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1013 +#: sssd.conf.5.xml:1016 msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " @@ -1606,7 +1618,7 @@ msgstr "" "реєстраційного запису користувача (UPN)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1024 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1620,17 +1632,17 @@ msgstr "" "відфільтрованої групи." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1029 +#: sssd.conf.5.xml:1032 msgid "Default: root" msgstr "Типове значення: root" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1037 msgid "filter_users_in_groups (bool)" msgstr "filter_users_in_groups (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1037 +#: sssd.conf.5.xml:1040 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" @@ -1638,12 +1650,12 @@ msgstr "" "встановіть для цього параметра значення «false»." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1048 +#: sssd.conf.5.xml:1051 msgid "fallback_homedir (string)" msgstr "fallback_homedir (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 +#: sssd.conf.5.xml:1054 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." @@ -1652,7 +1664,7 @@ msgstr "" "каталог не вказано явним чином засобом надання даних домену." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1056 +#: sssd.conf.5.xml:1059 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" @@ -1660,7 +1672,7 @@ msgstr "" "для параметра override_homedir." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1062 +#: sssd.conf.5.xml:1065 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1670,25 +1682,25 @@ msgstr "" " " #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 sssd.conf.5.xml:1622 sssd.conf.5.xml:1641 -#: sssd.conf.5.xml:1718 sssd-krb5.5.xml:451 include/override_homedir.xml:66 +#: sssd.conf.5.xml:1063 sssd.conf.5.xml:1625 sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1721 sssd-krb5.5.xml:451 include/override_homedir.xml:66 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "приклад: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1069 msgid "Default: not set (no substitution for unset home directories)" msgstr "" "Типове значення: не встановлено (без замін для невстановлених домашніх " "каталогів)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1072 +#: sssd.conf.5.xml:1075 msgid "override_shell (string)" msgstr "override_shell (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 +#: sssd.conf.5.xml:1078 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1700,19 +1712,19 @@ msgstr "" "або для кожного з доменів окремо." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1084 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" "Типове значення: не встановлено (SSSD використовуватиме значення, отримане " "від LDAP)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1090 msgid "allowed_shells (string)" msgstr "allowed_shells (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1093 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" @@ -1720,13 +1732,13 @@ msgstr "" "визначення оболонки є таким:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:1096 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" "1. Якщо оболонку вказано у <quote>/etc/shells</quote>, її буде використано." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1097 +#: sssd.conf.5.xml:1100 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." @@ -1736,7 +1748,7 @@ msgstr "" "shell_fallback." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1105 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." @@ -1745,14 +1757,14 @@ msgstr "" "<quote>/etc/shells</quote>, буде використано оболонку nologin." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 +#: sssd.conf.5.xml:1110 msgid "The wildcard (*) can be used to allow any shell." msgstr "" "Для визначення будь-якої командної оболонки можна скористатися шаблоном " "заміни (*)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1110 +#: sssd.conf.5.xml:1113 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1764,12 +1776,12 @@ msgstr "" "справою." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1117 +#: sssd.conf.5.xml:1120 msgid "An empty string for shell is passed as-is to libc." msgstr "Порожній рядок оболонки буде передано без обробки до libc." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1123 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." @@ -1778,29 +1790,29 @@ msgstr "" "тобто у разі встановлення нової оболонки слід перезапустити SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1127 msgid "Default: Not set. The user shell is automatically used." msgstr "" "Типове значення: не встановлено. Автоматично використовується оболонка " "користувача." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1132 msgid "vetoed_shells (string)" msgstr "vetoed_shells (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1132 +#: sssd.conf.5.xml:1135 msgid "Replace any instance of these shells with the shell_fallback" msgstr "Замінити всі записи цих оболонок на shell_fallback" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1140 msgid "shell_fallback (string)" msgstr "shell_fallback (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1143 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" @@ -1808,17 +1820,17 @@ msgstr "" "системі не встановлено." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1147 msgid "Default: /bin/sh" msgstr "Типове значення: /bin/sh" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1152 msgid "default_shell" msgstr "default_shell" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1155 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." @@ -1828,7 +1840,7 @@ msgstr "" "або на загальному рівні у розділі [nss], або окремо для кожного з доменів." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1161 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" @@ -1838,12 +1850,12 @@ msgstr "" "зазвичай /bin/sh)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 sssd.conf.5.xml:1548 +#: sssd.conf.5.xml:1168 sssd.conf.5.xml:1551 msgid "get_domains_timeout (int)" msgstr "get_domains_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 sssd.conf.5.xml:1551 +#: sssd.conf.5.xml:1171 sssd.conf.5.xml:1554 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." @@ -1852,12 +1864,12 @@ msgstr "" "чинним." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1180 msgid "memcache_timeout (integer)" msgstr "memcache_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1180 +#: sssd.conf.5.xml:1183 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." @@ -1867,7 +1879,7 @@ msgstr "" "пам'яті." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1191 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." @@ -1876,8 +1888,8 @@ msgstr "" "варто користуватися лише для тестування." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 sssd.conf.5.xml:1219 sssd.conf.5.xml:1244 -#: sssd.conf.5.xml:1269 sssd.conf.5.xml:1296 +#: sssd.conf.5.xml:1197 sssd.conf.5.xml:1222 sssd.conf.5.xml:1247 +#: sssd.conf.5.xml:1272 sssd.conf.5.xml:1299 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." @@ -1887,12 +1899,12 @@ msgstr "" "пам’яті." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1202 +#: sssd.conf.5.xml:1205 msgid "memcache_size_passwd (integer)" msgstr "memcache_size_passwd (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1205 +#: sssd.conf.5.xml:1208 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for passwd requests. Setting the size to 0 will disable the passwd in-" @@ -1902,13 +1914,13 @@ msgstr "" "для запитів passwd. Встановлення розміру 0 вимкне кеш у пам'яті для passwd." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:2963 sssd-ldap.5.xml:549 +#: sssd.conf.5.xml:1214 sssd.conf.5.xml:2966 sssd-ldap.5.xml:560 msgid "Default: 8" msgstr "Типове значення: 8" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1214 sssd.conf.5.xml:1239 sssd.conf.5.xml:1264 -#: sssd.conf.5.xml:1291 +#: sssd.conf.5.xml:1217 sssd.conf.5.xml:1242 sssd.conf.5.xml:1267 +#: sssd.conf.5.xml:1294 msgid "" "WARNING: Disabled or too small in-memory cache can have significant negative " "impact on SSSD's performance." @@ -1917,12 +1929,12 @@ msgstr "" "значно погіршити швидкодію SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1230 msgid "memcache_size_group (integer)" msgstr "memcache_size_group (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1233 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for group requests. Setting the size to 0 will disable the group in-memory " @@ -1932,19 +1944,19 @@ msgstr "" "для запитів group. Встановлення розміру 0 вимкне кеш у пам'яті для group." #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1236 sssd.conf.5.xml:1288 sssd.conf.5.xml:3724 -#: sssd-ldap.5.xml:474 sssd-ldap.5.xml:526 include/failover.xml:116 +#: sssd.conf.5.xml:1239 sssd.conf.5.xml:1291 sssd.conf.5.xml:3727 +#: sssd-ldap.5.xml:485 sssd-ldap.5.xml:537 include/failover.xml:116 #: include/krb5_options.xml:11 msgid "Default: 6" msgstr "Типове значення: 6" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1252 +#: sssd.conf.5.xml:1255 msgid "memcache_size_initgroups (integer)" msgstr "memcache_size_initgroups (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1255 +#: sssd.conf.5.xml:1258 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for initgroups requests. Setting the size to 0 will disable the initgroups " @@ -1955,12 +1967,12 @@ msgstr "" "initgroups." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 +#: sssd.conf.5.xml:1280 msgid "memcache_size_sid (integer)" msgstr "memcache_size_sid (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 +#: sssd.conf.5.xml:1283 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for SID related requests. Only SID-by-ID and ID-by-SID requests are " @@ -1973,12 +1985,12 @@ msgstr "" "0 вимкне кеш у пам'яті для SID." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1304 sssd-ifp.5.xml:90 +#: sssd.conf.5.xml:1307 sssd-ifp.5.xml:90 msgid "user_attributes (string)" msgstr "user_attributes (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1307 +#: sssd.conf.5.xml:1310 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1995,7 +2007,7 @@ msgstr "" "manvolnum> </citerefentry>, щоб дізнатися більше), але без типових значень." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1320 +#: sssd.conf.5.xml:1323 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." @@ -2004,19 +2016,19 @@ msgstr "" "на те, чи не встановлено його для відповідача NSS." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1325 +#: sssd.conf.5.xml:1328 msgid "Default: not set, fallback to InfoPipe option" msgstr "" "Типове значення: не встановлено, резервне значення визначається за " "параметром InfoPipe" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1330 +#: sssd.conf.5.xml:1333 msgid "pwfield (string)" msgstr "pwfield (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1336 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." @@ -2025,12 +2037,12 @@ msgstr "" "груп, для поля <quote>password</quote>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1341 msgid "Default: <quote>*</quote>" msgstr "Типове значення: <quote>*</quote>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1341 +#: sssd.conf.5.xml:1344 msgid "" "Note: This option can also be set per-domain which overwrites the value in " "[nss] section." @@ -2040,7 +2052,7 @@ msgstr "" "розділі [nss]." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1348 msgid "" "Default: <quote>not set</quote> (remote domains), <phrase " "condition=\"with_files_provider\"> <quote>x</quote> (the files domain), </" @@ -2053,12 +2065,12 @@ msgstr "" "shadowutils)" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1360 msgid "PAM configuration options" msgstr "Параметри налаштування PAM" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1359 +#: sssd.conf.5.xml:1362 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." @@ -2067,12 +2079,12 @@ msgstr "" "Authentication Module (PAM або блокового модуля розпізнавання)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1364 +#: sssd.conf.5.xml:1367 msgid "offline_credentials_expiration (integer)" msgstr "offline_credentials_expiration (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1367 +#: sssd.conf.5.xml:1370 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." @@ -2082,17 +2094,17 @@ msgstr "" "входу до системи)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1372 sssd.conf.5.xml:1385 +#: sssd.conf.5.xml:1375 sssd.conf.5.xml:1388 msgid "Default: 0 (No limit)" msgstr "Типове значення: 0 (без обмежень)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1381 msgid "offline_failed_login_attempts (integer)" msgstr "offline_failed_login_attempts (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1384 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." @@ -2101,12 +2113,12 @@ msgstr "" "дозволену кількість спроб входу з визначенням помилкового пароля." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1391 +#: sssd.conf.5.xml:1394 msgid "offline_failed_login_delay (integer)" msgstr "offline_failed_login_delay (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1394 +#: sssd.conf.5.xml:1397 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." @@ -2116,7 +2128,7 @@ msgstr "" "системи." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1399 +#: sssd.conf.5.xml:1402 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -2128,17 +2140,17 @@ msgstr "" "увімкнути можливість автономного розпізнавання." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1405 sssd.conf.5.xml:1515 +#: sssd.conf.5.xml:1408 sssd.conf.5.xml:1518 msgid "Default: 5" msgstr "Типове значення: 5" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1411 +#: sssd.conf.5.xml:1414 msgid "pam_verbosity (integer)" msgstr "pam_verbosity (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1414 +#: sssd.conf.5.xml:1417 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." @@ -2147,43 +2159,43 @@ msgstr "" "розпізнавання. Чим більшим є значення, тим більше повідомлень буде показано." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1422 msgid "Currently sssd supports the following values:" msgstr "У поточній версії sssd передбачено підтримку таких значень:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1422 +#: sssd.conf.5.xml:1425 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "<emphasis>0</emphasis>: не показувати жодних повідомлень" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1425 +#: sssd.conf.5.xml:1428 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "<emphasis>1</emphasis>: показувати лише важливі повідомлення" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1432 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "<emphasis>2</emphasis>: показувати всі інформаційні повідомлення" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1435 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" "<emphasis>3</emphasis>: показувати всі повідомлення та діагностичні дані" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1436 sssd.8.xml:63 +#: sssd.conf.5.xml:1439 sssd.8.xml:63 msgid "Default: 1" msgstr "Типове значення: 1" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1442 +#: sssd.conf.5.xml:1445 msgid "pam_response_filter (string)" msgstr "pam_response_filter (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:1448 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -2197,7 +2209,7 @@ msgstr "" "встановлювати за допомогою pam_sss." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1453 +#: sssd.conf.5.xml:1456 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." @@ -2207,37 +2219,37 @@ msgstr "" "повідомлень." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1463 msgid "ENV" msgstr "ENV" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1461 +#: sssd.conf.5.xml:1464 msgid "Do not send any environment variables to any service." msgstr "Не надсилати жодних змінних середовища до жодної служби." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1464 +#: sssd.conf.5.xml:1467 msgid "ENV:var_name" msgstr "ENV:назва_змінної" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1465 +#: sssd.conf.5.xml:1468 msgid "Do not send environment variable var_name to any service." msgstr "Не надсилати змінної середовища назва_змінної до жодної служби." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:1472 msgid "ENV:var_name:service" msgstr "ENV:назва_змінної:служба" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1470 +#: sssd.conf.5.xml:1473 msgid "Do not send environment variable var_name to service." msgstr "Не надсилати змінної середовища назва_змінної до вказаної служби." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1458 +#: sssd.conf.5.xml:1461 msgid "" "Currently the following filters are supported: <placeholder " "type=\"variablelist\" id=\"0\"/>" @@ -2246,7 +2258,7 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1477 +#: sssd.conf.5.xml:1480 msgid "" "The list of strings can either be the list of filters which would set this " "list of filters and overwrite the defaults. Or each element of the list can " @@ -2264,23 +2276,23 @@ msgstr "" "Змішування стилів вважається помилкою." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1488 +#: sssd.conf.5.xml:1491 msgid "Default: ENV:KRB5CCNAME:sudo, ENV:KRB5CCNAME:sudo-i" msgstr "Типове значення: ENV:KRB5CCNAME:sudo, ENV:KRB5CCNAME:sudo-i" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1491 +#: sssd.conf.5.xml:1494 msgid "" "Example: -ENV:KRB5CCNAME:sudo-i will remove the filter from the default list" msgstr "Приклад: -ENV:KRB5CCNAME:sudo-i вилучає фільтр зі списку типових" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1498 +#: sssd.conf.5.xml:1501 msgid "pam_id_timeout (integer)" msgstr "pam_id_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1501 +#: sssd.conf.5.xml:1504 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -2291,7 +2303,7 @@ msgstr "" "що розпізнавання виконується на основі найсвіжіших даних." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1507 +#: sssd.conf.5.xml:1510 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -2305,18 +2317,18 @@ msgstr "" "надання даних профілів." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1521 +#: sssd.conf.5.xml:1524 msgid "pam_pwd_expiration_warning (integer)" msgstr "pam_pwd_expiration_warning (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1524 sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:1527 sssd.conf.5.xml:2990 msgid "Display a warning N days before the password expires." msgstr "" "Показати попередження за вказану кількість днів перед завершенням дії пароля." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1527 +#: sssd.conf.5.xml:1530 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -2327,7 +2339,7 @@ msgstr "" "попередження." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1533 sssd.conf.5.xml:2990 +#: sssd.conf.5.xml:1536 sssd.conf.5.xml:2993 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." @@ -2337,7 +2349,7 @@ msgstr "" "буде автоматично показано." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1541 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." @@ -2346,18 +2358,18 @@ msgstr "" "<emphasis>pwd_expiration_warning</emphasis> для окремого домену." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1543 sssd.conf.5.xml:3990 sssd-ldap.5.xml:607 -#: sssd-ldap.5.xml:1673 sssd.8.xml:79 +#: sssd.conf.5.xml:1546 sssd.conf.5.xml:3993 sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:1684 sssd.8.xml:79 msgid "Default: 0" msgstr "Типове значення: 0" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1560 +#: sssd.conf.5.xml:1563 msgid "pam_trusted_users (string)" msgstr "pam_trusted_users (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1563 +#: sssd.conf.5.xml:1566 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -2373,13 +2385,13 @@ msgstr "" "під час запуску системи." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1573 +#: sssd.conf.5.xml:1576 msgid "Default: All users are considered trusted by default" msgstr "" "Типове значення: типово усі користувачі вважаються надійними (довіреними)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1577 +#: sssd.conf.5.xml:1580 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." @@ -2388,12 +2400,12 @@ msgstr "" "відповідача PAM, навіть якщо користувача немає у списку pam_trusted_users." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1584 +#: sssd.conf.5.xml:1587 msgid "pam_public_domains (string)" msgstr "pam_public_domains (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1587 +#: sssd.conf.5.xml:1590 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." @@ -2402,12 +2414,12 @@ msgstr "" "отримувати навіть ненадійні користувачі." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1591 +#: sssd.conf.5.xml:1594 msgid "Two special values for pam_public_domains option are defined:" msgstr "Визначено два спеціальних значення параметра pam_public_domains:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1595 +#: sssd.conf.5.xml:1598 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" @@ -2415,7 +2427,7 @@ msgstr "" "PAM.)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1602 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" @@ -2424,19 +2436,19 @@ msgstr "" "відповідачі.)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1603 sssd.conf.5.xml:1628 sssd.conf.5.xml:1647 -#: sssd.conf.5.xml:1884 sssd.conf.5.xml:2725 sssd.conf.5.xml:3919 -#: sssd-ldap.5.xml:1210 +#: sssd.conf.5.xml:1606 sssd.conf.5.xml:1631 sssd.conf.5.xml:1650 +#: sssd.conf.5.xml:1887 sssd.conf.5.xml:2728 sssd.conf.5.xml:3922 +#: sssd-ldap.5.xml:1221 msgid "Default: none" msgstr "Типове значення: none" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1611 msgid "pam_account_expired_message (string)" msgstr "pam_account_expired_message (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1611 +#: sssd.conf.5.xml:1614 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." @@ -2445,7 +2457,7 @@ msgstr "" "замінити типове повідомлення «Доступ заборонено» («Permission denied»)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1616 +#: sssd.conf.5.xml:1619 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." @@ -2455,7 +2467,7 @@ msgstr "" "(показувати усі повідомлення і діагностичні дані)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1627 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -2465,12 +2477,12 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1633 +#: sssd.conf.5.xml:1636 msgid "pam_account_locked_message (string)" msgstr "pam_account_locked_message (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1639 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." @@ -2479,7 +2491,7 @@ msgstr "" "типове повідомлення «Доступ заборонено» («Permission denied»)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1643 +#: sssd.conf.5.xml:1646 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -2489,46 +2501,46 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1652 +#: sssd.conf.5.xml:1655 msgid "pam_passkey_auth (bool)" msgstr "pam_passkey_auth (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1655 +#: sssd.conf.5.xml:1658 msgid "Enable passkey device based authentication." msgstr "Увімкнути розпізнавання на основі пристрою ключа." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1658 sssd.conf.5.xml:1970 sssd-ad.5.xml:1272 +#: sssd.conf.5.xml:1661 sssd.conf.5.xml:1973 sssd-ad.5.xml:1275 #: sss_rpcidmapd.5.xml:76 sssd-files.5.xml:145 msgid "Default: True" msgstr "Типове значення: True" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1663 +#: sssd.conf.5.xml:1666 msgid "passkey_debug_libfido2 (bool)" msgstr "passkey_debug_libfido2 (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1666 +#: sssd.conf.5.xml:1669 msgid "Enable libfido2 library debug messages." msgstr "Увімкнути діагностичні повідомлення бібліотеки libfido2." #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1669 sssd.conf.5.xml:1683 sssd-ldap.5.xml:672 -#: sssd-ldap.5.xml:693 sssd-ldap.5.xml:789 sssd-ldap.5.xml:1296 -#: sssd-ad.5.xml:506 sssd-ad.5.xml:582 sssd-ad.5.xml:1127 sssd-ad.5.xml:1176 +#: sssd.conf.5.xml:1672 sssd.conf.5.xml:1686 sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:704 sssd-ldap.5.xml:800 sssd-ldap.5.xml:1307 +#: sssd-ad.5.xml:506 sssd-ad.5.xml:582 sssd-ad.5.xml:1127 sssd-ad.5.xml:1179 #: include/ldap_id_mapping.xml:250 msgid "Default: False" msgstr "Типове значення: False" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1674 +#: sssd.conf.5.xml:1677 msgid "pam_cert_auth (bool)" msgstr "pam_cert_auth (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1677 +#: sssd.conf.5.xml:1680 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -2539,22 +2551,22 @@ msgstr "" "розпізнавання, типово таку сертифікацію вимкнено." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1688 +#: sssd.conf.5.xml:1691 msgid "pam_cert_db_path (string)" msgstr "pam_cert_db_path (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1691 +#: sssd.conf.5.xml:1694 msgid "The path to the certificate database." msgstr "Шлях до бази даних сертифікатів." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1694 sssd.conf.5.xml:2219 sssd.conf.5.xml:4411 +#: sssd.conf.5.xml:1697 sssd.conf.5.xml:2222 sssd.conf.5.xml:4414 msgid "Default:" msgstr "Типове значення:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1696 sssd.conf.5.xml:2221 +#: sssd.conf.5.xml:1699 sssd.conf.5.xml:2224 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (path to a file with trusted CA " "certificates in PEM format)" @@ -2563,12 +2575,12 @@ msgstr "" "служб сертифікації у форматі PEM)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:1709 msgid "pam_cert_verification (string)" msgstr "pam_cert_verification (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:1712 msgid "" "With this parameter the PAM certificate verification can be tuned with a " "comma separated list of options that override the " @@ -2583,7 +2595,7 @@ msgstr "" "<quote>certificate_verification</quote>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:1723 #, no-wrap msgid "" "pam_cert_verification = partial_chain\n" @@ -2593,7 +2605,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:1727 msgid "" "Default: not set, i.e. use default <quote>certificate_verification</quote> " "option defined in <quote>[sssd]</quote> section." @@ -2603,24 +2615,24 @@ msgstr "" "<quote>[sssd]</quote>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1731 +#: sssd.conf.5.xml:1734 msgid "p11_child_timeout (integer)" msgstr "p11_child_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1734 +#: sssd.conf.5.xml:1737 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" "Час у секундах, протягом якого pam_sss очікуватиме на завершення роботи " "p11_child." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1743 +#: sssd.conf.5.xml:1746 msgid "passkey_child_timeout (integer)" msgstr "passkey_child_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 +#: sssd.conf.5.xml:1749 msgid "" "How many seconds will the PAM responder wait for passkey_child to finish." msgstr "" @@ -2628,12 +2640,12 @@ msgstr "" "роботи passkey_child." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1758 msgid "pam_app_services (string)" msgstr "pam_app_services (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1761 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" @@ -2642,12 +2654,12 @@ msgstr "" "типу <quote>application</quote>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1767 +#: sssd.conf.5.xml:1770 msgid "pam_p11_allowed_services (string)" msgstr "pam_p11_allowed_services (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1770 +#: sssd.conf.5.xml:1773 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." @@ -2656,7 +2668,7 @@ msgstr "" "використання смарткарток." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1785 +#: sssd.conf.5.xml:1788 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -2666,7 +2678,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1774 +#: sssd.conf.5.xml:1777 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -2685,64 +2697,64 @@ msgstr "" "type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1789 sssd-ad.5.xml:645 sssd-ad.5.xml:754 sssd-ad.5.xml:812 +#: sssd.conf.5.xml:1792 sssd-ad.5.xml:645 sssd-ad.5.xml:754 sssd-ad.5.xml:812 #: sssd-ad.5.xml:870 sssd-ad.5.xml:948 msgid "Default: the default set of PAM service names includes:" msgstr "" "Типове значення: типовий набір назв служб PAM складається з таких значень:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1794 sssd-ad.5.xml:649 +#: sssd.conf.5.xml:1797 sssd-ad.5.xml:649 msgid "login" msgstr "login" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1799 sssd-ad.5.xml:654 +#: sssd.conf.5.xml:1802 sssd-ad.5.xml:654 msgid "su" msgstr "su" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1804 sssd-ad.5.xml:659 +#: sssd.conf.5.xml:1807 sssd-ad.5.xml:659 msgid "su-l" msgstr "su-l" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1809 sssd-ad.5.xml:674 +#: sssd.conf.5.xml:1812 sssd-ad.5.xml:674 msgid "gdm-smartcard" msgstr "gdm-smartcard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1814 sssd-ad.5.xml:669 +#: sssd.conf.5.xml:1817 sssd-ad.5.xml:669 msgid "gdm-password" msgstr "gdm-password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1819 sssd-ad.5.xml:679 +#: sssd.conf.5.xml:1822 sssd-ad.5.xml:679 msgid "kdm" msgstr "kdm" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1824 sssd-ad.5.xml:957 +#: sssd.conf.5.xml:1827 sssd-ad.5.xml:957 msgid "sudo" msgstr "sudo" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1829 sssd-ad.5.xml:962 +#: sssd.conf.5.xml:1832 sssd-ad.5.xml:962 msgid "sudo-i" msgstr "sudo-i" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1837 msgid "gnome-screensaver" msgstr "gnome-screensaver" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1845 msgid "p11_wait_for_card_timeout (integer)" msgstr "p11_wait_for_card_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1845 +#: sssd.conf.5.xml:1848 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2753,12 +2765,12 @@ msgstr "" "має чекати на вставлення смарткартки." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1856 +#: sssd.conf.5.xml:1859 msgid "p11_uri (string)" msgstr "p11_uri (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1859 +#: sssd.conf.5.xml:1862 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " @@ -2777,7 +2789,7 @@ msgstr "" "слід використовувати вказаний зчитувач." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1872 +#: sssd.conf.5.xml:1875 #, no-wrap msgid "" "p11_uri = pkcs11:slot-description=My%20Smartcard%20Reader\n" @@ -2787,7 +2799,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1876 +#: sssd.conf.5.xml:1879 #, no-wrap msgid "" "p11_uri = pkcs11:library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2797,7 +2809,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1870 +#: sssd.conf.5.xml:1873 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2811,17 +2823,17 @@ msgstr "" "який покаже і адреси PKCS#11." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1892 msgid "pam_initgroups_scheme" msgstr "pam_initgroups_scheme" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1897 +#: sssd.conf.5.xml:1900 msgid "always" msgstr "always" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1898 +#: sssd.conf.5.xml:1901 msgid "" "Always do an online lookup, please note that pam_id_timeout still applies" msgstr "" @@ -2829,12 +2841,12 @@ msgstr "" "буде все одно застосовано" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1902 +#: sssd.conf.5.xml:1905 msgid "no_session" msgstr "no_session" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1903 +#: sssd.conf.5.xml:1906 msgid "" "Only do an online lookup if there is no active session of the user, i.e. if " "the user is currently not logged in" @@ -2843,12 +2855,12 @@ msgstr "" "тобто якщо користувач не працює у системі" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1908 +#: sssd.conf.5.xml:1911 msgid "never" msgstr "never" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1909 +#: sssd.conf.5.xml:1912 msgid "" "Never force an online lookup, use the data from the cache as long as they " "are not expired" @@ -2857,7 +2869,7 @@ msgstr "" "аж доки вони не застаріють" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1892 +#: sssd.conf.5.xml:1895 msgid "" "The PAM responder can force an online lookup to get the current group " "memberships of the user trying to log in. This option controls when this " @@ -2870,17 +2882,17 @@ msgstr "" "таких значень: <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1916 +#: sssd.conf.5.xml:1919 msgid "Default: no_session" msgstr "Типове значення: no_session" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1921 sssd.conf.5.xml:4350 +#: sssd.conf.5.xml:1924 sssd.conf.5.xml:4353 msgid "pam_gssapi_services" msgstr "pam_gssapi_services" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1924 +#: sssd.conf.5.xml:1927 msgid "" "Comma separated list of PAM services that are allowed to try GSSAPI " "authentication using pam_sss_gss.so module." @@ -2889,7 +2901,7 @@ msgstr "" "розпізнавання за GSSAPI за допомогою модуля pam_sss_gss.so." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:1932 msgid "" "To disable GSSAPI authentication, set this option to <quote>-</quote> (dash)." msgstr "" @@ -2897,7 +2909,7 @@ msgstr "" "значення <quote>-</quote> (дефіс)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1933 sssd.conf.5.xml:1964 sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:1936 sssd.conf.5.xml:1967 sssd.conf.5.xml:2005 msgid "" "Note: This option can also be set per-domain which overwrites the value in " "[pam] section. It can also be set for trusted domain which overwrites the " @@ -2909,7 +2921,7 @@ msgstr "" "вищий пріоритет за значення у розділі домену." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1941 +#: sssd.conf.5.xml:1944 #, no-wrap msgid "" "pam_gssapi_services = sudo, sudo-i\n" @@ -2919,22 +2931,22 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1939 sssd.conf.5.xml:3913 +#: sssd.conf.5.xml:1942 sssd.conf.5.xml:3916 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "Приклад: <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1945 +#: sssd.conf.5.xml:1948 msgid "Default: - (GSSAPI authentication is disabled)" msgstr "Типове значення: - (розпізнавання за GSSAPI вимкнено)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1950 sssd.conf.5.xml:4351 +#: sssd.conf.5.xml:1953 sssd.conf.5.xml:4354 msgid "pam_gssapi_check_upn" msgstr "pam_gssapi_check_upn" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1953 +#: sssd.conf.5.xml:1956 msgid "" "If True, SSSD will require that the Kerberos user principal that " "successfully authenticated through GSSAPI can be associated with the user " @@ -2946,7 +2958,7 @@ msgstr "" "вважатиметься неуспішним, якщо перевірку не буде пройдено." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1960 +#: sssd.conf.5.xml:1963 msgid "" "If False, every user that is able to obtained required service ticket will " "be authenticated." @@ -2955,12 +2967,12 @@ msgstr "" "зможуть отримати бажаний квиток служби." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:1978 msgid "pam_gssapi_indicators_map" msgstr "pam_gssapi_indicators_map" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1978 +#: sssd.conf.5.xml:1981 msgid "" "Comma separated list of authentication indicators required to be present in " "a Kerberos ticket to access a PAM service that is allowed to try GSSAPI " @@ -2971,7 +2983,7 @@ msgstr "" "відокремлених комами індикаторів розпізнавання." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1984 +#: sssd.conf.5.xml:1987 msgid "" "Each element of the list can be either an authentication indicator name or a " "pair <quote>service:indicator</quote>. Indicators not prefixed with the PAM " @@ -2996,7 +3008,7 @@ msgstr "" "служби PAM є порожнім, перевірка не закриватиме доступ для жодного запису." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1997 +#: sssd.conf.5.xml:2000 msgid "" "To disable GSSAPI authentication indicator check, set this option to <quote>-" "</quote> (dash). To disable the check for a specific PAM service, add " @@ -3007,7 +3019,7 @@ msgstr "" "вимкнути перевірку для певної служби PAM, додайте <quote>служба:-</quote>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2008 +#: sssd.conf.5.xml:2011 msgid "" "Following authentication indicators are supported by IPA Kerberos " "deployments:" @@ -3016,7 +3028,7 @@ msgstr "" "індикаторів розпізнавання:" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2011 +#: sssd.conf.5.xml:2014 msgid "" "pkinit -- pre-authentication using X.509 certificates -- whether stored in " "files or on smart cards." @@ -3025,7 +3037,7 @@ msgstr "" "зберігаються у файлах або на смарткартках." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2014 +#: sssd.conf.5.xml:2017 msgid "" "hardened -- SPAKE pre-authentication or any pre-authentication wrapped in a " "FAST channel." @@ -3034,12 +3046,12 @@ msgstr "" "розпізнавання у обгортці каналу FAST." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2017 +#: sssd.conf.5.xml:2020 msgid "radius -- pre-authentication with the help of a RADIUS server." msgstr "radius — попереднє розпізнавання за допомогою сервера RADIUS." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2020 +#: sssd.conf.5.xml:2023 msgid "" "otp -- pre-authentication using integrated two-factor authentication (2FA or " "one-time password, OTP) in IPA." @@ -3048,14 +3060,14 @@ msgstr "" "розпізнавання (2FA або одноразовий пароль, OTP) в IPA." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2023 +#: sssd.conf.5.xml:2026 msgid "idp -- pre-authentication using external identity provider." msgstr "" "idp — попереднє розпізнавання за допомогою зовнішнього надавача даних " "профілів." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2033 +#: sssd.conf.5.xml:2036 #, no-wrap msgid "" "pam_gssapi_indicators_map = sudo:pkinit, sudo-i:pkinit\n" @@ -3065,7 +3077,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2028 +#: sssd.conf.5.xml:2031 msgid "" "Example: to require access to SUDO services only for users which obtained " "their Kerberos tickets with a X.509 certificate pre-authentication (PKINIT), " @@ -3077,19 +3089,19 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2037 +#: sssd.conf.5.xml:2040 msgid "Default: not set (use of authentication indicators is not required)" msgstr "" "Типове значення: не встановлено (немає потреби у використанні індикаторів " "розпізнавання)" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2048 msgid "SUDO configuration options" msgstr "Параметри налаштування SUDO" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2047 +#: sssd.conf.5.xml:2050 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -3107,12 +3119,12 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2064 +#: sssd.conf.5.xml:2067 msgid "sudo_timed (bool)" msgstr "sudo_timed (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2067 +#: sssd.conf.5.xml:2070 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." @@ -3121,12 +3133,12 @@ msgstr "" "призначені для визначення часових обмежень для записів sudoers." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2079 +#: sssd.conf.5.xml:2082 msgid "sudo_threshold (integer)" msgstr "sudo_threshold (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2082 +#: sssd.conf.5.xml:2085 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -3142,22 +3154,22 @@ msgstr "" "sudo IPA та групових пошуків команд." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2101 +#: sssd.conf.5.xml:2104 msgid "AUTOFS configuration options" msgstr "Параметри налаштування AUTOFS" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2103 +#: sssd.conf.5.xml:2106 msgid "These options can be used to configure the autofs service." msgstr "Цими параметрами можна скористатися для налаштування служби autofs." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2107 +#: sssd.conf.5.xml:2110 msgid "autofs_negative_timeout (integer)" msgstr "autofs_negative_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2110 +#: sssd.conf.5.xml:2113 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -3168,22 +3180,22 @@ msgstr "" "базі даних, зокрема неіснуючих) перед повторним запитом до сервера обробки." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2126 +#: sssd.conf.5.xml:2129 msgid "SSH configuration options" msgstr "Параметри налаштувань SSH" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2128 +#: sssd.conf.5.xml:2131 msgid "These options can be used to configure the SSH service." msgstr "Цими параметрами можна скористатися для налаштування служби SSH." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:2135 msgid "ssh_hash_known_hosts (bool)" msgstr "ssh_hash_known_hosts (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2135 +#: sssd.conf.5.xml:2138 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." @@ -3191,12 +3203,12 @@ msgstr "" "Чи слід хешувати назви та адреси вузлів у керованому файлі known_hosts." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2144 +#: sssd.conf.5.xml:2147 msgid "ssh_known_hosts_timeout (integer)" msgstr "ssh_known_hosts_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2147 +#: sssd.conf.5.xml:2150 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." @@ -3205,17 +3217,17 @@ msgstr "" "файлі known_hosts після надсилання запиту щодо ключів вузла." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2154 msgid "Default: 180" msgstr "Типове значення: 180" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2156 +#: sssd.conf.5.xml:2159 msgid "ssh_use_certificate_keys (bool)" msgstr "ssh_use_certificate_keys (булеве значення)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2159 +#: sssd.conf.5.xml:2162 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -3229,12 +3241,12 @@ msgstr "" "refentrytitle> <manvolnum>1</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2174 +#: sssd.conf.5.xml:2177 msgid "ssh_use_certificate_matching_rules (string)" msgstr "ssh_use_certificate_matching_rules (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2177 +#: sssd.conf.5.xml:2180 msgid "" "By default the ssh responder will use all available certificate matching " "rules to filter the certificates so that ssh keys are only derived from the " @@ -3250,7 +3262,7 @@ msgstr "" "відокремлених комами. Усі інші правила буде проігноровано." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2186 +#: sssd.conf.5.xml:2189 msgid "" "There are two special key words 'all_rules' and 'no_rules' which will enable " "all or no rules, respectively. The latter means that no certificates will be " @@ -3262,7 +3274,7 @@ msgstr "" "сертифікатів." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2193 +#: sssd.conf.5.xml:2196 msgid "" "If no rules are configured using 'all_rules' will enable a default rule " "which enables all certificates suitable for client authentication. This is " @@ -3275,7 +3287,7 @@ msgstr "" "розпізнавання за сертифікатом." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2200 +#: sssd.conf.5.xml:2203 msgid "" "A non-existing rule name is considered an error. If as a result no rule is " "selected all certificates will be ignored." @@ -3285,7 +3297,7 @@ msgstr "" "проігноровано." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2205 +#: sssd.conf.5.xml:2208 msgid "" "Default: not set, equivalent to 'all_rules', all found rules or the default " "rule are used" @@ -3294,12 +3306,12 @@ msgstr "" "використано усі знайдені правила або типове правило" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2211 +#: sssd.conf.5.xml:2214 msgid "ca_db (string)" msgstr "ca_db (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2214 +#: sssd.conf.5.xml:2217 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." @@ -3308,12 +3320,12 @@ msgstr "" "перевірки сертифікатів користувачів до отримання з них відкритих ключів ssh." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2234 +#: sssd.conf.5.xml:2237 msgid "PAC responder configuration options" msgstr "Параметри налаштування відповідача PAC" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2239 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -3331,7 +3343,7 @@ msgstr "" "декодовано і визначено, виконуються деякі з таких дій:" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2245 +#: sssd.conf.5.xml:2248 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -3349,7 +3361,7 @@ msgstr "" "параметра default_shell." #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2253 +#: sssd.conf.5.xml:2256 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." @@ -3358,18 +3370,18 @@ msgstr "" "додано до цих груп." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2259 +#: sssd.conf.5.xml:2262 msgid "These options can be used to configure the PAC responder." msgstr "" "Цими параметрами можна скористатися для налаштовування відповідача PAC." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2263 sssd-ifp.5.xml:66 +#: sssd.conf.5.xml:2266 sssd-ifp.5.xml:66 msgid "allowed_uids (string)" msgstr "allowed_uids (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2266 +#: sssd.conf.5.xml:2269 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -3380,7 +3392,7 @@ msgstr "" "іменами користувачів визначатимуться під час запуску." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2272 +#: sssd.conf.5.xml:2275 msgid "" "Default: 0, &sssd_user_name; (only root and SSSD service users are allowed " "to access the PAC responder)" @@ -3389,14 +3401,14 @@ msgstr "" "root і користувачі служб SSSD)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2279 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" "Типове значення: 0 (доступ до відповідача PAC має лише адміністративний " "користувач (root))" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2280 +#: sssd.conf.5.xml:2283 msgid "" "Please note that defaults will be overwritten with this option. If you still " "want to allow the root and/or '&sssd_user_name;' user to access the PAC " @@ -3410,7 +3422,7 @@ msgstr "" "відповідні записи явно." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2287 +#: sssd.conf.5.xml:2290 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -3424,12 +3436,12 @@ msgstr "" "запис 0." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2296 +#: sssd.conf.5.xml:2299 msgid "pac_lifetime (integer)" msgstr "pac_lifetime (ціле число)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2299 +#: sssd.conf.5.xml:2302 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." @@ -3438,12 +3450,12 @@ msgstr "" "використовувати для визначення членства користувача у групі." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2309 +#: sssd.conf.5.xml:2312 msgid "pac_check (string)" msgstr "pac_check (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2312 +#: sssd.conf.5.xml:2315 msgid "" "Apply additional checks on the PAC of the Kerberos ticket which is available " "in Active Directory and FreeIPA domains, if configured. Please note that " @@ -3460,12 +3472,12 @@ msgstr "" "krb5_validate встановлено значення «False», перевірки PAC буде пропущено." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2326 +#: sssd.conf.5.xml:2329 msgid "no_check" msgstr "no_check" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2328 +#: sssd.conf.5.xml:2331 msgid "" "The PAC must not be present and even if it is present no additional checks " "will be done." @@ -3474,12 +3486,12 @@ msgstr "" "виконано не буде." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2334 +#: sssd.conf.5.xml:2337 msgid "pac_present" msgstr "pac_present" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:2339 msgid "" "The PAC must be present in the service ticket which SSSD will request with " "the help of the user's TGT. If the PAC is not available the authentication " @@ -3490,12 +3502,12 @@ msgstr "" "зазнає невдачі." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2344 +#: sssd.conf.5.xml:2347 msgid "check_upn" msgstr "check_upn" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2346 +#: sssd.conf.5.xml:2349 msgid "" "If the PAC is present check if the user principal name (UPN) information is " "consistent." @@ -3504,12 +3516,12 @@ msgstr "" "користувача (UPN)." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2352 +#: sssd.conf.5.xml:2355 msgid "check_upn_allow_missing" msgstr "check_upn_allow_missing" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2357 msgid "" "This option should be used together with 'check_upn' and handles the case " "where a UPN is set on the server-side but is not read by SSSD. The typical " @@ -3529,7 +3541,7 @@ msgstr "" "потреби." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2366 +#: sssd.conf.5.xml:2369 msgid "" "Currently this option is set by default to avoid regressions in such " "environments. A log message will be added to the system log and SSSD's debug " @@ -3546,23 +3558,23 @@ msgstr "" "призведе до пропускання перевірки, і повідомлення зникне з журналу." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2380 +#: sssd.conf.5.xml:2383 msgid "upn_dns_info_present" msgstr "upn_dns_info_present" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2382 +#: sssd.conf.5.xml:2385 msgid "The PAC must contain the UPN-DNS-INFO buffer, implies 'check_upn'." msgstr "" "PAC має містити буфер UPN-DNS-INFO; неявним чином встановлює «check_upn»." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2387 +#: sssd.conf.5.xml:2390 msgid "check_upn_dns_info_ex" msgstr "check_upn_dns_info_ex" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2389 +#: sssd.conf.5.xml:2392 msgid "" "If the PAC is present and the extension to the UPN-DNS-INFO buffer is " "available check if the information in the extension is consistent." @@ -3571,12 +3583,12 @@ msgstr "" "узгодженими дані у розширенні." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2396 +#: sssd.conf.5.xml:2399 msgid "upn_dns_info_ex_present" msgstr "upn_dns_info_ex_present" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2401 msgid "" "The PAC must contain the extension of the UPN-DNS-INFO buffer, implies " "'check_upn_dns_info_ex', 'upn_dns_info_present' and 'check_upn'." @@ -3585,7 +3597,7 @@ msgstr "" "«check_upn_dns_info_ex», «upn_dns_info_present» і «check_upn»." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2325 msgid "" "The following options can be used alone or in a comma-separated list: " "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -3594,7 +3606,7 @@ msgstr "" "відокремлених комами значень: <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2408 +#: sssd.conf.5.xml:2411 msgid "" "Default: no_check (AD and IPA provider 'check_upn, check_upn_allow_missing, " "check_upn_dns_info_ex')" @@ -3603,12 +3615,12 @@ msgstr "" "check_upn_allow_missing, check_upn_dns_info_ex»)" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2417 +#: sssd.conf.5.xml:2420 msgid "Session recording configuration options" msgstr "Параметри налаштовування запису сеансів" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2419 +#: sssd.conf.5.xml:2422 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -3623,32 +3635,32 @@ msgstr "" "session-recording</refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2432 +#: sssd.conf.5.xml:2435 msgid "These options can be used to configure session recording." msgstr "Цими параметрами можна скористатися для налаштовування запису сеансів." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2436 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:2439 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "scope (рядок)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2443 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:2446 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "\"none\"" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2446 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:2449 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "Користувачі не записуються." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2451 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:2454 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "\"some\"" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2454 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:2457 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." @@ -3657,17 +3669,17 @@ msgstr "" "<replaceable>користувачі</replaceable> і <replaceable>групи</replaceable>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2463 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:2466 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "\"all\"" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2466 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:2469 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "Усі користувачі записуються." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2439 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:2442 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -3676,17 +3688,17 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:2476 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "Типове значення: none" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2478 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:2481 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "users (рядок)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2481 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:2484 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -3698,17 +3710,17 @@ msgstr "" "тощо." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2487 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:2490 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "Типове значення: порожнє. Не відповідає жодному користувачу." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2492 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:2495 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "groups (рядок)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2495 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:2498 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -3720,7 +3732,7 @@ msgstr "" "символів тощо." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2501 sssd.conf.5.xml:2533 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:2504 sssd.conf.5.xml:2536 sssd-session-recording.5.xml:129 #: sssd-session-recording.5.xml:161 msgid "" "NOTE: using this option (having it set to anything) has a considerable " @@ -3733,17 +3745,17 @@ msgstr "" "належить користувач." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2508 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:2511 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "Типове значення: порожнє. Не відповідає жодній групі." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2513 sssd-session-recording.5.xml:141 +#: sssd.conf.5.xml:2516 sssd-session-recording.5.xml:141 msgid "exclude_users (string)" msgstr "exclude_users (рядок)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2516 sssd-session-recording.5.xml:144 +#: sssd.conf.5.xml:2519 sssd-session-recording.5.xml:144 msgid "" "A comma-separated list of users to be excluded from recording, only " "applicable with 'scope=all'." @@ -3752,17 +3764,17 @@ msgstr "" "записування. Може бути застосовано лише разом із «scope=all»." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2520 sssd-session-recording.5.xml:148 +#: sssd.conf.5.xml:2523 sssd-session-recording.5.xml:148 msgid "Default: Empty. No users excluded." msgstr "Типове значення: порожнє. Не виключати жодного користувача." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2525 sssd-session-recording.5.xml:153 +#: sssd.conf.5.xml:2528 sssd-session-recording.5.xml:153 msgid "exclude_groups (string)" msgstr "exclude_groups (рядок)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2528 sssd-session-recording.5.xml:156 +#: sssd.conf.5.xml:2531 sssd-session-recording.5.xml:156 msgid "" "A comma-separated list of groups, members of which should be excluded from " "recording. Only applicable with 'scope=all'." @@ -3771,23 +3783,23 @@ msgstr "" "із записування. Може бути застосовано лише разом із «scope=all»." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2540 sssd-session-recording.5.xml:168 +#: sssd.conf.5.xml:2543 sssd-session-recording.5.xml:168 msgid "Default: Empty. No groups excluded." msgstr "Типове значення: порожнє. Не виключати жодної групи." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:2550 +#: sssd.conf.5.xml:2553 msgid "DOMAIN SECTIONS" msgstr "РОЗДІЛИ ДОМЕНІВ" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para> -#: sssd.conf.5.xml:2557 sssd.conf.5.xml:4041 sssd.conf.5.xml:4042 -#: sssd.conf.5.xml:4045 +#: sssd.conf.5.xml:2560 sssd.conf.5.xml:4044 sssd.conf.5.xml:4045 +#: sssd.conf.5.xml:4048 msgid "enabled" msgstr "enabled" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2560 +#: sssd.conf.5.xml:2563 msgid "" "Explicitly enable or disable the domain. If <quote>true</quote>, the domain " "is always <quote>enabled</quote>. If <quote>false</quote>, the domain is " @@ -3802,12 +3814,12 @@ msgstr "" "параметрі доменів у розділі <quote>[sssd]</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2572 +#: sssd.conf.5.xml:2575 msgid "domain_type (string)" msgstr "domain_type (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2578 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -3820,7 +3832,7 @@ msgstr "" "з доменів POSIX." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2583 +#: sssd.conf.5.xml:2586 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." @@ -3829,7 +3841,7 @@ msgstr "" "<quote>application</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2587 +#: sssd.conf.5.xml:2590 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -3841,7 +3853,7 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) і відповідача PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2595 +#: sssd.conf.5.xml:2598 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." @@ -3850,7 +3862,7 @@ msgstr "" "application з <quote>id_provider=ldap</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2602 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." @@ -3859,17 +3871,17 @@ msgstr "" "ласка, ознайомтеся із розділом <quote>Домени програм</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2603 +#: sssd.conf.5.xml:2606 msgid "Default: posix" msgstr "Типове значення: posix" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2609 +#: sssd.conf.5.xml:2612 msgid "min_id,max_id (integer)" msgstr "min_id,max_id (ціле значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2615 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." @@ -3878,7 +3890,7 @@ msgstr "" "відповідає цим обмеженням, його буде проігноровано." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2617 +#: sssd.conf.5.xml:2620 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -3891,7 +3903,7 @@ msgstr "" "основної групи і належать діапазону, буде виведено у звичайному режимі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2627 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." @@ -3900,17 +3912,17 @@ msgstr "" "лише повернення записів за назвою або ідентифікатором." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2631 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "Типові значення: 1 для min_id, 0 (без обмежень) для max_id" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2637 msgid "enumerate (bool)" msgstr "enumerate (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2637 +#: sssd.conf.5.xml:2640 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -3923,22 +3935,22 @@ msgstr "" "мати такі значення:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:2648 msgid "TRUE = Users and groups are enumerated" msgstr "TRUE = користувачі і групи нумеруються" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:2651 msgid "FALSE = No enumerations for this domain" msgstr "FALSE = не використовувати нумерацію для цього домену" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2651 sssd.conf.5.xml:2942 sssd.conf.5.xml:3119 +#: sssd.conf.5.xml:2654 sssd.conf.5.xml:2945 sssd.conf.5.xml:3122 msgid "Default: FALSE" msgstr "Типове значення: FALSE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2654 +#: sssd.conf.5.xml:2657 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." @@ -3947,7 +3959,7 @@ msgstr "" "користувачів і груп із віддаленого сервера." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2659 +#: sssd.conf.5.xml:2662 msgid "" "Feature is only supported for domains with id_provider = ldap or id_provider " "= proxy." @@ -3956,7 +3968,7 @@ msgstr "" "id_provider = proxy." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2663 +#: sssd.conf.5.xml:2666 msgid "" "Note: Enabling enumeration has a severe performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -3979,7 +3991,7 @@ msgstr "" "<quote>sssd_be</quote> або навіть перезапуску усього засобу стеження." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2678 +#: sssd.conf.5.xml:2681 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." @@ -3989,7 +4001,7 @@ msgstr "" "завершено." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2683 +#: sssd.conf.5.xml:2686 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -4003,7 +4015,7 @@ msgstr "" "відповідного використаного засобу обробки ідентифікаторів (id_provider)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2694 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." @@ -4012,7 +4024,7 @@ msgstr "" "об’ємних середовищах." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2696 +#: sssd.conf.5.xml:2699 msgid "" "Note: the proxy provider is tested with open source modules like " "'libnss_files' and 'libnss_ldap'. 3rd party modules must follow the " @@ -4024,32 +4036,32 @@ msgstr "" "використано у цій конфігурації." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2705 +#: sssd.conf.5.xml:2708 msgid "subdomain_enumerate (string)" msgstr "subdomain_enumerate (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2712 +#: sssd.conf.5.xml:2715 msgid "all" msgstr "all" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2716 msgid "All discovered trusted domains will be enumerated" msgstr "Усі виявлені надійні домени буде пронумеровано" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2716 +#: sssd.conf.5.xml:2719 msgid "none" msgstr "none" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2717 +#: sssd.conf.5.xml:2720 msgid "No discovered trusted domains will be enumerated" msgstr "Нумерація виявлених надійних доменів не виконуватиметься" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2708 +#: sssd.conf.5.xml:2711 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -4062,12 +4074,12 @@ msgstr "" "доменів, для яких буде увімкнено нумерацію." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2731 +#: sssd.conf.5.xml:2734 msgid "entry_cache_timeout (integer)" msgstr "entry_cache_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2734 +#: sssd.conf.5.xml:2737 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" @@ -4076,7 +4088,7 @@ msgstr "" "надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2738 +#: sssd.conf.5.xml:2741 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -4093,17 +4105,17 @@ msgstr "" "<manvolnum>8</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2751 +#: sssd.conf.5.xml:2754 msgid "Default: 5400" msgstr "Типове значення: 5400" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2757 +#: sssd.conf.5.xml:2760 msgid "entry_cache_user_timeout (integer)" msgstr "entry_cache_user_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2760 +#: sssd.conf.5.xml:2763 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" @@ -4112,19 +4124,19 @@ msgstr "" "чинними, перш ніж надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2764 sssd.conf.5.xml:2777 sssd.conf.5.xml:2790 -#: sssd.conf.5.xml:2803 sssd.conf.5.xml:2817 sssd.conf.5.xml:2830 -#: sssd.conf.5.xml:2844 sssd.conf.5.xml:2858 sssd.conf.5.xml:2871 +#: sssd.conf.5.xml:2767 sssd.conf.5.xml:2780 sssd.conf.5.xml:2793 +#: sssd.conf.5.xml:2806 sssd.conf.5.xml:2820 sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2847 sssd.conf.5.xml:2861 sssd.conf.5.xml:2874 msgid "Default: entry_cache_timeout" msgstr "Типове значення: entry_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2773 msgid "entry_cache_group_timeout (integer)" msgstr "entry_cache_group_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2776 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" @@ -4133,12 +4145,12 @@ msgstr "" "ніж надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2783 +#: sssd.conf.5.xml:2786 msgid "entry_cache_netgroup_timeout (integer)" msgstr "entry_cache_netgroup_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2786 +#: sssd.conf.5.xml:2789 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" @@ -4147,12 +4159,12 @@ msgstr "" "чинними, перш ніж надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2796 +#: sssd.conf.5.xml:2799 msgid "entry_cache_service_timeout (integer)" msgstr "entry_cache_service_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2799 +#: sssd.conf.5.xml:2802 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" @@ -4161,12 +4173,12 @@ msgstr "" "ніж надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2812 msgid "entry_cache_resolver_timeout (integer)" msgstr "entry_cache_resolver_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2812 +#: sssd.conf.5.xml:2815 msgid "" "How many seconds should nss_sss consider hosts and networks entries valid " "before asking the backend again" @@ -4175,12 +4187,12 @@ msgstr "" "чинними, перш ніж надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:2826 msgid "entry_cache_sudo_timeout (integer)" msgstr "entry_cache_sudo_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2826 +#: sssd.conf.5.xml:2829 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" @@ -4189,12 +4201,12 @@ msgstr "" "надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2836 +#: sssd.conf.5.xml:2839 msgid "entry_cache_autofs_timeout (integer)" msgstr "entry_cache_autofs_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2839 +#: sssd.conf.5.xml:2842 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" @@ -4203,12 +4215,12 @@ msgstr "" "чинними, перш ніж надсилати повторний запит до сервера" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2850 +#: sssd.conf.5.xml:2853 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "entry_cache_ssh_host_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2853 +#: sssd.conf.5.xml:2856 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." @@ -4218,12 +4230,12 @@ msgstr "" "вузла у кеші." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2867 msgid "entry_cache_computer_timeout (integer)" msgstr "entry_cache_computer_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2867 +#: sssd.conf.5.xml:2870 msgid "" "How many seconds to keep the local computer entry before asking the backend " "again" @@ -4232,12 +4244,12 @@ msgstr "" "перш ніж надсилати запит до модуля обробки даних знову" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2877 +#: sssd.conf.5.xml:2880 msgid "refresh_expired_interval (integer)" msgstr "refresh_expired_interval (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2880 +#: sssd.conf.5.xml:2883 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." @@ -4247,7 +4259,7 @@ msgstr "" "вичерпано або майже вичерпано." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2885 +#: sssd.conf.5.xml:2888 msgid "" "The background refresh will process users, groups and netgroups in the " "cache. For users who have performed the initgroups (get group membership for " @@ -4261,18 +4273,18 @@ msgstr "" "запис користувача, і дані щодо участі у групах." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2893 +#: sssd.conf.5.xml:2896 msgid "This option is automatically inherited for all trusted domains." msgstr "Цей параметр автоматично успадковується для усіх довірених доменів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2897 +#: sssd.conf.5.xml:2900 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" "Варто визначити для цього параметра значення 3/4 * entry_cache_timeout." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2901 +#: sssd.conf.5.xml:2904 msgid "" "Cache entry will be refreshed by background task when 2/3 of cache timeout " "has already passed. If there are existing cached entries, the background " @@ -4293,18 +4305,18 @@ msgstr "" "чинність наявного кешу." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2914 sssd-ldap.5.xml:361 sssd-ldap.5.xml:1774 +#: sssd.conf.5.xml:2917 sssd-ldap.5.xml:372 sssd-ldap.5.xml:1785 #: sssd-ipa.5.xml:270 msgid "Default: 0 (disabled)" msgstr "Типове значення: 0 (вимкнено)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2920 +#: sssd.conf.5.xml:2923 msgid "cache_credentials (bool)" msgstr "cache_credentials (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:2926 msgid "" "Determines if user credentials are also cached in the local LDB cache. The " "cached credentials refer to passwords, which includes the first (long term) " @@ -4321,7 +4333,7 @@ msgstr "" "мережеве розпізнавання було записано до кешу." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2934 +#: sssd.conf.5.xml:2937 msgid "" "Take a note that while credentials are stored as a salted SHA512 hash, this " "still potentially poses some security risk in case an attacker manages to " @@ -4334,12 +4346,12 @@ msgstr "" "додаткових прав доступу) і визначить пароль за допомогою простого перебору." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:2951 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "cache_credentials_minimal_first_factor_length (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2951 +#: sssd.conf.5.xml:2954 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -4351,7 +4363,7 @@ msgstr "" "контрольної суми SHA512 у кеші." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2958 +#: sssd.conf.5.xml:2961 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." @@ -4361,12 +4373,12 @@ msgstr "" "мішенню атак із перебиранням паролів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:2972 msgid "account_cache_expiration (integer)" msgstr "account_cache_expiration (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:2975 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -4379,17 +4391,17 @@ msgstr "" "offline_credentials_expiration." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2979 +#: sssd.conf.5.xml:2982 msgid "Default: 0 (unlimited)" msgstr "Типове значення: 0 (без обмежень)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:2987 msgid "pwd_expiration_warning (integer)" msgstr "pwd_expiration_warning (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2995 +#: sssd.conf.5.xml:2998 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -4402,17 +4414,17 @@ msgstr "" "даних розпізнавання." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3002 +#: sssd.conf.5.xml:3005 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "Типове значення: 7 (Kerberos), 0 (LDAP)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3008 +#: sssd.conf.5.xml:3011 msgid "id_provider (string)" msgstr "id_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3011 +#: sssd.conf.5.xml:3014 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" @@ -4420,12 +4432,12 @@ msgstr "" "Серед підтримуваних засобів такі:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3015 +#: sssd.conf.5.xml:3018 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "«proxy»: підтримка застарілого модуля надання даних NSS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3018 +#: sssd.conf.5.xml:3021 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -4437,7 +4449,7 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3026 +#: sssd.conf.5.xml:3029 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -4448,8 +4460,8 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3034 sssd.conf.5.xml:3145 sssd.conf.5.xml:3196 -#: sssd.conf.5.xml:3259 +#: sssd.conf.5.xml:3037 sssd.conf.5.xml:3148 sssd.conf.5.xml:3199 +#: sssd.conf.5.xml:3262 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Identity Management provider. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -4461,8 +4473,8 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3043 sssd.conf.5.xml:3154 sssd.conf.5.xml:3205 -#: sssd.conf.5.xml:3268 +#: sssd.conf.5.xml:3046 sssd.conf.5.xml:3157 sssd.conf.5.xml:3208 +#: sssd.conf.5.xml:3271 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4474,12 +4486,12 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3054 +#: sssd.conf.5.xml:3057 msgid "use_fully_qualified_names (bool)" msgstr "use_fully_qualified_names (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3057 +#: sssd.conf.5.xml:3060 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." @@ -4489,7 +4501,7 @@ msgstr "" "NSS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3062 +#: sssd.conf.5.xml:3065 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -4502,7 +4514,7 @@ msgstr "" "не покаже користувача, а <command>getent passwd test@LOCAL</command> покаже." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3070 +#: sssd.conf.5.xml:3073 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -4513,7 +4525,7 @@ msgstr "" "груп, якщо задано неповну назву, буде виконано пошук у всіх доменах." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3077 +#: sssd.conf.5.xml:3080 msgid "" "Default: FALSE (TRUE for trusted domain/sub-domains or if " "default_domain_suffix is used)" @@ -4522,17 +4534,17 @@ msgstr "" "використано default_domain_suffix)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3084 +#: sssd.conf.5.xml:3087 msgid "ignore_group_members (bool)" msgstr "ignore_group_members (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3087 +#: sssd.conf.5.xml:3090 msgid "Do not return group members for group lookups." msgstr "Не повертати записи учасників груп для пошуків груп." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3090 +#: sssd.conf.5.xml:3093 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -4551,7 +4563,7 @@ msgstr "" "$groupname</quote> поверне запитану групу так, наче вона була порожня." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3111 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -4562,11 +4574,11 @@ msgstr "" "учасників." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3114 sssd.conf.5.xml:3835 sssd-ldap.5.xml:327 -#: sssd-ldap.5.xml:356 sssd-ldap.5.xml:409 sssd-ldap.5.xml:469 -#: sssd-ldap.5.xml:490 sssd-ldap.5.xml:521 sssd-ldap.5.xml:544 -#: sssd-ldap.5.xml:583 sssd-ldap.5.xml:602 sssd-ldap.5.xml:626 -#: sssd-ldap.5.xml:1054 sssd-ldap.5.xml:1087 +#: sssd.conf.5.xml:3117 sssd.conf.5.xml:3838 sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:367 sssd-ldap.5.xml:420 sssd-ldap.5.xml:480 +#: sssd-ldap.5.xml:501 sssd-ldap.5.xml:532 sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:594 sssd-ldap.5.xml:613 sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:1065 sssd-ldap.5.xml:1098 msgid "" "This option can be also set per subdomain or inherited via " "<emphasis>subdomain_inherit</emphasis>." @@ -4575,12 +4587,12 @@ msgstr "" "успадковано за допомогою <emphasis>subdomain_inherit</emphasis>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3124 +#: sssd.conf.5.xml:3127 msgid "auth_provider (string)" msgstr "auth_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3127 +#: sssd.conf.5.xml:3130 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" @@ -4589,7 +4601,7 @@ msgstr "" "служб розпізнавання:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3131 sssd.conf.5.xml:3189 +#: sssd.conf.5.xml:3134 sssd.conf.5.xml:3192 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4601,7 +4613,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3138 +#: sssd.conf.5.xml:3141 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4613,18 +4625,18 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3162 +#: sssd.conf.5.xml:3165 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "<quote>proxy</quote> — трансльоване розпізнавання у іншій системі PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3168 msgid "<quote>none</quote> disables authentication explicitly." msgstr "<quote>none</quote> — вимкнути розпізнавання повністю." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3168 +#: sssd.conf.5.xml:3171 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." @@ -4633,12 +4645,12 @@ msgstr "" "спосіб встановлено і можлива обробка запитів щодо розпізнавання." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3174 +#: sssd.conf.5.xml:3177 msgid "access_provider (string)" msgstr "access_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3177 +#: sssd.conf.5.xml:3180 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -4649,7 +4661,7 @@ msgstr "" "Вбудованими програмами є:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3183 +#: sssd.conf.5.xml:3186 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." @@ -4658,12 +4670,12 @@ msgstr "" "доступу для локального домену." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3186 +#: sssd.conf.5.xml:3189 msgid "<quote>deny</quote> always deny access." msgstr "<quote>deny</quote> — завжди забороняти доступ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3213 +#: sssd.conf.5.xml:3216 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -4676,7 +4688,7 @@ msgstr "" "refentrytitle> <manvolnum>5</manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3223 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -4688,24 +4700,24 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3227 +#: sssd.conf.5.xml:3230 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" "<quote>proxy</quote> — для трансляції керування доступом до іншого модуля " "PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3230 +#: sssd.conf.5.xml:3233 msgid "Default: <quote>permit</quote>" msgstr "Типове значення: <quote>permit</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3235 +#: sssd.conf.5.xml:3238 msgid "chpass_provider (string)" msgstr "chpass_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3238 +#: sssd.conf.5.xml:3241 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" @@ -4714,7 +4726,7 @@ msgstr "" "підтримку таких систем зміни паролів:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3243 +#: sssd.conf.5.xml:3246 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -4726,7 +4738,7 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3251 +#: sssd.conf.5.xml:3254 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4738,18 +4750,18 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3276 +#: sssd.conf.5.xml:3279 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "<quote>proxy</quote> — трансльована зміна пароля у іншій системі PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3280 +#: sssd.conf.5.xml:3283 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "<quote>none</quote> — явно вимкнути можливість зміни пароля." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3283 +#: sssd.conf.5.xml:3286 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." @@ -4758,19 +4770,19 @@ msgstr "" "цього параметра і якщо система здатна обробляти запити щодо паролів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3290 +#: sssd.conf.5.xml:3293 msgid "sudo_provider (string)" msgstr "sudo_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3293 +#: sssd.conf.5.xml:3296 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" "Служба SUDO, яку використано для цього домену. Серед підтримуваних служб " "SUDO:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3297 +#: sssd.conf.5.xml:3300 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -4782,7 +4794,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3305 +#: sssd.conf.5.xml:3308 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." @@ -4791,7 +4803,7 @@ msgstr "" "параметрами IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3309 +#: sssd.conf.5.xml:3312 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." @@ -4800,20 +4812,20 @@ msgstr "" "параметрами AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3313 +#: sssd.conf.5.xml:3316 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "<quote>none</quote> явним чином вимикає SUDO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3316 sssd.conf.5.xml:3402 sssd.conf.5.xml:3467 -#: sssd.conf.5.xml:3492 sssd.conf.5.xml:3528 +#: sssd.conf.5.xml:3319 sssd.conf.5.xml:3405 sssd.conf.5.xml:3470 +#: sssd.conf.5.xml:3495 sssd.conf.5.xml:3531 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" "Типове значення: використовується значення <quote>id_provider</quote>, якщо " "його встановлено." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3320 +#: sssd.conf.5.xml:3323 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -4832,7 +4844,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3335 +#: sssd.conf.5.xml:3338 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -4846,12 +4858,12 @@ msgstr "" "sudo у SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3345 +#: sssd.conf.5.xml:3348 msgid "selinux_provider (string)" msgstr "selinux_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3348 +#: sssd.conf.5.xml:3351 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -4862,7 +4874,7 @@ msgstr "" "доступу. Передбачено підтримку таких засобів надання даних SELinux:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3354 +#: sssd.conf.5.xml:3357 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -4874,14 +4886,14 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3362 +#: sssd.conf.5.xml:3365 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" "<quote>none</quote> явним чином забороняє отримання даних щодо параметрів " "SELinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3365 +#: sssd.conf.5.xml:3368 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." @@ -4890,12 +4902,12 @@ msgstr "" "спосіб встановлено і можлива обробка запитів щодо завантаження SELinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3371 +#: sssd.conf.5.xml:3374 msgid "subdomains_provider (string)" msgstr "subdomains_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3374 +#: sssd.conf.5.xml:3377 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" @@ -4905,7 +4917,7 @@ msgstr "" "підтримку таких засобів надання даних піддоменів:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3380 +#: sssd.conf.5.xml:3383 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -4917,7 +4929,7 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3389 +#: sssd.conf.5.xml:3392 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -4930,17 +4942,17 @@ msgstr "" "налаштовування засобу надання даних AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3398 +#: sssd.conf.5.xml:3401 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "<quote>none</quote> забороняє ячним чином отримання даних піддоменів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3408 +#: sssd.conf.5.xml:3411 msgid "session_provider (string)" msgstr "session_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3411 +#: sssd.conf.5.xml:3414 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -4952,14 +4964,14 @@ msgstr "" "постачальники даних сеансів:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3418 +#: sssd.conf.5.xml:3421 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" "<quote>ipa</quote>, щоб дозволити пов'язані із сеансами користувачів " "завдання." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3422 +#: sssd.conf.5.xml:3425 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" @@ -4967,7 +4979,7 @@ msgstr "" "користувачів завдань." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3426 +#: sssd.conf.5.xml:3429 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." @@ -4976,12 +4988,12 @@ msgstr "" "його встановлено і дозволено виконувати пов'язані із сеансами завдання." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3433 +#: sssd.conf.5.xml:3436 msgid "autofs_provider (string)" msgstr "autofs_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3436 +#: sssd.conf.5.xml:3439 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" @@ -4989,7 +5001,7 @@ msgstr "" "autofs:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3440 +#: sssd.conf.5.xml:3443 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -5001,7 +5013,7 @@ msgstr "" "citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3447 +#: sssd.conf.5.xml:3450 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -5013,7 +5025,7 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3455 +#: sssd.conf.5.xml:3458 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -5025,17 +5037,17 @@ msgstr "" "надання даних AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3464 +#: sssd.conf.5.xml:3467 msgid "<quote>none</quote> disables autofs explicitly." msgstr "<quote>none</quote> вимикає autofs повністю." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3474 +#: sssd.conf.5.xml:3477 msgid "hostid_provider (string)" msgstr "hostid_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3477 +#: sssd.conf.5.xml:3480 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" @@ -5044,7 +5056,7 @@ msgstr "" "вузла. Серед підтримуваних засобів надання hostid:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3481 +#: sssd.conf.5.xml:3484 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -5056,17 +5068,17 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3492 msgid "<quote>none</quote> disables hostid explicitly." msgstr "<quote>none</quote> вимикає hostid повністю." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3499 +#: sssd.conf.5.xml:3502 msgid "resolver_provider (string)" msgstr "resolver_provider (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3502 +#: sssd.conf.5.xml:3505 msgid "" "The provider which should handle hosts and networks lookups. Supported " "resolver providers are:" @@ -5075,7 +5087,7 @@ msgstr "" "підтримку таких надавачів даних для визначення:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3506 +#: sssd.conf.5.xml:3509 msgid "" "<quote>proxy</quote> to forward lookups to another NSS library. See " "<quote>proxy_resolver_lib_name</quote>" @@ -5084,7 +5096,7 @@ msgstr "" "Див. <quote>proxy_resolver_lib_name</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3510 +#: sssd.conf.5.xml:3513 msgid "" "<quote>ldap</quote> to fetch hosts and networks stored in LDAP. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -5096,7 +5108,7 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3517 +#: sssd.conf.5.xml:3520 msgid "" "<quote>ad</quote> to fetch hosts and networks stored in AD. See " "<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" @@ -5109,13 +5121,13 @@ msgstr "" "налаштовування засобу надання даних AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3525 +#: sssd.conf.5.xml:3528 msgid "<quote>none</quote> disallows fetching hosts and networks explicitly." msgstr "" "<quote>none</quote> забороняє ячним чином отримання даних вузлів і мереж." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3538 +#: sssd.conf.5.xml:3541 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -5129,7 +5141,7 @@ msgstr "" "IPA та доменів Active Directory, простій назві (NetBIOS) домену." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3547 +#: sssd.conf.5.xml:3550 msgid "" "Default: <quote>^((?P<name>.+)@(?P<domain>[^@]*)|(?P<name>" "[^@]+))$</quote> which allows two different styles for user names:" @@ -5138,17 +5150,17 @@ msgstr "" "name>[^@]+))$</quote>, що дозволяє два різних стилі імен користувачів:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3552 sssd.conf.5.xml:3566 +#: sssd.conf.5.xml:3555 sssd.conf.5.xml:3569 msgid "username" msgstr "користувач" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3555 sssd.conf.5.xml:3569 +#: sssd.conf.5.xml:3558 sssd.conf.5.xml:3572 msgid "username@domain.name" msgstr "користувач@назва.домену" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3560 +#: sssd.conf.5.xml:3563 msgid "" "Default for the AD and IPA provider: <quote>^(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+))|((?P<name>.+)@(?P<domain>[^@]+))|((?P<" @@ -5161,12 +5173,12 @@ msgstr "" "стилі запису імен користувачів:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3572 +#: sssd.conf.5.xml:3575 msgid "domain\\username" msgstr "домен\\користувач" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3575 +#: sssd.conf.5.xml:3578 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." @@ -5175,7 +5187,7 @@ msgstr "" "того, щоб полегшити інтеграцію користувачів з доменів Windows." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3580 +#: sssd.conf.5.xml:3583 msgid "" "The default re_expression uses the <quote>@</quote> character as a separator " "between the name and the domain. As a result of this setting the default " @@ -5190,17 +5202,17 @@ msgstr "" "ім'я з <quote>@</quote>, йому слід скорити власний re_expression." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3632 +#: sssd.conf.5.xml:3635 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "Типове значення: <quote>%1$s@%2$s</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3638 +#: sssd.conf.5.xml:3641 msgid "lookup_family_order (string)" msgstr "lookup_family_order (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3641 +#: sssd.conf.5.xml:3644 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." @@ -5209,48 +5221,48 @@ msgstr "" "під час виконання пошуків у DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3645 +#: sssd.conf.5.xml:3648 msgid "Supported values:" msgstr "Передбачено підтримку таких значень:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3648 +#: sssd.conf.5.xml:3651 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" "ipv4_first: спробувати визначити адресу у форматі IPv4, у разі невдачі " "спробувати формат IPv6" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3651 +#: sssd.conf.5.xml:3654 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" "ipv4_only: намагатися визначити назви вузлів лише у форматі адрес IPv4." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3654 +#: sssd.conf.5.xml:3657 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" "ipv6_first: спробувати визначити адресу у форматі IPv6, у разі невдачі " "спробувати формат IPv4" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3657 +#: sssd.conf.5.xml:3660 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" "ipv6_only: намагатися визначити назви вузлів лише у форматі адрес IPv6." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3660 +#: sssd.conf.5.xml:3663 msgid "Default: ipv4_first" msgstr "Типове значення: ipv4_first" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3666 +#: sssd.conf.5.xml:3669 msgid "dns_resolver_server_timeout (integer)" msgstr "dns_resolver_server_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3669 +#: sssd.conf.5.xml:3672 msgid "" "Defines the amount of time (in milliseconds) SSSD would try to talk to DNS " "server before trying next DNS server." @@ -5259,7 +5271,7 @@ msgstr "" "обмінятися даними із сервером DNS, перш ніж пробувати наступний сервер DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3674 +#: sssd.conf.5.xml:3677 msgid "" "The AD provider will use this option for the CLDAP ping timeouts as well." msgstr "" @@ -5267,7 +5279,7 @@ msgstr "" "очікування на відгук на луна-імпульс CLDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3678 sssd.conf.5.xml:3698 sssd.conf.5.xml:3719 +#: sssd.conf.5.xml:3681 sssd.conf.5.xml:3701 sssd.conf.5.xml:3722 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." @@ -5276,17 +5288,17 @@ msgstr "" "більше про розв'язування питань, пов'язаних із службами." #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3683 sssd-ldap.5.xml:645 include/failover.xml:84 +#: sssd.conf.5.xml:3686 sssd-ldap.5.xml:656 include/failover.xml:84 msgid "Default: 1000" msgstr "Типове значення: 1000" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3689 +#: sssd.conf.5.xml:3692 msgid "dns_resolver_op_timeout (integer)" msgstr "dns_resolver_op_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3692 +#: sssd.conf.5.xml:3695 msgid "" "Defines the amount of time (in seconds) to wait to resolve single DNS query " "(e.g. resolution of a hostname or an SRV record) before trying the next " @@ -5298,17 +5310,17 @@ msgstr "" "наступного DNS." #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3703 include/failover.xml:100 +#: sssd.conf.5.xml:3706 include/failover.xml:100 msgid "Default: 3" msgstr "Типове значення: 3" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3709 +#: sssd.conf.5.xml:3712 msgid "dns_resolver_timeout (integer)" msgstr "dns_resolver_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3712 +#: sssd.conf.5.xml:3715 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -5321,12 +5333,12 @@ msgstr "" "роботу у автономному режимі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3730 +#: sssd.conf.5.xml:3733 msgid "dns_resolver_use_search_list (bool)" msgstr "dns_resolver_use_search_list (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3733 +#: sssd.conf.5.xml:3736 msgid "" "Normally, the DNS resolver searches the domain list defined in the " "\"search\" directive from the resolv.conf file. This can lead to delays in " @@ -5337,7 +5349,7 @@ msgstr "" "затримок у середовищах, де DNS не налаштовано належним чином." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3739 +#: sssd.conf.5.xml:3742 msgid "" "If fully qualified domain names (or _srv_) are used in the SSSD " "configuration, setting this option to FALSE can prevent unnecessary DNS " @@ -5348,17 +5360,17 @@ msgstr "" "пошукам DNS у таких середовищах." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3745 +#: sssd.conf.5.xml:3748 msgid "Default: TRUE" msgstr "Типове значення: TRUE" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3751 +#: sssd.conf.5.xml:3754 msgid "dns_discovery_domain (string)" msgstr "dns_discovery_domain (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3754 +#: sssd.conf.5.xml:3757 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." @@ -5367,18 +5379,18 @@ msgstr "" "частину запиту визначення служб DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3758 +#: sssd.conf.5.xml:3761 msgid "Default: Use the domain part of machine's hostname" msgstr "" "Типова поведінка: використовувати назву домену з назви вузла комп’ютера." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3764 +#: sssd.conf.5.xml:3767 msgid "failover_primary_timeout (integer)" msgstr "failover_primary_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3767 +#: sssd.conf.5.xml:3770 msgid "" "When no primary server is available, SSSD fails over to a backup server. " "This option defines the number of seconds SSSD waits before attempting to " @@ -5389,58 +5401,58 @@ msgstr "" "встановити з'єднання із основним сервером." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3774 +#: sssd.conf.5.xml:3777 msgid "Note: The minimum value is 31." msgstr "Зауваження: мінімальним значенням є 31." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3777 +#: sssd.conf.5.xml:3780 msgid "Default: 31" msgstr "Типове значення: 31" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3783 +#: sssd.conf.5.xml:3786 msgid "override_gid (integer)" msgstr "override_gid (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3786 +#: sssd.conf.5.xml:3789 msgid "Override the primary GID value with the one specified." msgstr "Замірити значення основного GID на вказане." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3792 +#: sssd.conf.5.xml:3795 msgid "case_sensitive (string)" msgstr "case_sensitive (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3799 +#: sssd.conf.5.xml:3802 msgid "True" msgstr "True" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3802 +#: sssd.conf.5.xml:3805 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" "Враховується регістр. Це значення є некоректним для засобу надання даних AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3808 +#: sssd.conf.5.xml:3811 msgid "False" msgstr "False" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3810 +#: sssd.conf.5.xml:3813 msgid "Case insensitive." msgstr "Без врахування регістру." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3814 +#: sssd.conf.5.xml:3817 msgid "Preserving" msgstr "Preserving" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3817 +#: sssd.conf.5.xml:3820 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -5452,7 +5464,7 @@ msgstr "" "буде переведено у нижній регістр." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3825 +#: sssd.conf.5.xml:3828 msgid "" "If you want to set this value for trusted domain with IPA provider, you need " "to set it on both the client and SSSD on the server." @@ -5461,7 +5473,7 @@ msgstr "" "даних IPA, вам доведеться встановити його на боці клієнта і SSSD на сервері." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3795 +#: sssd.conf.5.xml:3798 msgid "" "Treat user and group names as case sensitive. Possible option values are: " "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -5470,17 +5482,17 @@ msgstr "" "значення: <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3840 +#: sssd.conf.5.xml:3843 msgid "Default: True (False for AD provider)" msgstr "Типове значення: True (False для засобу надання даних AD)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3846 +#: sssd.conf.5.xml:3849 msgid "subdomain_inherit (string)" msgstr "subdomain_inherit (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3849 +#: sssd.conf.5.xml:3852 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -5492,47 +5504,47 @@ msgstr "" "параметрів:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3855 +#: sssd.conf.5.xml:3858 msgid "ldap_search_timeout" msgstr "ldap_search_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3858 +#: sssd.conf.5.xml:3861 msgid "ldap_network_timeout" msgstr "ldap_network_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3861 +#: sssd.conf.5.xml:3864 msgid "ldap_opt_timeout" msgstr "ldap_opt_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3864 +#: sssd.conf.5.xml:3867 msgid "ldap_offline_timeout" msgstr "ldap_offline_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3867 +#: sssd.conf.5.xml:3870 msgid "ldap_enumeration_refresh_timeout" msgstr "ldap_enumeration_refresh_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3870 +#: sssd.conf.5.xml:3873 msgid "ldap_enumeration_refresh_offset" msgstr "ldap_enumeration_refresh_offset" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3873 +#: sssd.conf.5.xml:3876 msgid "ldap_purge_cache_timeout" msgstr "ldap_purge_cache_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3876 +#: sssd.conf.5.xml:3879 msgid "ldap_purge_cache_offset" msgstr "ldap_purge_cache_offset" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3879 +#: sssd.conf.5.xml:3882 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" @@ -5541,57 +5553,57 @@ msgstr "" "ldap_krb5_keytab не встановлено явним чином)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3883 +#: sssd.conf.5.xml:3886 msgid "ldap_krb5_ticket_lifetime" msgstr "ldap_krb5_ticket_lifetime" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3886 +#: sssd.conf.5.xml:3889 msgid "ldap_enumeration_search_timeout" msgstr "ldap_enumeration_search_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3889 +#: sssd.conf.5.xml:3892 msgid "ldap_connection_expire_timeout" msgstr "ldap_connection_expire_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3892 +#: sssd.conf.5.xml:3895 msgid "ldap_connection_expire_offset" msgstr "ldap_connection_expire_offset" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3895 +#: sssd.conf.5.xml:3898 msgid "ldap_connection_idle_timeout" msgstr "ldap_connection_idle_timeout" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3898 sssd-ldap.5.xml:401 +#: sssd.conf.5.xml:3901 sssd-ldap.5.xml:412 msgid "ldap_use_tokengroups" msgstr "ldap_use_tokengroups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3901 +#: sssd.conf.5.xml:3904 msgid "ldap_user_principal" msgstr "ldap_user_principal" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3904 +#: sssd.conf.5.xml:3907 msgid "ignore_group_members" msgstr "ignore_group_members" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3907 +#: sssd.conf.5.xml:3910 msgid "auto_private_groups" msgstr "auto_private_groups" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3910 +#: sssd.conf.5.xml:3913 msgid "case_sensitive" msgstr "case_sensitive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3915 +#: sssd.conf.5.xml:3918 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -5601,28 +5613,28 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3922 +#: sssd.conf.5.xml:3925 msgid "Note: This option only works with the IPA and AD provider." msgstr "" "Зауваження: цей параметр працює лише для засобів надання даних IPA і AD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3929 +#: sssd.conf.5.xml:3932 msgid "subdomain_homedir (string)" msgstr "subdomain_homedir (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3940 +#: sssd.conf.5.xml:3943 msgid "%F" msgstr "%F" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3941 +#: sssd.conf.5.xml:3944 msgid "flat (NetBIOS) name of a subdomain." msgstr "спрощена (NetBIOS) назва піддомену." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3932 +#: sssd.conf.5.xml:3935 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -5637,7 +5649,7 @@ msgstr "" "emphasis>. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3946 +#: sssd.conf.5.xml:3949 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" @@ -5645,17 +5657,17 @@ msgstr "" "emphasis>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3950 +#: sssd.conf.5.xml:3953 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "Типове значення: <filename>/home/%d/%u</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3955 +#: sssd.conf.5.xml:3958 msgid "realmd_tags (string)" msgstr "realmd_tags (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3958 +#: sssd.conf.5.xml:3961 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" @@ -5663,12 +5675,12 @@ msgstr "" "домену." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3964 +#: sssd.conf.5.xml:3967 msgid "cached_auth_timeout (int)" msgstr "cached_auth_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3967 +#: sssd.conf.5.xml:3970 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -5682,7 +5694,7 @@ msgstr "" "розпізнавання." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3975 +#: sssd.conf.5.xml:3978 msgid "" "This option's value is inherited by all trusted domains. At the moment it is " "not possible to set a different value per trusted domain." @@ -5692,12 +5704,12 @@ msgstr "" "значення для різних довірених доменів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3980 +#: sssd.conf.5.xml:3983 msgid "Special value 0 implies that this feature is disabled." msgstr "Спеціальне значення 0 означає, що цю можливість вимкнено." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3984 +#: sssd.conf.5.xml:3987 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -5708,12 +5720,12 @@ msgstr "" "обробки <quote>initgroups</quote>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3995 +#: sssd.conf.5.xml:3998 msgid "local_auth_policy (string)" msgstr "local_auth_policy (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3998 +#: sssd.conf.5.xml:4001 msgid "" "Local authentication methods policy. Some backends (i.e. LDAP, proxy " "provider) only support a password based authentication, while others can " @@ -5733,7 +5745,7 @@ msgstr "" "методи, обробка і перевірка у яких відбуватиметься локально." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4010 +#: sssd.conf.5.xml:4013 msgid "" "There are three possible values for this option: match, only, enable. " "<quote>match</quote> is used to match offline and online states for Kerberos " @@ -5753,7 +5765,7 @@ msgstr "" "<quote>enable:passkey, enable:smartcard</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4023 +#: sssd.conf.5.xml:4026 msgid "" "The following table shows which authentication methods, if configured " "properly, are currently enabled or disabled for each backend, with the " @@ -5764,42 +5776,42 @@ msgstr "" "при типовому значенні local_auth_policy: <quote>match</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4036 +#: sssd.conf.5.xml:4039 msgid "local_auth_policy = match (default)" msgstr "local_auth_policy = match (типове значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4037 +#: sssd.conf.5.xml:4040 msgid "Passkey" msgstr "Ключ" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4038 +#: sssd.conf.5.xml:4041 msgid "Smartcard" msgstr "Картка пам'яті" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4041 sssd-ldap.5.xml:189 +#: sssd.conf.5.xml:4044 sssd-ldap.5.xml:189 msgid "IPA" msgstr "IPA" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4044 sssd-ldap.5.xml:194 +#: sssd.conf.5.xml:4047 sssd-ldap.5.xml:194 msgid "AD" msgstr "AD" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para> -#: sssd.conf.5.xml:4044 sssd.conf.5.xml:4047 sssd.conf.5.xml:4048 +#: sssd.conf.5.xml:4047 sssd.conf.5.xml:4050 sssd.conf.5.xml:4051 msgid "disabled" msgstr "вимкнено" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry> -#: sssd.conf.5.xml:4047 +#: sssd.conf.5.xml:4050 msgid "LDAP" msgstr "LDAP" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4052 +#: sssd.conf.5.xml:4055 msgid "" "Please note that if local Smartcard authentication is enabled and a " "Smartcard is present, Smartcard authentication will be preferred over the " @@ -5813,7 +5825,7 @@ msgstr "" "наприклад, запиту щодо пароля." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4064 +#: sssd.conf.5.xml:4067 #, no-wrap msgid "" "[domain/shadowutils]\n" @@ -5829,7 +5841,7 @@ msgstr "" "local_auth_policy = only\n" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4060 +#: sssd.conf.5.xml:4063 msgid "" "The following configuration example allows local users to authenticate " "locally using any enabled method (i.e. smartcard, passkey). <placeholder " @@ -5840,7 +5852,7 @@ msgstr "" "smartcard, passkey). <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4072 +#: sssd.conf.5.xml:4075 msgid "" "It is expected that the <quote>files</quote> provider ignores the " "local_auth_policy option and supports Smartcard authentication by default." @@ -5849,22 +5861,22 @@ msgstr "" "local_auth_policy і підтримує типово розпізнавання за карткою пам'яті." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4077 +#: sssd.conf.5.xml:4080 msgid "Default: match" msgstr "Типове значення: match" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4082 +#: sssd.conf.5.xml:4085 msgid "auto_private_groups (string)" msgstr "auto_private_groups (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4088 +#: sssd.conf.5.xml:4091 msgid "true" msgstr "true" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4091 +#: sssd.conf.5.xml:4094 msgid "" "Create user's private group unconditionally from user's UID number. The GID " "number is ignored in this case." @@ -5873,7 +5885,7 @@ msgstr "" "користувача. У цьому випадку номер GID буде проігноровано." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4095 +#: sssd.conf.5.xml:4098 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -5886,12 +5898,12 @@ msgstr "" "примусово встановлює унікальність записів у просторі ідентифікаторів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4104 +#: sssd.conf.5.xml:4107 msgid "false" msgstr "false" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4107 +#: sssd.conf.5.xml:4110 msgid "" "Always use the user's primary GID number. The GID number must refer to a " "group object in the LDAP database." @@ -5900,12 +5912,12 @@ msgstr "" "вказувати на об'єкт групи у базі даних LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4113 +#: sssd.conf.5.xml:4116 msgid "hybrid" msgstr "hybrid" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4116 +#: sssd.conf.5.xml:4119 msgid "" "A primary group is autogenerated for user entries whose UID and GID numbers " "have the same value and at the same time the GID number does not correspond " @@ -5920,7 +5932,7 @@ msgstr "" "цього користувача визначатиме цей об'єкт групи." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4129 +#: sssd.conf.5.xml:4132 msgid "" "If the UID and GID of a user are different, then the GID must correspond to " "a group entry, otherwise the GID is simply not resolvable." @@ -5929,7 +5941,7 @@ msgstr "" "групи, інакше надійне визначення GID буде просто неможливим." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4136 +#: sssd.conf.5.xml:4139 msgid "" "This feature is useful for environments that wish to stop maintaining a " "separate group objects for the user private groups, but also wish to retain " @@ -5940,7 +5952,7 @@ msgstr "" "збереженням наявних приватних груп для користувачів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4085 +#: sssd.conf.5.xml:4088 msgid "" "This option takes any of three available values: <placeholder " "type=\"variablelist\" id=\"0\"/>" @@ -5949,7 +5961,7 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4148 +#: sssd.conf.5.xml:4151 msgid "" "For subdomains, the default value is False for subdomains that use assigned " "POSIX IDs and True for subdomains that use automatic ID-mapping." @@ -5959,7 +5971,7 @@ msgstr "" "використовується автоматична прив'язка до ідентифікаторів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4156 +#: sssd.conf.5.xml:4159 #, no-wrap msgid "" "[domain/forest.domain/sub.domain]\n" @@ -5969,7 +5981,7 @@ msgstr "" "auto_private_groups = false\n" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4162 +#: sssd.conf.5.xml:4165 #, no-wrap msgid "" "[domain/forest.domain]\n" @@ -5981,7 +5993,7 @@ msgstr "" "auto_private_groups = false\n" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4153 +#: sssd.conf.5.xml:4156 msgid "" "The value of auto_private_groups can either be set per subdomains in a " "subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " @@ -5995,7 +6007,7 @@ msgstr "" "subdomain_inherit: <placeholder type=\"programlisting\" id=\"1\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2552 +#: sssd.conf.5.xml:2555 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -6006,17 +6018,17 @@ msgstr "" "quote> <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4177 +#: sssd.conf.5.xml:4180 msgid "proxy_pam_target (string)" msgstr "proxy_pam_target (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4180 +#: sssd.conf.5.xml:4183 msgid "The proxy target PAM proxies to." msgstr "Комп’ютер, для якого виконує проксі-сервер PAM." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4183 +#: sssd.conf.5.xml:4186 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here. As an alternative you can " @@ -6028,12 +6040,12 @@ msgstr "" "local_auth_policy." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4193 +#: sssd.conf.5.xml:4196 msgid "proxy_lib_name (string)" msgstr "proxy_lib_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4196 +#: sssd.conf.5.xml:4199 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -6044,12 +6056,12 @@ msgstr "" "наприклад _nss_files_getpwent." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4206 +#: sssd.conf.5.xml:4209 msgid "proxy_resolver_lib_name (string)" msgstr "proxy_resolver_lib_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4209 +#: sssd.conf.5.xml:4212 msgid "" "The name of the NSS library to use for hosts and networks lookups in proxy " "domains. The NSS functions searched for in the library are in the form of " @@ -6060,12 +6072,12 @@ msgstr "" "_nss_$(назва_бібліотеки)_$(функція), наприклад _nss_dns_gethostbyname2_r." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4220 +#: sssd.conf.5.xml:4223 msgid "proxy_fast_alias (boolean)" msgstr "proxy_fast_alias (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4223 +#: sssd.conf.5.xml:4226 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -6080,12 +6092,12 @@ msgstr "" "у кеші, щоб пришвидшити надання результатів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4237 +#: sssd.conf.5.xml:4240 msgid "proxy_max_children (integer)" msgstr "proxy_max_children (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4240 +#: sssd.conf.5.xml:4243 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -6097,7 +6109,7 @@ msgstr "" "використання черги запитів." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4173 +#: sssd.conf.5.xml:4176 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" " "id=\"0\"/>" @@ -6106,12 +6118,12 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:4256 +#: sssd.conf.5.xml:4259 msgid "Application domains" msgstr "Домени програм (application)" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4258 +#: sssd.conf.5.xml:4261 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -6139,7 +6151,7 @@ msgstr "" "який може успадковувати параметр з традиційного домену SSSD." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4278 +#: sssd.conf.5.xml:4281 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -6150,17 +6162,17 @@ msgstr "" "його доменом-близнюком у POSIX має бути встановлено належним чином." #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:4284 +#: sssd.conf.5.xml:4287 msgid "Application domain parameters" msgstr "Параметри доменів програм" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4286 +#: sssd.conf.5.xml:4289 msgid "inherit_from (string)" msgstr "inherit_from (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4289 +#: sssd.conf.5.xml:4292 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -6172,7 +6184,7 @@ msgstr "" "розширюють або перевизначають параметри домену-<quote>близнюка</quote>." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4303 +#: sssd.conf.5.xml:4306 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -6187,7 +6199,7 @@ msgstr "" "у кеші і робить атрибут phone доступним через інтерфейс D-Bus." #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:4311 +#: sssd.conf.5.xml:4314 #, no-wrap msgid "" "[sssd]\n" @@ -6221,12 +6233,12 @@ msgstr "" "ldap_user_extra_attrs = phone:telephoneNumber\n" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4331 +#: sssd.conf.5.xml:4334 msgid "TRUSTED DOMAIN SECTION" msgstr "РОЗДІЛ ДОВІРЕНИХ ДОМЕНІВ" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4333 +#: sssd.conf.5.xml:4336 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -6244,57 +6256,57 @@ msgstr "" "такі параметри:" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4340 +#: sssd.conf.5.xml:4343 msgid "ldap_search_base," msgstr "ldap_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4341 +#: sssd.conf.5.xml:4344 msgid "ldap_user_search_base," msgstr "ldap_user_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4342 +#: sssd.conf.5.xml:4345 msgid "ldap_group_search_base," msgstr "ldap_group_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4343 +#: sssd.conf.5.xml:4346 msgid "ldap_netgroup_search_base," msgstr "ldap_netgroup_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4344 +#: sssd.conf.5.xml:4347 msgid "ldap_service_search_base," msgstr "ldap_service_search_base," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4345 +#: sssd.conf.5.xml:4348 msgid "ldap_sasl_mech," msgstr "ldap_sasl_mech," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4346 +#: sssd.conf.5.xml:4349 msgid "ad_server," msgstr "ad_server," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4347 +#: sssd.conf.5.xml:4350 msgid "ad_backup_server," msgstr "ad_backup_server," #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4348 +#: sssd.conf.5.xml:4351 msgid "ad_site," msgstr "ad_site," #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4349 sssd-ipa.5.xml:884 +#: sssd.conf.5.xml:4352 sssd-ipa.5.xml:948 msgid "use_fully_qualified_names" msgstr "use_fully_qualified_names" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4353 +#: sssd.conf.5.xml:4356 msgid "" "For more details about these options see their individual description in the " "manual page." @@ -6303,12 +6315,12 @@ msgstr "" "підручника." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4359 +#: sssd.conf.5.xml:4362 msgid "CERTIFICATE MAPPING SECTION" msgstr "РОЗДІЛ ПРИВ'ЯЗКИ СЕРТИФІКАТІВ" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4361 +#: sssd.conf.5.xml:4364 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -6331,7 +6343,7 @@ msgstr "" "використовують для розпізнавання PAM." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4375 +#: sssd.conf.5.xml:4378 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -6343,7 +6355,7 @@ msgstr "" "citerefentry>)." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4384 +#: sssd.conf.5.xml:4387 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -6356,12 +6368,12 @@ msgstr "" "replaceable>]</quote>. У цьому розділі можна використовувати такі параметри:" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4391 +#: sssd.conf.5.xml:4394 msgid "matchrule (string)" msgstr "matchrule (рядок)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4394 +#: sssd.conf.5.xml:4397 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." @@ -6370,7 +6382,7 @@ msgstr "" "цьому правилу. Усі інші сертифікати буде проігноровано." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4398 +#: sssd.conf.5.xml:4401 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" @@ -6380,17 +6392,17 @@ msgstr "" "<quote>clientAuth</quote>" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4405 +#: sssd.conf.5.xml:4408 msgid "maprule (string)" msgstr "maprule (рядок)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4408 +#: sssd.conf.5.xml:4411 msgid "Defines how the user is found for a given certificate." msgstr "Визначає спосіб пошуку користувача для вказаного сертифіката." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4414 +#: sssd.conf.5.xml:4417 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." @@ -6399,21 +6411,20 @@ msgstr "" "даних, зокрема <quote>ldap</quote>, <quote>AD</quote> та <quote>ipa</quote>." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4420 +#: sssd.conf.5.xml:4423 msgid "" -"The RULE_NAME for the <quote>files</quote> provider which tries to find a " -"user with the same name." +"If maprule is not set and provider is <quote>proxy</quote><phrase " +"condition=\"with_files_provider\">  or <quote>files</quote></phrase>, " +"the RULE_NAME name is assumed to be the name of the matching user." msgstr "" -"RULE_NAME для надавача даних <quote>files</quote>, який намагається знайти " -"запис користувача і такою самою назвою." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4429 +#: sssd.conf.5.xml:4434 msgid "domains (string)" msgstr "domains (рядок)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4432 +#: sssd.conf.5.xml:4437 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -6426,17 +6437,17 @@ msgstr "" "параметр можна використати і для додавання правила до піддоменів." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4439 +#: sssd.conf.5.xml:4444 msgid "Default: the configured domain in sssd.conf" msgstr "Типове значення: домен, який налаштовано у sssd.conf" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4444 +#: sssd.conf.5.xml:4449 msgid "priority (integer)" msgstr "priority (ціле число)" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4447 +#: sssd.conf.5.xml:4452 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -6447,12 +6458,12 @@ msgstr "" "пріоритетність, а <quote>4294967295</quote> — найнижча." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4453 +#: sssd.conf.5.xml:4458 msgid "Default: the lowest priority" msgstr "Типове значення: найнижча пріоритетність" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4459 +#: sssd.conf.5.xml:4464 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" @@ -6462,7 +6473,7 @@ msgstr "" "спеціальних властивостей:" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4465 +#: sssd.conf.5.xml:4470 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" @@ -6471,7 +6482,7 @@ msgstr "" "відповідного облікового запису користувача" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4471 +#: sssd.conf.5.xml:4476 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -6484,17 +6495,17 @@ msgstr "" "quote> або <quote>({назва_об'єкта_rfc822.коротка_назва})</quote>" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4480 +#: sssd.conf.5.xml:4485 msgid "the <quote>domains</quote> option is ignored" msgstr "параметр <quote>domains</quote> буде проігноровано" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4488 +#: sssd.conf.5.xml:4493 msgid "PROMPTING CONFIGURATION SECTION" msgstr "РОЗДІЛ НАЛАШТОВУВАННЯ ЗАПИТІВ" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4490 +#: sssd.conf.5.xml:4495 msgid "" "If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" "filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " @@ -6510,7 +6521,7 @@ msgstr "" "реєстраційних даних." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4498 +#: sssd.conf.5.xml:4503 msgid "" "With the growing number of authentication methods and the possibility that " "there are multiple ones for a single user the heuristic used by pam_sss to " @@ -6524,22 +6535,22 @@ msgstr "" "випадках мають забезпечити описані нижче параметри." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4510 +#: sssd.conf.5.xml:4515 msgid "[prompting/password]" msgstr "[prompting/password]" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4513 +#: sssd.conf.5.xml:4518 msgid "password_prompt" msgstr "password_prompt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4514 +#: sssd.conf.5.xml:4519 msgid "to change the string of the password prompt" msgstr "для зміни рядка запиту пароля" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4512 +#: sssd.conf.5.xml:4517 msgid "" "to configure password prompting, allowed options are: <placeholder " "type=\"variablelist\" id=\"0\"/>" @@ -6548,37 +6559,37 @@ msgstr "" "type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4522 +#: sssd.conf.5.xml:4527 msgid "[prompting/2fa]" msgstr "[prompting/2fa]" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4526 +#: sssd.conf.5.xml:4531 msgid "first_prompt" msgstr "first_prompt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4527 +#: sssd.conf.5.xml:4532 msgid "to change the string of the prompt for the first factor" msgstr "для зміни рядка запиту для першого фактора" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4530 +#: sssd.conf.5.xml:4535 msgid "second_prompt" msgstr "second_prompt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4531 +#: sssd.conf.5.xml:4536 msgid "to change the string of the prompt for the second factor" msgstr "для зміни рядка запиту для другого фактора" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4534 +#: sssd.conf.5.xml:4539 msgid "single_prompt" msgstr "single_prompt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4535 +#: sssd.conf.5.xml:4540 msgid "" "boolean value, if True there will be only a single prompt using the value of " "first_prompt where it is expected that both factors are entered as a single " @@ -6591,7 +6602,7 @@ msgstr "" "якщо другий фактор не є обов'язковим." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4524 +#: sssd.conf.5.xml:4529 msgid "" "to configure two-factor authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/> If the second factor is " @@ -6604,7 +6615,7 @@ msgstr "" "паролем, або за двома факторами, має бути використано двокроковий запит." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4548 +#: sssd.conf.5.xml:4553 msgid "" "Some clients, such as SSH with 'PasswordAuthentication yes', generate their " "own prompts and do not use prompts provided by SSSD or other PAM modules. " @@ -6615,17 +6626,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4563 +#: sssd.conf.5.xml:4568 msgid "[prompting/passkey]" msgstr "[prompting/passkey]" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4569 sssd-ad.5.xml:1022 +#: sssd.conf.5.xml:4574 sssd-ad.5.xml:1022 msgid "interactive" msgstr "interactive" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4571 +#: sssd.conf.5.xml:4576 msgid "" "boolean value, if True prompt a message and wait before testing the presence " "of a passkey device. Recommended if your device doesn’t have a tactile " @@ -6636,22 +6647,22 @@ msgstr "" "тактильного перемикача." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4579 +#: sssd.conf.5.xml:4584 msgid "interactive_prompt" msgstr "interactive_prompt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4581 +#: sssd.conf.5.xml:4586 msgid "to change the message of the interactive prompt." msgstr "для зміни повідомлення інтерактивного запиту." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4586 +#: sssd.conf.5.xml:4591 msgid "touch" msgstr "touch" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4588 +#: sssd.conf.5.xml:4593 msgid "" "boolean value, if True prompt a message to remind the user to touch the " "device." @@ -6660,17 +6671,17 @@ msgstr "" "користувачеві щодо потреби торкнутися пристрою." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4594 +#: sssd.conf.5.xml:4599 msgid "touch_prompt" msgstr "touch_prompt" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4596 +#: sssd.conf.5.xml:4601 msgid "to change the message of the touch prompt." msgstr "для зміни повідомлення запиту щодо торкання." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4565 +#: sssd.conf.5.xml:4570 msgid "" "to configure passkey authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/>" @@ -6679,7 +6690,7 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4505 +#: sssd.conf.5.xml:4510 msgid "" "Each supported authentication method has its own configuration subsection " "under <quote>[prompting/...]</quote>. Currently there are: <placeholder " @@ -6692,7 +6703,7 @@ msgstr "" "type=\"variablelist\" id=\"1\"/><placeholder type=\"variablelist\" id=\"2\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4607 +#: sssd.conf.5.xml:4612 msgid "" "It is possible to add a subsection for specific PAM services, e.g. " "<quote>[prompting/password/sshd]</quote> to individual change the prompting " @@ -6703,12 +6714,12 @@ msgstr "" "для цієї служби." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4614 pam_sss_gss.8.xml:157 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:4619 pam_sss_gss.8.xml:157 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "ПРИКЛАДИ" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4620 +#: sssd.conf.5.xml:4625 #, no-wrap msgid "" "[sssd]\n" @@ -6760,7 +6771,7 @@ msgstr "" "enumerate = False\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4616 +#: sssd.conf.5.xml:4621 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -6773,7 +6784,7 @@ msgstr "" "type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4652 +#: sssd.conf.5.xml:4657 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -6783,7 +6794,7 @@ msgstr "" "use_fully_qualified_names = false\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4646 +#: sssd.conf.5.xml:4651 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -6800,7 +6811,7 @@ msgstr "" "type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4663 +#: sssd.conf.5.xml:4668 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -6816,7 +6827,7 @@ msgstr "" "priority = 10\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4657 +#: sssd.conf.5.xml:4662 msgid "" "3. The following example shows the configuration of a certificate mapping " "rule. It is valid for the configured domain <quote>my.domain</quote> and " @@ -7152,8 +7163,17 @@ msgid "ldap_modify - Direct modification of userPassword (not recommended)." msgstr "" "ldap_modify — безпосереднє внесення змін до userPassword (не рекомендуємо)." +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:239 +msgid "" +"exop_force - Try Password Modify Extended Operation (RFC 3062) even if there " +"are no grace logins left. Depending on the type and configuration of the " +"LDAP server the password change might fail because an authenticated bind is " +"not possible." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:240 +#: sssd-ldap.5.xml:251 msgid "" "Note: First, a new connection is established to verify current password by " "binding as the user that requested password change. If successful, this " @@ -7167,54 +7187,54 @@ msgstr "" "запису атрибута userPassword." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:248 +#: sssd-ldap.5.xml:259 msgid "Default: exop" msgstr "Типове значення: exop" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:265 msgid "ldap_default_bind_dn (string)" msgstr "ldap_default_bind_dn (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:268 msgid "The default bind DN to use for performing LDAP operations." msgstr "" "Типова назва домену прив’язки, яку слід використовувати для виконання дій " "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:264 +#: sssd-ldap.5.xml:275 msgid "ldap_default_authtok_type (string)" msgstr "ldap_default_authtok_type (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:267 +#: sssd-ldap.5.xml:278 msgid "The type of the authentication token of the default bind DN." msgstr "Тип розпізнавання для типової назви сервера прив’язки." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:271 +#: sssd-ldap.5.xml:282 msgid "The two mechanisms currently supported are:" msgstr "У поточній версії передбачено підтримку двох механізмів:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:274 +#: sssd-ldap.5.xml:285 msgid "password" msgstr "password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:288 msgid "obfuscated_password" msgstr "obfuscated_password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:291 msgid "Default: password" msgstr "Типове значення: password" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:283 +#: sssd-ldap.5.xml:294 msgid "" "See the <citerefentry> <refentrytitle>sss_obfuscate</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> manual page for more information." @@ -7224,22 +7244,22 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:294 +#: sssd-ldap.5.xml:305 msgid "ldap_default_authtok (string)" msgstr "ldap_default_authtok (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 +#: sssd-ldap.5.xml:308 msgid "The authentication token of the default bind DN." msgstr "Лексема розпізнавання типової назви сервера прив’язки." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:314 msgid "ldap_force_upper_case_realm (boolean)" msgstr "ldap_force_upper_case_realm (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:317 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -7253,12 +7273,12 @@ msgstr "" "області у верхньому регістрі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:319 +#: sssd-ldap.5.xml:330 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "ldap_enumeration_refresh_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:322 +#: sssd-ldap.5.xml:333 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." @@ -7267,12 +7287,12 @@ msgstr "" "свого кешу нумерованих записів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:349 msgid "ldap_purge_cache_timeout (integer)" msgstr "ldap_purge_cache_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:341 +#: sssd-ldap.5.xml:352 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -7283,7 +7303,7 @@ msgstr "" "цих записів з метою економії місця." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:358 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -7297,12 +7317,12 @@ msgstr "" "кожні 3 години." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:367 +#: sssd-ldap.5.xml:378 msgid "ldap_group_nesting_level (integer)" msgstr "ldap_group_nesting_level (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:370 +#: sssd-ldap.5.xml:381 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -7314,7 +7334,7 @@ msgstr "" "параметра буде проігноровано, якщо використано схему RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:377 +#: sssd-ldap.5.xml:388 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -7330,7 +7350,7 @@ msgstr "" "початкового пошуку, якщо запити щодо пошуку надходять повторно." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:397 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -7346,12 +7366,12 @@ msgstr "" "обмеження вкладеності у групах." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:395 +#: sssd-ldap.5.xml:406 msgid "Default: 2" msgstr "Типове значення: 2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 +#: sssd-ldap.5.xml:415 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." @@ -7361,24 +7381,24 @@ msgstr "" "Directory Server 2008 та новіших версій." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:414 +#: sssd-ldap.5.xml:425 msgid "Default: True for AD and IPA otherwise False." msgstr "Типове значення: True для AD і IPA, інакше False." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:420 +#: sssd-ldap.5.xml:431 msgid "ldap_host_search_base (string)" msgstr "ldap_host_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:423 +#: sssd-ldap.5.xml:434 msgid "Optional. Use the given string as search base for host objects." msgstr "" "Необов’язковий. Використати вказаний рядок як основу пошуку об’єктів вузлів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:427 sssd-ipa.5.xml:462 sssd-ipa.5.xml:481 sssd-ipa.5.xml:500 -#: sssd-ipa.5.xml:519 +#: sssd-ldap.5.xml:438 sssd-ipa.5.xml:526 sssd-ipa.5.xml:545 sssd-ipa.5.xml:564 +#: sssd-ipa.5.xml:583 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " "multiple search bases." @@ -7387,32 +7407,32 @@ msgstr "" "налаштування декількох основ пошуку." #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:432 sssd-ipa.5.xml:467 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:443 sssd-ipa.5.xml:531 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "Типове значення: значення <emphasis>ldap_search_base</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:450 msgid "ldap_service_search_base (string)" msgstr "ldap_service_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:444 +#: sssd-ldap.5.xml:455 msgid "ldap_iphost_search_base (string)" msgstr "ldap_iphost_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:449 +#: sssd-ldap.5.xml:460 msgid "ldap_ipnetwork_search_base (string)" msgstr "ldap_ipnetwork_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:465 msgid "ldap_search_timeout (integer)" msgstr "ldap_search_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:468 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -7423,7 +7443,7 @@ msgstr "" "автономного режиму роботи)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:463 +#: sssd-ldap.5.xml:474 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -7434,12 +7454,12 @@ msgstr "" "окремих типів пошуків." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:480 +#: sssd-ldap.5.xml:491 msgid "ldap_enumeration_search_timeout (integer)" msgstr "ldap_enumeration_search_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:483 +#: sssd-ldap.5.xml:494 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -7450,12 +7470,12 @@ msgstr "" "кешованих даних (і переходом до автономного режиму роботи)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:501 +#: sssd-ldap.5.xml:512 msgid "ldap_network_timeout (integer)" msgstr "ldap_network_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:504 +#: sssd-ldap.5.xml:515 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -7472,12 +7492,12 @@ msgstr "" "citerefentry> повертається до стану бездіяльності." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:532 +#: sssd-ldap.5.xml:543 msgid "ldap_opt_timeout (integer)" msgstr "ldap_opt_timeout (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:546 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -7491,12 +7511,12 @@ msgstr "" "розширеної операції зі зміни пароля та дії StartTLS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:566 msgid "ldap_connection_expire_timeout (integer)" msgstr "ldap_connection_expire_timeout (ціле значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:569 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -7510,7 +7530,7 @@ msgstr "" "дії TGT)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:577 msgid "" "If the connection is idle (not actively running an operation) within " "<emphasis>ldap_opt_timeout</emphasis> seconds of expiration, then it will be " @@ -7528,7 +7548,7 @@ msgstr "" "<emphasis>ldap_connection_expire_timeout <= ldap_opt_timout</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:578 +#: sssd-ldap.5.xml:589 msgid "" "This timeout can be extended of a random value specified by " "<emphasis>ldap_connection_expire_offset</emphasis>" @@ -7537,17 +7557,17 @@ msgstr "" "параметром <emphasis>ldap_connection_expire_offset</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:588 sssd-ldap.5.xml:631 sssd-ldap.5.xml:1749 +#: sssd-ldap.5.xml:599 sssd-ldap.5.xml:642 sssd-ldap.5.xml:1760 msgid "Default: 900 (15 minutes)" msgstr "Типове значення: 900 (15 хвилин)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:594 +#: sssd-ldap.5.xml:605 msgid "ldap_connection_expire_offset (integer)" msgstr "ldap_connection_expire_offset (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:597 +#: sssd-ldap.5.xml:608 msgid "" "Random offset between 0 and configured value is added to " "<emphasis>ldap_connection_expire_timeout</emphasis>." @@ -7556,12 +7576,12 @@ msgstr "" "<emphasis>ldap_connection_expire_timeout</emphasis>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:624 msgid "ldap_connection_idle_timeout (integer)" msgstr "ldap_connection_idle_timeout (ціле значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 +#: sssd-ldap.5.xml:627 msgid "" "Specifies a timeout (in seconds) that an idle connection to an LDAP server " "will be maintained. If the connection is idle for more than this time then " @@ -7572,17 +7592,17 @@ msgstr "" "бездіяльним понад цей час, з'єднання буде розірвано." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:622 +#: sssd-ldap.5.xml:633 msgid "You can disable this timeout by setting the value to 0." msgstr "Ви можете вимкнути цей час очікування, встановивши значення 0." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:648 msgid "ldap_page_size (integer)" msgstr "ldap_page_size (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:651 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." @@ -7592,12 +7612,12 @@ msgstr "" "один запит." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:662 msgid "ldap_disable_paging (boolean)" msgstr "ldap_disable_paging (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:654 +#: sssd-ldap.5.xml:665 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -7608,7 +7628,7 @@ msgstr "" "RootDSE, але цю підтримку не увімкнено або вона не працює належним чином." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:660 +#: sssd-ldap.5.xml:671 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." @@ -7618,7 +7638,7 @@ msgstr "" "підтримкою не можна скористатися." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:666 +#: sssd-ldap.5.xml:677 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -7629,17 +7649,17 @@ msgstr "" "це може призвести до відмови у виконанні запитів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:678 +#: sssd-ldap.5.xml:689 msgid "ldap_disable_range_retrieval (boolean)" msgstr "ldap_disable_range_retrieval (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:681 +#: sssd-ldap.5.xml:692 msgid "Disable Active Directory range retrieval." msgstr "Вимкнути отримання діапазону Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:684 +#: sssd-ldap.5.xml:695 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -7655,12 +7675,12 @@ msgstr "" "буде представлено як такі, у яких немає учасників." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:699 +#: sssd-ldap.5.xml:710 msgid "ldap_sasl_minssf (integer)" msgstr "ldap_sasl_minssf (ціле значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 +#: sssd-ldap.5.xml:713 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -7671,19 +7691,19 @@ msgstr "" "параметра визначається OpenLDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:708 sssd-ldap.5.xml:724 +#: sssd-ldap.5.xml:719 sssd-ldap.5.xml:735 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" "Типове значення: типове для системи значення (зазвичай, визначається у ldap." "conf)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:715 +#: sssd-ldap.5.xml:726 msgid "ldap_sasl_maxssf (integer)" msgstr "ldap_sasl_maxssf (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:718 +#: sssd-ldap.5.xml:729 msgid "" "When communicating with an LDAP server using SASL, specify the maximal " "security level necessary to establish the connection. The values of this " @@ -7694,12 +7714,12 @@ msgstr "" "цього параметра визначається OpenLDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:742 msgid "ldap_deref_threshold (integer)" msgstr "ldap_deref_threshold (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:734 +#: sssd-ldap.5.xml:745 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -7711,7 +7731,7 @@ msgstr "" "виконуватиметься окремо." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:740 +#: sssd-ldap.5.xml:751 msgid "" "You can turn off dereference lookups completely by setting the value to 0. " "Please note that there are some codepaths in SSSD, like the IPA HBAC " @@ -7729,7 +7749,7 @@ msgstr "" "rootDSE." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:751 +#: sssd-ldap.5.xml:762 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -7742,7 +7762,7 @@ msgstr "" "OpenLDAP та Active Directory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 +#: sssd-ldap.5.xml:770 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -7753,12 +7773,12 @@ msgstr "" "незалежно від використання цього параметра." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:783 msgid "ldap_ignore_unreadable_references (bool)" msgstr "ldap_ignore_unreadable_references (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 +#: sssd-ldap.5.xml:786 msgid "" "Ignore unreadable LDAP entries referenced in group's member attribute. If " "this parameter is set to false an error will be returned and the operation " @@ -7770,7 +7790,7 @@ msgstr "" "простого ігнорування непридатного до читання запису." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:782 +#: sssd-ldap.5.xml:793 msgid "" "This parameter may be useful when using the AD provider and the computer " "account that sssd uses to connect to AD does not have access to a particular " @@ -7782,12 +7802,12 @@ msgstr "" "міркувань безпеки." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:795 +#: sssd-ldap.5.xml:806 msgid "ldap_tls_reqcert (string)" msgstr "ldap_tls_reqcert (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:798 +#: sssd-ldap.5.xml:809 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" @@ -7797,7 +7817,7 @@ msgstr "" "таких значень:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 +#: sssd-ldap.5.xml:815 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." @@ -7806,7 +7826,7 @@ msgstr "" "жодних сертифікатів сервера." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:808 +#: sssd-ldap.5.xml:819 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -7818,7 +7838,7 @@ msgstr "" "режимі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:826 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -7829,7 +7849,7 @@ msgstr "" "надано помилковий сертифікат, негайно перервати сеанс." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:821 +#: sssd-ldap.5.xml:832 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -7840,22 +7860,22 @@ msgstr "" "перервати сеанс." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:838 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "<emphasis>hard</emphasis> = те саме, що і <quote>demand</quote>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:831 +#: sssd-ldap.5.xml:842 msgid "Default: hard" msgstr "Типове значення: hard" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:837 +#: sssd-ldap.5.xml:848 msgid "ldap_tls_cacert (string)" msgstr "ldap_tls_cacert (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:840 +#: sssd-ldap.5.xml:851 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." @@ -7864,7 +7884,7 @@ msgstr "" "розпізнаються <command>sssd</command>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 sssd-ldap.5.xml:864 sssd-ldap.5.xml:905 +#: sssd-ldap.5.xml:856 sssd-ldap.5.xml:875 sssd-ldap.5.xml:916 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" @@ -7873,12 +7893,12 @@ msgstr "" "у <filename>/etc/openldap/ldap.conf</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:852 +#: sssd-ldap.5.xml:863 msgid "ldap_tls_cacertdir (string)" msgstr "ldap_tls_cacertdir (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:866 #, fuzzy #| msgid "" #| "Specifies the path of a directory that contains Certificate Authority " @@ -7899,32 +7919,32 @@ msgstr "" "<command>cacertdir_rehash</command>, якщо ця програма є доступною." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:871 +#: sssd-ldap.5.xml:882 msgid "ldap_tls_cert (string)" msgstr "ldap_tls_cert (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:885 msgid "Specifies the file that contains the certificate for the client's key." msgstr "Визначає файл, який містить сертифікат для ключа клієнта." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 +#: sssd-ldap.5.xml:895 msgid "ldap_tls_key (string)" msgstr "ldap_tls_key (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:898 msgid "Specifies the file that contains the client's key." msgstr "Визначає файл, у якому міститься ключ клієнта." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:907 msgid "ldap_tls_cipher_suite (string)" msgstr "ldap_tls_cipher_suite (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:910 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -7936,12 +7956,12 @@ msgstr "" "<manvolnum>5</manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 +#: sssd-ldap.5.xml:923 msgid "ldap_id_use_start_tls (boolean)" msgstr "ldap_id_use_start_tls (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:926 msgid "" "Specifies that the id_provider connection must also use <systemitem " "class=\"protocol\">tls</systemitem> to protect the channel. <emphasis>true</" @@ -7952,12 +7972,12 @@ msgstr "" "наполегливо рекомендуємо значення <emphasis>true</emphasis> ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:937 msgid "ldap_id_mapping (boolean)" msgstr "ldap_id_mapping (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:940 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -7969,19 +7989,19 @@ msgstr "" "ldap_group_gid_number." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:946 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" "У поточній версії у цій можливості передбачено підтримку лише встановлення " "відповідності objectSID у ActiveDirectory." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:945 +#: sssd-ldap.5.xml:956 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "ldap_min_id, ldap_max_id (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:959 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -8001,18 +8021,18 @@ msgstr "" "ідентифікаторів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:960 +#: sssd-ldap.5.xml:971 msgid "Default: not set (both options are set to 0)" msgstr "" "Типове значення: не встановлено (обидва параметри встановлено у значення 0)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:966 +#: sssd-ldap.5.xml:977 msgid "ldap_sasl_mech (string)" msgstr "ldap_sasl_mech (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:969 +#: sssd-ldap.5.xml:980 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " "tested and supported." @@ -8021,7 +8041,7 @@ msgstr "" "перевірено і передбачено підтримку лише механізмів GSSAPI та GSS-SPNEGO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 +#: sssd-ldap.5.xml:984 msgid "" "If the backend supports sub-domains the value of ldap_sasl_mech is " "automatically inherited to the sub-domains. If a different value is needed " @@ -8039,12 +8059,12 @@ msgstr "" "manvolnum></citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:989 +#: sssd-ldap.5.xml:1000 msgid "ldap_sasl_authid (string)" msgstr "ldap_sasl_authid (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1001 +#: sssd-ldap.5.xml:1012 #, no-wrap msgid "" "hostname@REALM\n" @@ -8064,7 +8084,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:992 +#: sssd-ldap.5.xml:1003 msgid "" "Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " "this represents the Kerberos principal used for authentication to the " @@ -8085,17 +8105,17 @@ msgstr "" "таблиці ключів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1012 +#: sssd-ldap.5.xml:1023 msgid "Default: host/hostname@REALM" msgstr "Типове значення: вузол/назва_вузла@ОБЛАСТЬ" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1018 +#: sssd-ldap.5.xml:1029 msgid "ldap_sasl_realm (string)" msgstr "ldap_sasl_realm (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1032 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -8107,17 +8127,17 @@ msgstr "" "проігноровано." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1038 msgid "Default: the value of krb5_realm." msgstr "Типове значення: значення krb5_realm." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 +#: sssd-ldap.5.xml:1044 msgid "ldap_sasl_canonicalize (boolean)" msgstr "ldap_sasl_canonicalize (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 +#: sssd-ldap.5.xml:1047 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." @@ -8127,36 +8147,36 @@ msgstr "" "SASL." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1041 +#: sssd-ldap.5.xml:1052 msgid "Default: false;" msgstr "Типове значення: false;" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1047 +#: sssd-ldap.5.xml:1058 msgid "ldap_krb5_keytab (string)" msgstr "ldap_krb5_keytab (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1050 +#: sssd-ldap.5.xml:1061 msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" "Визначає таблицю ключів, яку слід використовувати разом з SASL/GSSAPI/GSS-" "SPNEGO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 sssd-krb5.5.xml:247 +#: sssd-ldap.5.xml:1070 sssd-krb5.5.xml:247 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" "Типове значення: системна таблиця ключів, зазвичай <filename>/etc/krb5." "keytab</filename>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 +#: sssd-ldap.5.xml:1076 msgid "ldap_krb5_init_creds (boolean)" msgstr "ldap_krb5_init_creds (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 +#: sssd-ldap.5.xml:1079 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -8167,12 +8187,12 @@ msgstr "" "механізм GSSAPI або GSS-SPNEGO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1080 +#: sssd-ldap.5.xml:1091 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "ldap_krb5_ticket_lifetime (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1094 msgid "" "Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" @@ -8180,17 +8200,17 @@ msgstr "" "SPNEGO." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1092 sssd-ad.5.xml:1253 +#: sssd-ldap.5.xml:1103 sssd-ad.5.xml:1256 msgid "Default: 86400 (24 hours)" msgstr "Типове значення: 86400 (24 години)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1098 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1109 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "krb5_server, krb5_backup_server (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1101 +#: sssd-ldap.5.xml:1112 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -8209,7 +8229,7 @@ msgstr "" "про виявлення служб можна дізнатися з розділу «ПОШУК СЛУЖБ»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1113 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1124 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -8221,7 +8241,7 @@ msgstr "" "вдасться знайти." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1118 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1129 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -8232,30 +8252,30 @@ msgstr "" "варто перейти на використання «krb5_server» у файлах налаштувань." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1127 sssd-ipa.5.xml:531 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1138 sssd-ipa.5.xml:595 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "krb5_realm (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1130 +#: sssd-ldap.5.xml:1141 msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" "Вказати область Kerberos (для розпізнавання за SASL/GSSAPI/GSS-SPNEGO)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1134 +#: sssd-ldap.5.xml:1145 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" "Типове значення: типове значення системи, див. <filename>/etc/krb5.conf</" "filename>" #. type: Content of: <variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1140 include/krb5_options.xml:154 +#: sssd-ldap.5.xml:1151 include/krb5_options.xml:154 msgid "krb5_canonicalize (boolean)" msgstr "krb5_canonicalize (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1143 +#: sssd-ldap.5.xml:1154 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" @@ -8265,12 +8285,12 @@ msgstr "" "версії MIT Kerberos >= 1.7" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1155 sssd-krb5.5.xml:336 +#: sssd-ldap.5.xml:1166 sssd-krb5.5.xml:336 msgid "krb5_use_kdcinfo (boolean)" msgstr "krb5_use_kdcinfo (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1158 sssd-krb5.5.xml:339 +#: sssd-ldap.5.xml:1169 sssd-krb5.5.xml:339 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -8285,7 +8305,7 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 sssd-krb5.5.xml:350 +#: sssd-ldap.5.xml:1180 sssd-krb5.5.xml:350 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -8296,12 +8316,12 @@ msgstr "" "manvolnum> </citerefentry>, щоб дізнатися більше про додаток пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1183 +#: sssd-ldap.5.xml:1194 msgid "ldap_pwd_policy (string)" msgstr "ldap_pwd_policy (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1186 +#: sssd-ldap.5.xml:1197 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" @@ -8310,7 +8330,7 @@ msgstr "" "використовувати такі значення:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1202 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." @@ -8319,7 +8339,7 @@ msgstr "" "разі використання цього варіанта перевірку на боці сервера вимкнено не буде." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1196 +#: sssd-ldap.5.xml:1207 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -8331,7 +8351,7 @@ msgstr "" "manvolnum></citerefentry> для визначення того, чи чинним є пароль." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1204 +#: sssd-ldap.5.xml:1215 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -8342,7 +8362,7 @@ msgstr "" "скористайтеся chpass_provider=krb5 для оновлення цих атрибутів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1213 +#: sssd-ldap.5.xml:1224 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." @@ -8352,18 +8372,18 @@ msgstr "" "встановленими за допомогою цього параметра." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1232 msgid "ldap_referrals (boolean)" msgstr "ldap_referrals (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1235 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" "Визначає, чи має бути увімкнено автоматичне визначення напрямків пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 +#: sssd-ldap.5.xml:1239 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." @@ -8372,7 +8392,7 @@ msgstr "" "з версією OpenLDAP 2.4.13 або новішою версією." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1233 +#: sssd-ldap.5.xml:1244 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -8394,28 +8414,28 @@ msgstr "" "дані виявляться недоступними." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1263 msgid "ldap_dns_service_name (string)" msgstr "ldap_dns_service_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1255 +#: sssd-ldap.5.xml:1266 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" "Визначає назву служби, яку буде використано у разі вмикання визначення служб." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1259 +#: sssd-ldap.5.xml:1270 msgid "Default: ldap" msgstr "Типове значення: ldap" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1265 +#: sssd-ldap.5.xml:1276 msgid "ldap_chpass_dns_service_name (string)" msgstr "ldap_chpass_dns_service_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1279 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." @@ -8424,17 +8444,17 @@ msgstr "" "уможливлює зміну паролів, у разі вмикання визначення служб." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 +#: sssd-ldap.5.xml:1284 msgid "Default: not set, i.e. service discovery is disabled" msgstr "Типове значення: не встановлено, тобто пошук служб вимкнено" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1290 msgid "ldap_chpass_update_last_change (bool)" msgstr "ldap_chpass_update_last_change (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 +#: sssd-ldap.5.xml:1293 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." @@ -8443,7 +8463,7 @@ msgstr "" "щодо кількості днів з часу виконання дії зі зміни пароля." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1288 +#: sssd-ldap.5.xml:1299 msgid "" "It is recommend to set this option explicitly if \"ldap_pwd_policy = " "shadow\" is used to let SSSD know if the LDAP server will update " @@ -8456,12 +8476,12 @@ msgstr "" "окремо." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1313 msgid "ldap_access_filter (string)" msgstr "ldap_access_filter (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1305 +#: sssd-ldap.5.xml:1316 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -8490,12 +8510,12 @@ msgstr "" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1336 msgid "Example:" msgstr "Приклад:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1328 +#: sssd-ldap.5.xml:1339 #, no-wrap msgid "" "access_provider = ldap\n" @@ -8507,7 +8527,7 @@ msgstr "" " " #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1332 +#: sssd-ldap.5.xml:1343 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." @@ -8516,7 +8536,7 @@ msgstr "" "employeeType встановлено у значення «admin»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 +#: sssd-ldap.5.xml:1348 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -8530,17 +8550,17 @@ msgstr "" "таких прав не було надано, у автономному режимі їх також не буде надано." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1345 sssd-ldap.5.xml:1401 +#: sssd-ldap.5.xml:1356 sssd-ldap.5.xml:1412 msgid "Default: Empty" msgstr "Типове значення: порожній рядок" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1351 +#: sssd-ldap.5.xml:1362 msgid "ldap_account_expire_policy (string)" msgstr "ldap_account_expire_policy (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1354 +#: sssd-ldap.5.xml:1365 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." @@ -8549,7 +8569,7 @@ msgstr "" "керування доступом на боці клієнта." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1358 +#: sssd-ldap.5.xml:1369 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -8560,12 +8580,12 @@ msgstr "" "з відповідним кодом помилки, навіть якщо вказано правильний пароль." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1365 +#: sssd-ldap.5.xml:1376 msgid "The following values are allowed:" msgstr "Можна використовувати такі значення:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1368 +#: sssd-ldap.5.xml:1379 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." @@ -8574,7 +8594,7 @@ msgstr "" "визначити, чи завершено строк дії облікового запису." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1373 +#: sssd-ldap.5.xml:1384 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -8587,7 +8607,7 @@ msgstr "" "Також буде перевірено, чи не вичерпано строк дії облікового запису." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1380 +#: sssd-ldap.5.xml:1391 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -8598,7 +8618,7 @@ msgstr "" "ldap_ns_account_lock." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1386 +#: sssd-ldap.5.xml:1397 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -8611,7 +8631,7 @@ msgstr "" "атрибутів, надати доступ." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1394 +#: sssd-ldap.5.xml:1405 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -8622,24 +8642,24 @@ msgstr "" "користуватися параметром ldap_account_expire_policy." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1407 +#: sssd-ldap.5.xml:1418 msgid "ldap_access_order (string)" msgstr "ldap_access_order (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1410 sssd-ipa.5.xml:356 +#: sssd-ldap.5.xml:1421 sssd-ipa.5.xml:420 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" "Список відокремлених комами параметрів керування доступом. Можливі значення " "списку:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 +#: sssd-ldap.5.xml:1425 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "<emphasis>filter</emphasis>: використовувати ldap_access_filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1417 +#: sssd-ldap.5.xml:1428 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -8654,7 +8674,7 @@ msgstr "" "для працездатності цієї можливості слід встановити «access_provider = ldap»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1427 +#: sssd-ldap.5.xml:1438 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" @@ -8664,7 +8684,7 @@ msgstr "" "emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1434 +#: sssd-ldap.5.xml:1445 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -8687,13 +8707,13 @@ msgstr "" "параметра слід встановити значення «access_provider = ldap»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1451 +#: sssd-ldap.5.xml:1462 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" "<emphasis>expire</emphasis>: використовувати ldap_account_expire_policy" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 sssd-ipa.5.xml:364 +#: sssd-ldap.5.xml:1466 sssd-ipa.5.xml:428 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -8708,7 +8728,7 @@ msgstr "" "наприклад на ключах SSH." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1465 sssd-ipa.5.xml:374 +#: sssd-ldap.5.xml:1476 sssd-ipa.5.xml:438 msgid "" "The difference between these options is the action taken if user password is " "expired:" @@ -8717,17 +8737,17 @@ msgstr "" "дії пароля буде вичерпано:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1470 sssd-ipa.5.xml:379 +#: sssd-ldap.5.xml:1481 sssd-ipa.5.xml:443 msgid "pwd_expire_policy_reject - user is denied to log in," msgstr "pwd_expire_policy_reject — користувачу заборонено входити," #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1476 sssd-ipa.5.xml:385 +#: sssd-ldap.5.xml:1487 sssd-ipa.5.xml:449 msgid "pwd_expire_policy_warn - user is still able to log in," msgstr "pwd_expire_policy_warn — користувачу можна входити," #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1482 sssd-ipa.5.xml:391 +#: sssd-ldap.5.xml:1493 sssd-ipa.5.xml:455 msgid "" "pwd_expire_policy_renew - user is prompted to change their password " "immediately." @@ -8736,7 +8756,7 @@ msgstr "" "пароль." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1490 +#: sssd-ldap.5.xml:1501 #, fuzzy #| msgid "" #| "Please note that 'access_provider = ldap' must be set for this feature to " @@ -8752,7 +8772,7 @@ msgstr "" "параметра «ldap_pwd_policy» відповідні правила поводження із паролями." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1507 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" @@ -8761,14 +8781,14 @@ msgstr "" "можливості доступу атрибут authorizedService" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1501 +#: sssd-ldap.5.xml:1512 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" "<emphasis>host</emphasis>: за допомогою цього атрибута вузла можна визначити " "права доступу" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1505 +#: sssd-ldap.5.xml:1516 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" @@ -8777,7 +8797,7 @@ msgstr "" "того, чи матиме віддалений вузол доступ" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1520 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" @@ -8787,12 +8807,12 @@ msgstr "" "керування доступом." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1514 +#: sssd-ldap.5.xml:1525 msgid "Default: filter" msgstr "Типове значення: filter" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1528 msgid "" "Please note that it is a configuration error if a value is used more than " "once." @@ -8801,12 +8821,12 @@ msgstr "" "використано декілька разів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1524 +#: sssd-ldap.5.xml:1535 msgid "ldap_pwdlockout_dn (string)" msgstr "ldap_pwdlockout_dn (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 +#: sssd-ldap.5.xml:1538 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -8820,22 +8840,22 @@ msgstr "" "можна буде перевірити належним чином." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:1546 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "Приклад: cn=ppolicy,ou=policies,dc=example,dc=com" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1538 +#: sssd-ldap.5.xml:1549 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "Типове значення: cn=ppolicy,ou=policies,$ldap_search_base" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1555 msgid "ldap_deref (string)" msgstr "ldap_deref (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1558 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" @@ -8844,13 +8864,13 @@ msgstr "" "пошуку. Можливі такі варіанти:" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1563 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" "<emphasis>never</emphasis>: ніколи не виконувати розіменування псевдонімів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1556 +#: sssd-ldap.5.xml:1567 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." @@ -8860,7 +8880,7 @@ msgstr "" "пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1561 +#: sssd-ldap.5.xml:1572 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." @@ -8869,7 +8889,7 @@ msgstr "" "під час визначення місця основного об’єкта пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1566 +#: sssd-ldap.5.xml:1577 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." @@ -8878,7 +8898,7 @@ msgstr "" "час пошуку, так і під час визначення місця основного об’єкта пошуку." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 +#: sssd-ldap.5.xml:1582 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" @@ -8887,12 +8907,12 @@ msgstr "" "сценарієм <emphasis>never</emphasis>)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1579 +#: sssd-ldap.5.xml:1590 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "ldap_rfc2307_fallback_to_local_users (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1593 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." @@ -8901,7 +8921,7 @@ msgstr "" "серверів, у яких використовується схема RFC2307." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1586 +#: sssd-ldap.5.xml:1597 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -8919,7 +8939,7 @@ msgstr "" "користувачів за допомогою виклику getpw*() або initgroups()." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1597 +#: sssd-ldap.5.xml:1608 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -8931,12 +8951,12 @@ msgstr "" "групами LDAP." #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1609 sssd-ifp.5.xml:152 +#: sssd-ldap.5.xml:1620 sssd-ifp.5.xml:152 msgid "wildcard_limit (integer)" msgstr "wildcard_limit (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1612 +#: sssd-ldap.5.xml:1623 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." @@ -8945,24 +8965,24 @@ msgstr "" "пошуку з використанням символів-замінників." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1616 +#: sssd-ldap.5.xml:1627 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" "У поточній версії пошук із використанням символів-замінників передбачено " "лише для відповідача InfoPipe." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1631 msgid "Default: 1000 (often the size of one page)" msgstr "Типове значення: 1000 (часто розмір однієї сторінки)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1626 +#: sssd-ldap.5.xml:1637 msgid "ldap_library_debug_level (integer)" msgstr "ldap_library_debug_level (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1629 +#: sssd-ldap.5.xml:1640 msgid "" "Switches on libldap debugging with the given level. The libldap debug " "messages will be written independent of the general debug_level." @@ -8971,7 +8991,7 @@ msgstr "" "libldap буде записано незалежно від загального debug_level." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1634 +#: sssd-ldap.5.xml:1645 msgid "" "OpenLDAP uses a bitmap to enable debugging for specific components, -1 will " "enable full debug output." @@ -8980,17 +9000,17 @@ msgstr "" "компонентів, -1 увімкне повне виведення діагностичних даних." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1639 +#: sssd-ldap.5.xml:1650 msgid "Default: 0 (libldap debugging disabled)" msgstr "Типове значення: 0 (діагностику libldap вимкнено)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1645 +#: sssd-ldap.5.xml:1656 msgid "ldap_use_ppolicy (boolean)" msgstr "ldap_use_ppolicy (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1659 msgid "" "Turns on requesting and relying on the server-side password policy controls. " "Disabling this allows interacting with services which send back invalid " @@ -9001,14 +9021,14 @@ msgstr "" "надсилають у відповідні некоректне розширення правил." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1671 #, fuzzy #| msgid "ldap_deref_threshold (integer)" msgid "ldap_ppolicy_pwd_change_threshold (integer)" msgstr "ldap_deref_threshold (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1663 +#: sssd-ldap.5.xml:1674 msgid "" "Forces a password change when server side password policy controls are " "enabled and remaining grace logins returned by the server after the " @@ -9039,12 +9059,12 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1683 +#: sssd-ldap.5.xml:1694 msgid "SUDO OPTIONS" msgstr "ПАРАМЕТРИ SUDO" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1685 +#: sssd-ldap.5.xml:1696 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -9055,12 +9075,12 @@ msgstr "" "<manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 +#: sssd-ldap.5.xml:1707 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "ldap_sudo_full_refresh_interval (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 +#: sssd-ldap.5.xml:1710 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." @@ -9070,7 +9090,7 @@ msgstr "" "набір правил, що зберігаються на сервері." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1715 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" @@ -9079,7 +9099,7 @@ msgstr "" "<emphasis>ldap_sudo_smart_refresh_interval </emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1709 +#: sssd-ldap.5.xml:1720 msgid "" "You can disable full refresh by setting this option to 0. However, either " "smart or full refresh must be enabled." @@ -9089,17 +9109,17 @@ msgstr "" "оновлення." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1725 msgid "Default: 21600 (6 hours)" msgstr "Типове значення: 21600 (6 годин)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1720 +#: sssd-ldap.5.xml:1731 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "ldap_sudo_smart_refresh_interval (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1734 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest " @@ -9110,7 +9130,7 @@ msgstr "" "правил, USN яких перевищує найбільше значення сервера USN, яке відоме SSSD." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1740 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." @@ -9119,7 +9139,7 @@ msgstr "" "дані атрибута modifyTimestamp." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1733 +#: sssd-ldap.5.xml:1744 msgid "" "<emphasis>Note:</emphasis> the highest USN value can be updated by three " "tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " @@ -9135,7 +9155,7 @@ msgstr "" "emphasis>)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1744 +#: sssd-ldap.5.xml:1755 msgid "" "You can disable smart refresh by setting this option to 0. However, either " "smart or full refresh must be enabled." @@ -9145,12 +9165,12 @@ msgstr "" "оновлення." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1755 +#: sssd-ldap.5.xml:1766 msgid "ldap_sudo_random_offset (integer)" msgstr "ldap_sudo_random_offset (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1758 +#: sssd-ldap.5.xml:1769 msgid "" "Random offset between 0 and configured value is added to smart and full " "refresh periods each time the periodic task is scheduled. The value is in " @@ -9161,7 +9181,7 @@ msgstr "" "регулярного завдання. Значення у секундах." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 +#: sssd-ldap.5.xml:1775 msgid "" "Note that this random offset is also applied on the first SSSD start which " "delays the first sudo rules refresh. This prolongs the time when the sudo " @@ -9172,17 +9192,17 @@ msgstr "" "час, протягом якого правила sudo є недоступними для використання." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1770 +#: sssd-ldap.5.xml:1781 msgid "You can disable this offset by setting the value to 0." msgstr "Ви можете вимкнути цей зсув, встановивши значення 0." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1780 +#: sssd-ldap.5.xml:1791 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "ldap_sudo_use_host_filter (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1794 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." @@ -9192,12 +9212,12 @@ msgstr "" "назв вузлів)." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1794 +#: sssd-ldap.5.xml:1805 msgid "ldap_sudo_hostnames (string)" msgstr "ldap_sudo_hostnames (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1797 +#: sssd-ldap.5.xml:1808 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." @@ -9206,7 +9226,7 @@ msgstr "" "фільтрування списку правил." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1813 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." @@ -9215,8 +9235,8 @@ msgstr "" "назву вузла та повну назву комп’ютера у домені у автоматичному режимі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1807 sssd-ldap.5.xml:1830 sssd-ldap.5.xml:1848 -#: sssd-ldap.5.xml:1866 +#: sssd-ldap.5.xml:1818 sssd-ldap.5.xml:1841 sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1877 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." @@ -9225,17 +9245,17 @@ msgstr "" "<emphasis>false</emphasis>, цей параметр ні на що не впливатиме." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1812 sssd-ldap.5.xml:1835 +#: sssd-ldap.5.xml:1823 sssd-ldap.5.xml:1846 msgid "Default: not specified" msgstr "Типове значення: не вказано" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1818 +#: sssd-ldap.5.xml:1829 msgid "ldap_sudo_ip (string)" msgstr "ldap_sudo_ip (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1821 +#: sssd-ldap.5.xml:1832 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." @@ -9244,7 +9264,7 @@ msgstr "" "правил." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1826 +#: sssd-ldap.5.xml:1837 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." @@ -9253,12 +9273,12 @@ msgstr "" "адресу у автоматичному режимі." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1841 +#: sssd-ldap.5.xml:1852 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "ldap_sudo_include_netgroups (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1855 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." @@ -9267,12 +9287,12 @@ msgstr "" "мережеву групу (netgroup) у атрибуті sudoHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1870 msgid "ldap_sudo_include_regexp (boolean)" msgstr "ldap_sudo_include_regexp (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1862 +#: sssd-ldap.5.xml:1873 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." @@ -9281,7 +9301,7 @@ msgstr "" "заміни у атрибуті sudoHost." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:1872 +#: sssd-ldap.5.xml:1883 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" @@ -9290,7 +9310,7 @@ msgstr "" "для сервера LDAP!" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1884 +#: sssd-ldap.5.xml:1895 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -9303,12 +9323,12 @@ msgstr "" "refentrytitle><manvolnum>5</manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1894 +#: sssd-ldap.5.xml:1905 msgid "AUTOFS OPTIONS" msgstr "ПАРАМЕТРИ AUTOFS" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1896 +#: sssd-ldap.5.xml:1907 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." @@ -9317,47 +9337,47 @@ msgstr "" "LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1913 msgid "ldap_autofs_map_master_name (string)" msgstr "ldap_autofs_map_master_name (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1905 +#: sssd-ldap.5.xml:1916 msgid "The name of the automount master map in LDAP." msgstr "Назва основної карти автоматичного монтування у LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1919 msgid "Default: auto.master" msgstr "Типове значення: auto.master" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1919 +#: sssd-ldap.5.xml:1930 msgid "ADVANCED OPTIONS" msgstr "ДОДАТКОВІ ПАРАМЕТРИ" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1926 +#: sssd-ldap.5.xml:1937 msgid "ldap_netgroup_search_base (string)" msgstr "ldap_netgroup_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1931 +#: sssd-ldap.5.xml:1942 msgid "ldap_user_search_base (string)" msgstr "ldap_user_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1936 +#: sssd-ldap.5.xml:1947 msgid "ldap_group_search_base (string)" msgstr "ldap_group_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:1941 +#: sssd-ldap.5.xml:1952 msgid "<note>" msgstr "<note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:1943 +#: sssd-ldap.5.xml:1954 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -9370,22 +9390,22 @@ msgstr "" "груп показуються неправильно." #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:1950 +#: sssd-ldap.5.xml:1961 msgid "</note>" msgstr "</note>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:1963 msgid "ldap_sudo_search_base (string)" msgstr "ldap_sudo_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1968 msgid "ldap_autofs_search_base (string)" msgstr "ldap_autofs_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1921 +#: sssd-ldap.5.xml:1932 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -9398,14 +9418,14 @@ msgstr "" "<placeholder type=\"variablelist\" id=\"1\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1972 sssd-simple.5.xml:131 sssd-ipa.5.xml:930 -#: sssd-ad.5.xml:1392 sssd-krb5.5.xml:483 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:1983 sssd-simple.5.xml:131 sssd-ipa.5.xml:994 +#: sssd-ad.5.xml:1459 sssd-krb5.5.xml:483 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:155 sssd-session-recording.5.xml:176 msgid "EXAMPLE" msgstr "ПРИКЛАД" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1974 +#: sssd-ldap.5.xml:1985 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -9416,7 +9436,7 @@ msgstr "" "<replaceable>[domains]</replaceable>." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1980 +#: sssd-ldap.5.xml:1991 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -9436,20 +9456,20 @@ msgstr "" "cache_credentials = true\n" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:1979 sssd-ldap.5.xml:1997 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:938 sssd-ad.5.xml:1400 sssd-sudo.5.xml:56 sssd-krb5.5.xml:492 -#: sssd-files.5.xml:162 sssd-files.5.xml:173 sssd-session-recording.5.xml:182 -#: include/ldap_id_mapping.xml:105 +#: sssd-ldap.5.xml:1990 sssd-ldap.5.xml:2008 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:1002 sssd-ad.5.xml:1467 sssd-sudo.5.xml:56 +#: sssd-krb5.5.xml:492 sssd-files.5.xml:162 sssd-files.5.xml:173 +#: sssd-session-recording.5.xml:182 include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "<placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1991 +#: sssd-ldap.5.xml:2002 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "ПРИКЛАД ФІЛЬТРА ДОСТУПУ LDAP" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1993 +#: sssd-ldap.5.xml:2004 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." @@ -9458,7 +9478,7 @@ msgstr "" "чином і використано ldap_access_order=lockout." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1998 +#: sssd-ldap.5.xml:2009 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -9484,13 +9504,13 @@ msgstr "" "cache_credentials = true\n" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2013 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1415 sssd.8.xml:270 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2024 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1482 sssd.8.xml:270 sss_seed.8.xml:163 msgid "NOTES" msgstr "ЗАУВАЖЕННЯ" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2015 +#: sssd-ldap.5.xml:2026 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -11002,8 +11022,8 @@ msgstr "" "quote> Kerberos MIT. Правило складається з ключового слова між символами " "«<» і «>», яке визначає певну частину сертифіката, і взірцем, який має " "бути знайдено, для встановлення відповідності правила. Декілька пар ключове " -"слово-взірець можна сполучати за допомогою логічних операторів «&" -"&» (та) або «||» (або)." +"слово-взірець можна сполучати за допомогою логічних операторів «&&» " +"(та) або «||» (або)." #. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sss-certmap.5.xml:90 @@ -12320,7 +12340,7 @@ msgstr "" "цього вузла. Назву вузла слід вказувати повністю." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 sssd-ad.5.xml:1182 +#: sssd-ipa.5.xml:129 sssd-ad.5.xml:1185 msgid "dyndns_update (boolean)" msgstr "dyndns_update (булеве значення)" @@ -12340,7 +12360,7 @@ msgstr "" "допомогою параметра «dyndns_iface»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:141 sssd-ad.5.xml:1196 +#: sssd-ipa.5.xml:141 sssd-ad.5.xml:1199 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -12361,12 +12381,12 @@ msgstr "" "назву, <emphasis>dyndns_update</emphasis>, у файлі налаштувань." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:158 sssd-ad.5.xml:1207 +#: sssd-ipa.5.xml:158 sssd-ad.5.xml:1210 msgid "dyndns_ttl (integer)" msgstr "dyndns_ttl (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:161 sssd-ad.5.xml:1210 +#: sssd-ipa.5.xml:161 sssd-ad.5.xml:1213 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -12393,12 +12413,12 @@ msgid "Default: 1200 (seconds)" msgstr "Типове значення: 1200 (секунд)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:178 sssd-ad.5.xml:1221 +#: sssd-ipa.5.xml:178 sssd-ad.5.xml:1224 msgid "dyndns_iface (string)" msgstr "dyndns_iface (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:181 sssd-ad.5.xml:1224 +#: sssd-ipa.5.xml:181 sssd-ad.5.xml:1227 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -12431,17 +12451,17 @@ msgstr "" "для з’єднання LDAP IPA" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:198 sssd-ad.5.xml:1235 +#: sssd-ipa.5.xml:198 sssd-ad.5.xml:1238 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "Приклад: dyndns_iface = em1, vnet1, vnet2" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:204 sssd-ad.5.xml:1291 +#: sssd-ipa.5.xml:204 sssd-ad.5.xml:1294 msgid "dyndns_auth (string)" msgstr "dyndns_auth (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:207 sssd-ad.5.xml:1294 +#: sssd-ipa.5.xml:207 sssd-ad.5.xml:1297 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -12452,17 +12472,17 @@ msgstr "" "можна надсилати встановленням для цього параметра значення «none»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:213 sssd-ad.5.xml:1300 +#: sssd-ipa.5.xml:213 sssd-ad.5.xml:1303 msgid "Default: GSS-TSIG" msgstr "Типове значення: GSS-TSIG" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:219 sssd-ad.5.xml:1306 +#: sssd-ipa.5.xml:219 sssd-ad.5.xml:1309 msgid "dyndns_auth_ptr (string)" msgstr "dyndns_auth_ptr (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:222 sssd-ad.5.xml:1309 +#: sssd-ipa.5.xml:222 sssd-ad.5.xml:1312 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "PTR updates with the DNS server, insecure updates can be sent by setting " @@ -12473,7 +12493,7 @@ msgstr "" "оновлення можна надсилати встановленням для цього параметра значення «none»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:228 sssd-ad.5.xml:1315 +#: sssd-ipa.5.xml:228 sssd-ad.5.xml:1318 msgid "Default: Same as dyndns_auth" msgstr "Типове значення: те саме, що і dyndns_auth" @@ -12508,7 +12528,7 @@ msgstr "" "вважатимуться резервними серверами." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1241 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1244 msgid "dyndns_refresh_interval (integer)" msgstr "dyndns_refresh_interval (ціле число)" @@ -12525,12 +12545,12 @@ msgstr "" "є обов’язкоми, його застосовують, лише якщо dyndns_update має значення true." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:276 sssd-ad.5.xml:1259 +#: sssd-ipa.5.xml:276 sssd-ad.5.xml:1262 msgid "dyndns_update_ptr (bool)" msgstr "dyndns_update_ptr (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 sssd-ad.5.xml:1262 +#: sssd-ipa.5.xml:279 sssd-ad.5.xml:1265 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -12549,7 +12569,7 @@ msgstr "" "переспрямовування." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:290 sssd-ad.5.xml:1267 +#: sssd-ipa.5.xml:290 sssd-ad.5.xml:1270 msgid "" "Note that <emphasis>dyndns_update_per_family</emphasis> parameter does not " "apply for PTR record updates. Those updates are always sent separately." @@ -12564,12 +12584,12 @@ msgid "Default: False (disabled)" msgstr "Типове значення: False (вимкнено)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1278 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1281 msgid "dyndns_force_tcp (bool)" msgstr "dyndns_force_tcp (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:304 sssd-ad.5.xml:1281 +#: sssd-ipa.5.xml:304 sssd-ad.5.xml:1284 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." @@ -12578,17 +12598,17 @@ msgstr "" "даними з сервером DNS." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:308 sssd-ad.5.xml:1285 +#: sssd-ipa.5.xml:308 sssd-ad.5.xml:1288 msgid "Default: False (let nsupdate choose the protocol)" msgstr "Типове значення: False (надати змогу nsupdate вибирати протокол)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:314 sssd-ad.5.xml:1321 +#: sssd-ipa.5.xml:314 sssd-ad.5.xml:1324 msgid "dyndns_server (string)" msgstr "dyndns_server (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1324 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1327 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." @@ -12598,36 +12618,61 @@ msgstr "" "параметра." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 sssd-ad.5.xml:1329 +#: sssd-ipa.5.xml:322 sssd-ad.5.xml:1332 +#, fuzzy +#| msgid "" +#| "Setting this option makes sense for environments where the DNS server is " +#| "different from the identity server." msgid "" "Setting this option makes sense for environments where the DNS server is " -"different from the identity server." +"different from the identity server or when we use encrypted DNS." msgstr "" "Встановлення значення для цього параметра потрібне для середовищ, де сервер " "DNS відрізняється від сервера профілів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:327 sssd-ad.5.xml:1334 +#: sssd-ipa.5.xml:327 sssd-ad.5.xml:1337 +msgid "" +"The parameter can be a simple string containing DNS name or IP address. It " +"can also be an URI. The URI can look like <emphasis>dns://servername/</" +"emphasis> or <emphasis>dns+tls://1.2.3.4:853#servername/</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:334 sssd-ad.5.xml:1344 +msgid "" +"The second example enables DNS-over-TLS protocol for DNS updates. The " +"nsupdate utility must support DoT - check the <emphasis>man nsupdate</" +"emphasis> before enabling it in SSSD." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:340 sssd-ad.5.xml:1350 +#, fuzzy +#| msgid "" +#| "Please note that this option will be only used in fallback attempt when " +#| "previous attempt using autodetected settings failed." msgid "" "Please note that this option will be only used in fallback attempt when " -"previous attempt using autodetected settings failed." +"previous attempt using autodetected settings failed or when DNS-over-TLS is " +"enabled." msgstr "" "Будь ласка, зауважте, що цей параметр буде використано лише для резервних " "спроб, якщо попередні спроби із використанням автовиявлення завершаться " "невдало." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:332 sssd-ad.5.xml:1339 +#: sssd-ipa.5.xml:346 sssd-ad.5.xml:1356 msgid "Default: None (let nsupdate choose the server)" msgstr "Типове значення: немає (надати nsupdate змогу вибирати сервер)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:338 sssd-ad.5.xml:1345 +#: sssd-ipa.5.xml:352 sssd-ad.5.xml:1362 msgid "dyndns_update_per_family (boolean)" msgstr "dyndns_update_per_family (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:341 sssd-ad.5.xml:1348 +#: sssd-ipa.5.xml:355 sssd-ad.5.xml:1365 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -12637,19 +12682,85 @@ msgstr "" "оновлення IPv6. Іноді бажаним є виконання оновлення IPv4 і IPv6 за один крок." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:353 +#: sssd-ipa.5.xml:367 sssd-ad.5.xml:1377 +#, fuzzy +#| msgid "dyndns_iface (string)" +msgid "dyndns_dot_cacert (string)" +msgstr "dyndns_iface (рядок)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:370 sssd-ad.5.xml:1380 +msgid "" +"This option specifies the file of the certificate authorities certificates " +"(in PEM format) in order to verify the remote server TLS certificate when " +"using DoT." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:376 sssd-ad.5.xml:1386 +#, fuzzy +#| msgid "Default: None (let nsupdate choose the server)" +msgid "Default: None (use global certificate store)" +msgstr "Типове значення: немає (надати nsupdate змогу вибирати сервер)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:382 sssd-ad.5.xml:1392 +#, fuzzy +#| msgid "dyndns_iface (string)" +msgid "dyndns_dot_cert (string)" +msgstr "dyndns_iface (рядок)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:385 sssd-ad.5.xml:1395 +msgid "" +"This option sets the certificate(s) file for authentication for the DoT " +"transport to the remote server. The certificate chain file is expected to be " +"in PEM format." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:391 sssd-ad.5.xml:1401 +msgid "" +"The <emphasis>dyndns_dot_cert</emphasis> and <emphasis>dyndns_dot_key</" +"emphasis> options must be both set to achieve mutual TLS authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:396 sssd-ipa.5.xml:411 sssd-ad.5.xml:1406 sssd-ad.5.xml:1421 +#, fuzzy +#| msgid "Default: - (GSSAPI authentication is disabled)" +msgid "Default: None (Do not use TLS authentication)" +msgstr "Типове значення: - (розпізнавання за GSSAPI вимкнено)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:402 sssd-ad.5.xml:1412 +#, fuzzy +#| msgid "dyndns_auth (string)" +msgid "dyndns_dot_key (string)" +msgstr "dyndns_auth (рядок)" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:405 sssd-ad.5.xml:1415 +msgid "" +"This option sets the key file for authenticated encryption for the DoT " +"transport to the remote server. The private key file is expected to be in " +"PEM format." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:417 msgid "ipa_access_order (string)" msgstr "ipa_access_order (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:360 +#: sssd-ipa.5.xml:424 msgid "<emphasis>expire</emphasis>: use IPA's account expiration policy." msgstr "" "<emphasis>expire</emphasis>: використовувати правила строку дії облікового " "запису IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:399 +#: sssd-ipa.5.xml:463 msgid "" "Please note that 'access_provider = ipa' must be set for this feature to " "work." @@ -12658,12 +12769,12 @@ msgstr "" "встановити «access_provider = ipa»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:406 +#: sssd-ipa.5.xml:470 msgid "ipa_deskprofile_search_base (string)" msgstr "ipa_deskprofile_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:409 +#: sssd-ipa.5.xml:473 msgid "" "Optional. Use the given string as search base for Desktop Profile related " "objects." @@ -12672,17 +12783,17 @@ msgstr "" "профілями станції (Desktop Profile) об’єктів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:413 sssd-ipa.5.xml:440 +#: sssd-ipa.5.xml:477 sssd-ipa.5.xml:504 msgid "Default: Use base DN" msgstr "Типове значення: використання базової назви домену" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:419 +#: sssd-ipa.5.xml:483 msgid "ipa_subid_ranges_search_base (string)" msgstr "ipa_subid_ranges_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:422 +#: sssd-ipa.5.xml:486 msgid "" "Optional. Use the given string as search base for subordinate ranges related " "objects." @@ -12691,98 +12802,98 @@ msgstr "" "підлеглими діапазонами об’єктів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:426 +#: sssd-ipa.5.xml:490 msgid "Default: the value of <emphasis>cn=subids,%basedn</emphasis>" msgstr "Типове значення: значення <emphasis>cn=subids,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:433 +#: sssd-ipa.5.xml:497 msgid "ipa_hbac_search_base (string)" msgstr "ipa_hbac_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:436 +#: sssd-ipa.5.xml:500 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" "Необов’язковий. Використати вказаний рядок як основу пошуку пов’язаних з " "HBAC об’єктів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:446 +#: sssd-ipa.5.xml:510 msgid "ipa_host_search_base (string)" msgstr "ipa_host_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:449 +#: sssd-ipa.5.xml:513 msgid "Deprecated. Use ldap_host_search_base instead." msgstr "Застарілий. Скористайтеся замість нього ldap_host_search_base." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:455 +#: sssd-ipa.5.xml:519 msgid "ipa_selinux_search_base (string)" msgstr "ipa_selinux_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:458 +#: sssd-ipa.5.xml:522 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" "Необов’язковий. Використати вказаний рядок як основу пошуку карт " "користувачів SELinux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:474 +#: sssd-ipa.5.xml:538 msgid "ipa_subdomains_search_base (string)" msgstr "ipa_subdomains_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:477 +#: sssd-ipa.5.xml:541 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" "Необов’язковий. Використати вказаний рядок як основу пошуку надійних доменів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 +#: sssd-ipa.5.xml:550 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "Типове значення: значення <emphasis>cn=trusts,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:493 +#: sssd-ipa.5.xml:557 msgid "ipa_master_domain_search_base (string)" msgstr "ipa_master_domain_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:496 +#: sssd-ipa.5.xml:560 msgid "Optional. Use the given string as search base for master domain object." msgstr "" "Необов’язковий. Використати вказаний рядок як основу пошуку основного " "об’єкта домену." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:505 +#: sssd-ipa.5.xml:569 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "" "Типове значення: значення виразу <emphasis>cn=ad,cn=etc,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 +#: sssd-ipa.5.xml:576 msgid "ipa_views_search_base (string)" msgstr "ipa_views_search_base (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 +#: sssd-ipa.5.xml:579 msgid "Optional. Use the given string as search base for views containers." msgstr "" "Необов’язковий. Використати вказаний рядок як основу пошуку контейнерів " "перегляду." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:524 +#: sssd-ipa.5.xml:588 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "" "Типове значення: значення <emphasis>cn=views,cn=accounts,%basedn</emphasis>" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:534 +#: sssd-ipa.5.xml:598 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." @@ -12791,7 +12902,7 @@ msgstr "" "«ipa_domain»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:538 +#: sssd-ipa.5.xml:602 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." @@ -12800,12 +12911,12 @@ msgstr "" "перетворено у основний DN для виконання дій LDAP." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:546 sssd-ad.5.xml:1363 +#: sssd-ipa.5.xml:610 sssd-ad.5.xml:1430 msgid "krb5_confd_path (string)" msgstr "krb5_confd_path (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:549 sssd-ad.5.xml:1366 +#: sssd-ipa.5.xml:613 sssd-ad.5.xml:1433 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." @@ -12814,7 +12925,7 @@ msgstr "" "налаштувань Kerberos." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:553 sssd-ad.5.xml:1370 +#: sssd-ipa.5.xml:617 sssd-ad.5.xml:1437 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." @@ -12823,7 +12934,7 @@ msgstr "" "значення «none»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:557 sssd-ad.5.xml:1374 +#: sssd-ipa.5.xml:621 sssd-ad.5.xml:1441 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" @@ -12831,12 +12942,12 @@ msgstr "" "SSSD)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:564 +#: sssd-ipa.5.xml:628 msgid "ipa_deskprofile_refresh (integer)" msgstr "ipa_deskprofile_refresh (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:567 +#: sssd-ipa.5.xml:631 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server. This will reduce the latency and load on the IPA server if there " @@ -12848,17 +12959,17 @@ msgstr "" "щодо профілів станції." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:574 sssd-ipa.5.xml:604 sssd-ipa.5.xml:620 sssd-ad.5.xml:600 +#: sssd-ipa.5.xml:638 sssd-ipa.5.xml:668 sssd-ipa.5.xml:684 sssd-ad.5.xml:600 msgid "Default: 5 (seconds)" msgstr "Типове значення: 5 (секунд)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:580 +#: sssd-ipa.5.xml:644 msgid "ipa_deskprofile_request_interval (integer)" msgstr "ipa_deskprofile_request_interval (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:583 +#: sssd-ipa.5.xml:647 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server in case the last request did not return any rule." @@ -12867,17 +12978,17 @@ msgstr "" "останнім запитом не повернуто жодного правила." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:588 +#: sssd-ipa.5.xml:652 msgid "Default: 60 (minutes)" msgstr "Типове значення: 60 (хвилин)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:594 +#: sssd-ipa.5.xml:658 msgid "ipa_hbac_refresh (integer)" msgstr "ipa_hbac_refresh (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:597 +#: sssd-ipa.5.xml:661 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -12888,12 +12999,12 @@ msgstr "" "короткого періоду часу надходить багато запитів щодо керування доступом." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:610 +#: sssd-ipa.5.xml:674 msgid "ipa_hbac_selinux (integer)" msgstr "ipa_hbac_selinux (ціле число)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:613 +#: sssd-ipa.5.xml:677 msgid "" "The amount of time between lookups of the SELinux maps against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -12905,12 +13016,12 @@ msgstr "" "користувача до системи." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:626 +#: sssd-ipa.5.xml:690 msgid "ipa_server_mode (boolean)" msgstr "ipa_server_mode (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:629 +#: sssd-ipa.5.xml:693 msgid "" "This option will be set by the IPA installer (ipa-server-install) " "automatically and denotes if SSSD is running on an IPA server or not." @@ -12919,7 +13030,7 @@ msgstr "" "автоматично, він визначає, чи запущено SSSD на сервері IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:634 +#: sssd-ipa.5.xml:698 msgid "" "On an IPA server SSSD will lookup users and groups from trusted domains " "directly while on a client it will ask an IPA server." @@ -12928,7 +13039,7 @@ msgstr "" "безпосередньо, хоча на клієнті SSSD надсилатиме запит на сервер IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:639 +#: sssd-ipa.5.xml:703 msgid "" "NOTE: There are currently some assumptions that must be met when SSSD is " "running on an IPA server." @@ -12937,7 +13048,7 @@ msgstr "" "працює на сервері IPA." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:644 +#: sssd-ipa.5.xml:708 msgid "" "The <quote>ipa_server</quote> option must be configured to point to the IPA " "server itself. This is already the default set by the IPA installer, so no " @@ -12948,7 +13059,7 @@ msgstr "" "зміни вручну є зайвими." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:653 +#: sssd-ipa.5.xml:717 msgid "" "The <quote>full_name_format</quote> option must not be tweaked to only print " "short names for users from trusted domains." @@ -12957,53 +13068,53 @@ msgstr "" "того, щоб лише виводити короткі імена користувачів з довірених доменів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:668 +#: sssd-ipa.5.xml:732 msgid "ipa_automount_location (string)" msgstr "ipa_automount_location (рядок)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:671 +#: sssd-ipa.5.xml:735 msgid "The automounter location this IPA client will be using" msgstr "" "Адреса автоматичного монтування, яку буде використовувати цей клієнт IPA" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:674 +#: sssd-ipa.5.xml:738 msgid "Default: The location named \"default\"" msgstr "Типове значення: адреса з назвою \"default\"" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:682 +#: sssd-ipa.5.xml:746 msgid "VIEWS AND OVERRIDES" msgstr "ПЕРЕГЛЯДИ і ПЕРЕВИЗНАЧЕННЯ" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:691 +#: sssd-ipa.5.xml:755 msgid "ipa_view_class (string)" msgstr "ipa_view_class (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:694 +#: sssd-ipa.5.xml:758 msgid "Objectclass of the view container." msgstr "Клас об’єктів для контейнерів перегляду." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:697 +#: sssd-ipa.5.xml:761 msgid "Default: nsContainer" msgstr "Типове значення: nsContainer" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:703 +#: sssd-ipa.5.xml:767 msgid "ipa_view_name (string)" msgstr "ipa_view_name (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:706 +#: sssd-ipa.5.xml:770 msgid "Name of the attribute holding the name of the view." msgstr "Назва атрибута, у якому зберігається назва перегляду." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:710 sssd-ldap-attributes.5.xml:496 +#: sssd-ipa.5.xml:774 sssd-ldap-attributes.5.xml:496 #: sssd-ldap-attributes.5.xml:832 sssd-ldap-attributes.5.xml:913 #: sssd-ldap-attributes.5.xml:1010 sssd-ldap-attributes.5.xml:1068 #: sssd-ldap-attributes.5.xml:1226 sssd-ldap-attributes.5.xml:1271 @@ -13011,27 +13122,27 @@ msgid "Default: cn" msgstr "Типове значення: cn" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:716 +#: sssd-ipa.5.xml:780 msgid "ipa_override_object_class (string)" msgstr "ipa_override_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:719 +#: sssd-ipa.5.xml:783 msgid "Objectclass of the override objects." msgstr "Клас об’єктів для об’єктів перевизначення" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:722 +#: sssd-ipa.5.xml:786 msgid "Default: ipaOverrideAnchor" msgstr "Типове значення: ipaOverrideAnchor" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:728 +#: sssd-ipa.5.xml:792 msgid "ipa_anchor_uuid (string)" msgstr "ipa_anchor_uuid (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:731 +#: sssd-ipa.5.xml:795 msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." @@ -13040,17 +13151,17 @@ msgstr "" "віддаленому домені." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:735 +#: sssd-ipa.5.xml:799 msgid "Default: ipaAnchorUUID" msgstr "Типове значення: ipaAnchorUUID" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:741 +#: sssd-ipa.5.xml:805 msgid "ipa_user_override_object_class (string)" msgstr "ipa_user_override_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:744 +#: sssd-ipa.5.xml:808 msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." @@ -13060,57 +13171,57 @@ msgstr "" "або групою." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:749 +#: sssd-ipa.5.xml:813 msgid "User overrides can contain attributes given by" msgstr "Перевизначення користувачів можуть містити атрибути, задані" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:752 +#: sssd-ipa.5.xml:816 msgid "ldap_user_name" msgstr "ldap_user_name" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:755 +#: sssd-ipa.5.xml:819 msgid "ldap_user_uid_number" msgstr "ldap_user_uid_number" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:758 +#: sssd-ipa.5.xml:822 msgid "ldap_user_gid_number" msgstr "ldap_user_gid_number" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:761 +#: sssd-ipa.5.xml:825 msgid "ldap_user_gecos" msgstr "ldap_user_gecos" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:764 +#: sssd-ipa.5.xml:828 msgid "ldap_user_home_directory" msgstr "ldap_user_home_directory" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:767 +#: sssd-ipa.5.xml:831 msgid "ldap_user_shell" msgstr "ldap_user_shell" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:770 +#: sssd-ipa.5.xml:834 msgid "ldap_user_ssh_public_key" msgstr "ldap_user_ssh_public_key" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:775 +#: sssd-ipa.5.xml:839 msgid "Default: ipaUserOverride" msgstr "Типове значення: ipaUserOverride" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:781 +#: sssd-ipa.5.xml:845 msgid "ipa_group_override_object_class (string)" msgstr "ipa_group_override_object_class (рядок)" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:784 +#: sssd-ipa.5.xml:848 msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." @@ -13119,27 +13230,27 @@ msgstr "" "того, чи знайдений об’єкт перевизначення пов’язано з користувачем або групою." #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:789 +#: sssd-ipa.5.xml:853 msgid "Group overrides can contain attributes given by" msgstr "Перевизначення груп можуть містити атрибути, задані" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:792 +#: sssd-ipa.5.xml:856 msgid "ldap_group_name" msgstr "ldap_group_name" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:795 +#: sssd-ipa.5.xml:859 msgid "ldap_group_gid_number" msgstr "ldap_group_gid_number" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:800 +#: sssd-ipa.5.xml:864 msgid "Default: ipaGroupOverride" msgstr "Типове значення: ipaGroupOverride" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:684 +#: sssd-ipa.5.xml:748 msgid "" "SSSD can handle views and overrides which are offered by FreeIPA 4.1 and " "later version. Since all paths and objectclasses are fixed on the server " @@ -13154,12 +13265,12 @@ msgstr "" "значеннями. <placeholder type=\"variablelist\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:812 +#: sssd-ipa.5.xml:876 msgid "SUBDOMAINS PROVIDER" msgstr "СЛУЖБА ПІДДОМЕНІВ" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:814 +#: sssd-ipa.5.xml:878 msgid "" "The IPA subdomains provider behaves slightly differently if it is configured " "explicitly or implicitly." @@ -13168,7 +13279,7 @@ msgstr "" "спосіб його налаштовано: явний чи неявний." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:818 +#: sssd-ipa.5.xml:882 msgid "" "If the option 'subdomains_provider = ipa' is found in the domain section of " "sssd.conf, the IPA subdomains provider is configured explicitly, and all " @@ -13180,7 +13291,7 @@ msgstr "" "якщо це потрібно." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:824 +#: sssd-ipa.5.xml:888 msgid "" "If the option 'subdomains_provider' is not set in the domain section of sssd." "conf but there is the option 'id_provider = ipa', the IPA subdomains " @@ -13200,12 +13311,12 @@ msgstr "" "даних піддоменів буде знову увімкнено." #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:835 +#: sssd-ipa.5.xml:899 msgid "TRUSTED DOMAINS CONFIGURATION" msgstr "НАЛАШТОВУВАННЯ ДОВІРЕНИХ ДОМЕНІВ" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:843 +#: sssd-ipa.5.xml:907 #, no-wrap msgid "" "[domain/ipa.domain.com/ad.domain.com]\n" @@ -13215,7 +13326,7 @@ msgstr "" "ad_server = dc.ad.domain.com\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:837 +#: sssd-ipa.5.xml:901 msgid "" "Some configuration options can also be set for a trusted domain. A trusted " "domain configuration can be set using the trusted domain subsection as shown " @@ -13230,7 +13341,7 @@ msgstr "" "батьківському домені. <placeholder type=\"programlisting\" id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:848 +#: sssd-ipa.5.xml:912 msgid "" "For more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." @@ -13240,7 +13351,7 @@ msgstr "" "manvolnum> </citerefentry>." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:855 +#: sssd-ipa.5.xml:919 msgid "" "Different configuration options are tunable for a trusted domain depending " "on whether you are configuring SSSD on an IPA server or an IPA client." @@ -13249,60 +13360,60 @@ msgstr "" "як ви налаштували SSSD на сервері IPA або клієнт IPA." #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:860 +#: sssd-ipa.5.xml:924 msgid "OPTIONS TUNABLE ON IPA MASTERS" msgstr "ПАРАМЕТРИ, ЯКІ МОЖНА НАЛАШТУВАТИ НА ОСНОВНИХ СЕРВЕРАХ IPA" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:862 +#: sssd-ipa.5.xml:926 msgid "" "The following options can be set in a subdomain section on an IPA master:" msgstr "" "У розділі піддомену на основному сервері IPA можна вказати такі параметри:" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:866 sssd-ipa.5.xml:896 +#: sssd-ipa.5.xml:930 sssd-ipa.5.xml:960 msgid "ad_server" msgstr "ad_server" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:869 +#: sssd-ipa.5.xml:933 msgid "ad_backup_server" msgstr "ad_backup_server" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:872 sssd-ipa.5.xml:899 +#: sssd-ipa.5.xml:936 sssd-ipa.5.xml:963 msgid "ad_site" msgstr "ad_site" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:875 +#: sssd-ipa.5.xml:939 msgid "ldap_search_base" msgstr "ldap_search_base" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:878 +#: sssd-ipa.5.xml:942 msgid "ldap_user_search_base" msgstr "ldap_user_search_base" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:881 +#: sssd-ipa.5.xml:945 msgid "ldap_group_search_base" msgstr "ldap_group_search_base" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:890 +#: sssd-ipa.5.xml:954 msgid "OPTIONS TUNABLE ON IPA CLIENTS" msgstr "ПАРАМЕТРИ, ЯКІ МОЖНА НАЛАШТУВАТИ НА КЛІЄНТАХ IPA" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:892 +#: sssd-ipa.5.xml:956 msgid "" "The following options can be set in a subdomain section on an IPA client:" msgstr "У розділі піддомену на клієнті IPA можна вказати такі параметри:" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:904 +#: sssd-ipa.5.xml:968 msgid "" "Note that if both options are set, only <quote>ad_server</quote> is " "evaluated." @@ -13311,7 +13422,7 @@ msgstr "" "<quote>ad_server</quote>." #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:908 +#: sssd-ipa.5.xml:972 msgid "" "Since any request for a user or a group identity from a trusted domain " "triggered from an IPA client is resolved by the IPA server, the " @@ -13334,7 +13445,7 @@ msgstr "" "manvolnum> </citerefentry>, щоб дізнатися більше про додаток пошуку Kerberos." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:932 +#: sssd-ipa.5.xml:996 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -13346,7 +13457,7 @@ msgstr "" "ipa." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:939 +#: sssd-ipa.5.xml:1003 #, no-wrap msgid "" "[domain/example.com]\n" @@ -14881,6 +14992,14 @@ msgstr "ad_allow_remote_domain_local_groups (булеве значення)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:1136 +#, fuzzy +#| msgid "This option can also be set per-domain." +msgid "This option is deprecated." +msgstr "" +"Значення цього параметра можна встановлювати для кожного з доменів окремо." + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1139 msgid "" "If this option is set to <quote>true</quote> SSSD will not filter out Domain " "Local groups from remote domains in the AD forest. By default they are " @@ -14897,7 +15016,7 @@ msgstr "" "роблять користувачів і групи AD доступними у клієнті Linux." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1146 +#: sssd-ad.5.xml:1149 msgid "" "Please note that setting this option to <quote>true</quote> will be against " "the intention of Domain Local group in Active Directory and <emphasis>SHOULD " @@ -14921,7 +15040,7 @@ msgstr "" "запитах tokenGroups, де також немає віддалених груп локальних доменів." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1162 +#: sssd-ad.5.xml:1165 msgid "" "Given the comments above, if this option is set to <quote>true</quote> the " "tokenGroups request must be disabled by setting <quote>ldap_use_tokengroups</" @@ -14941,7 +15060,7 @@ msgstr "" "локальні групи домену може бути знайдено лише на глибшому рівні вкладеності." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1185 +#: sssd-ad.5.xml:1188 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -14958,12 +15077,12 @@ msgstr "" "якщо цю адресу не було змінено за допомогою параметра «dyndns_iface»." #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1215 +#: sssd-ad.5.xml:1218 msgid "Default: 3600 (seconds)" msgstr "Типове значення: 3600 (секунд)" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1231 +#: sssd-ad.5.xml:1234 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" @@ -14972,7 +15091,7 @@ msgstr "" "для з’єднання LDAP AD" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1244 +#: sssd-ad.5.xml:1247 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -14989,7 +15108,7 @@ msgstr "" "значення." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1394 +#: sssd-ad.5.xml:1461 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -15000,7 +15119,7 @@ msgstr "" "У прикладі продемонстровано лише параметри доступу, специфічні для засобу AD." #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1401 +#: sssd-ad.5.xml:1468 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -15024,7 +15143,7 @@ msgstr "" "ad_domain = example.com\n" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1421 +#: sssd-ad.5.xml:1488 #, no-wrap msgid "" "access_provider = ldap\n" @@ -15036,7 +15155,7 @@ msgstr "" "ldap_account_expire_policy = ad\n" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1417 +#: sssd-ad.5.xml:1484 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -15048,7 +15167,7 @@ msgstr "" "id=\"0\"/>" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1427 +#: sssd-ad.5.xml:1494 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -15063,7 +15182,7 @@ msgstr "" "шифрування) вручну." #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1435 +#: sssd-ad.5.xml:1502 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -21972,9 +22091,14 @@ msgstr "" #. type: Content of: <refsect1><refsect2><para> #: include/ldap_id_mapping.xml:67 +#, fuzzy +#| msgid "" +#| "The SSSD ID-mapping algorithm takes a range of available UIDs and divides " +#| "it into equally-sized component sections - called \"slices\"-. Each slice " +#| "represents the space available to an Active Directory domain." msgid "" "The SSSD ID-mapping algorithm takes a range of available UIDs and divides it " -"into equally-sized component sections - called \"slices\"-. Each slice " +"into equally-sized component sections - called \"slices\". Each slice " "represents the space available to an Active Directory domain." msgstr "" "Алгоритмом встановлення відповідності ідентифікаторів SSSD передбачено поділ " @@ -22168,11 +22292,18 @@ msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> #: include/ldap_id_mapping.xml:185 +#, fuzzy +#| msgid "" +#| "For example, if your most recently-added Active Directory user has " +#| "objectSid=S-1-5-21-2153326666-2176343378-3404031434-1107, " +#| "<quote>ldap_idmap_range_size</quote> must be at least 1108 as range size " +#| "is equal to maximal SID minus minimal SID plus one (e.g. 1108 = 1107 - 0 " +#| "+ 1)." msgid "" "For example, if your most recently-added Active Directory user has " "objectSid=S-1-5-21-2153326666-2176343378-3404031434-1107, " "<quote>ldap_idmap_range_size</quote> must be at least 1108 as range size is " -"equal to maximal SID minus minimal SID plus one (e.g. 1108 = 1107 - 0 + 1)." +"equal to maximal RID minus minimal RID plus one (e.g. 1108 = 1107 - 0 + 1)." msgstr "" "Приклад: якщо найсвіжішим доданим користувачем Active Directory є користувач " "з objectSid=S-1-5-21-2153326666-2176343378-3404031434-1107, " @@ -23419,6 +23550,13 @@ msgstr "" "Визначає, чи слід перетворювати реєстраційний запис вузла і користувача у " "канонічну форму. Цю можливість передбачено з версії MIT Kerberos 1.7." +#~ msgid "" +#~ "The RULE_NAME for the <quote>files</quote> provider which tries to find a " +#~ "user with the same name." +#~ msgstr "" +#~ "RULE_NAME для надавача даних <quote>files</quote>, який намагається " +#~ "знайти запис користувача і такою самою назвою." + #~ msgid "reconnection_retries (integer)" #~ msgstr "reconnection_retries (ціле число)" diff --git a/src/man/po/zh_CN.po b/src/man/po/zh_CN.po index ba631edf9f3..4e89f3fae37 100644 --- a/src/man/po/zh_CN.po +++ b/src/man/po/zh_CN.po @@ -9,7 +9,7 @@ msgid "" msgstr "" "Project-Id-Version: sssd-docs 2.3.0\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2024-10-15 11:44+0200\n" +"POT-Creation-Date: 2024-12-10 14:33+0100\n" "PO-Revision-Date: 2020-07-22 07:51-0400\n" "Last-Translator: Copied by Zanata <copied-by-zanata@zanata.org>\n" "Language-Team: Chinese (China) (http://www.transifex.com/projects/p/sssd/" @@ -118,17 +118,17 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:60 msgid "" -"<filename>sssd.conf</filename> must be a regular file that is owned, " -"readable, and writeable by the same user as configured to run SSSD service." +"<filename>sssd.conf</filename> must be a regular file that is accessible " +"only by the user used to run SSSD service or root." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:67 +#: sssd.conf.5.xml:66 msgid "CONFIGURATION SNIPPETS FROM INCLUDE DIRECTORY" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:70 +#: sssd.conf.5.xml:69 msgid "" "The configuration file <filename>sssd.conf</filename> will include " "configuration snippets using the include directory <filename>conf.d</" @@ -136,7 +136,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:76 +#: sssd.conf.5.xml:75 msgid "" "Any file placed in <filename>conf.d</filename> that ends in " "<quote><filename>.conf</filename></quote> and does not begin with a dot " @@ -145,7 +145,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:84 +#: sssd.conf.5.xml:83 msgid "" "The configuration snippets from <filename>conf.d</filename> have higher " "priority than <filename>sssd.conf</filename> and will override " @@ -158,39 +158,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:98 +#: sssd.conf.5.xml:97 msgid "" "The snippet files require the same owner and permissions as <filename>sssd." "conf</filename>." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:104 +#: sssd.conf.5.xml:103 msgid "GENERAL OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:106 +#: sssd.conf.5.xml:105 msgid "Following options are usable in more than one configuration sections." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:110 +#: sssd.conf.5.xml:109 msgid "Options usable in all sections" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:114 +#: sssd.conf.5.xml:113 msgid "debug_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:118 +#: sssd.conf.5.xml:117 msgid "debug (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:121 +#: sssd.conf.5.xml:120 msgid "" "SSSD 1.14 and later also includes the <replaceable>debug</replaceable> alias " "for <replaceable>debug_level</replaceable> as a convenience feature. If both " @@ -199,62 +199,62 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:131 +#: sssd.conf.5.xml:130 msgid "debug_timestamps (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:134 +#: sssd.conf.5.xml:133 msgid "" "Add a timestamp to the debug messages. If journald is enabled for SSSD " "debug logging this option is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:139 sssd.conf.5.xml:176 sssd.conf.5.xml:338 -#: sssd.conf.5.xml:698 sssd.conf.5.xml:713 sssd.conf.5.xml:923 -#: sssd.conf.5.xml:1041 sssd.conf.5.xml:2169 sssd-ldap.5.xml:920 -#: sssd-ldap.5.xml:1074 sssd-ldap.5.xml:1177 sssd-ldap.5.xml:1246 -#: sssd-ldap.5.xml:1654 sssd-ldap.5.xml:1788 sssd-ldap.5.xml:1853 -#: sssd-ipa.5.xml:347 sssd-ad.5.xml:252 sssd-ad.5.xml:367 sssd-ad.5.xml:1201 -#: sssd-ad.5.xml:1354 sssd-krb5.5.xml:358 +#: sssd.conf.5.xml:138 sssd.conf.5.xml:175 sssd.conf.5.xml:337 +#: sssd.conf.5.xml:701 sssd.conf.5.xml:716 sssd.conf.5.xml:926 +#: sssd.conf.5.xml:1044 sssd.conf.5.xml:2172 sssd-ldap.5.xml:931 +#: sssd-ldap.5.xml:1085 sssd-ldap.5.xml:1188 sssd-ldap.5.xml:1257 +#: sssd-ldap.5.xml:1665 sssd-ldap.5.xml:1799 sssd-ldap.5.xml:1864 +#: sssd-ipa.5.xml:361 sssd-ad.5.xml:252 sssd-ad.5.xml:367 sssd-ad.5.xml:1204 +#: sssd-ad.5.xml:1371 sssd-krb5.5.xml:358 msgid "Default: true" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:144 +#: sssd.conf.5.xml:143 msgid "debug_microseconds (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:147 +#: sssd.conf.5.xml:146 msgid "" "Add microseconds to the timestamp in debug messages. If journald is enabled " "for SSSD debug logging this option is ignored." msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:152 sssd.conf.5.xml:636 sssd.conf.5.xml:920 -#: sssd.conf.5.xml:2072 sssd.conf.5.xml:2139 sssd.conf.5.xml:4231 -#: sssd-ldap.5.xml:313 sssd-ldap.5.xml:939 sssd-ldap.5.xml:1149 -#: sssd-ldap.5.xml:1603 sssd-ldap.5.xml:1877 sssd-ipa.5.xml:152 -#: sssd-ipa.5.xml:254 sssd-ipa.5.xml:662 sssd-ad.5.xml:1107 sssd-krb5.5.xml:268 +#: sssd.conf.5.xml:151 sssd.conf.5.xml:639 sssd.conf.5.xml:923 +#: sssd.conf.5.xml:2075 sssd.conf.5.xml:2142 sssd.conf.5.xml:4234 +#: sssd-ldap.5.xml:324 sssd-ldap.5.xml:950 sssd-ldap.5.xml:1160 +#: sssd-ldap.5.xml:1614 sssd-ldap.5.xml:1888 sssd-ipa.5.xml:152 +#: sssd-ipa.5.xml:254 sssd-ipa.5.xml:726 sssd-ad.5.xml:1107 sssd-krb5.5.xml:268 #: sssd-krb5.5.xml:330 sssd-krb5.5.xml:432 include/krb5_options.xml:163 msgid "Default: false" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:157 +#: sssd.conf.5.xml:156 msgid "debug_backtrace_enabled (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:160 +#: sssd.conf.5.xml:159 msgid "Enable debug backtrace." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:163 +#: sssd.conf.5.xml:162 msgid "" "In case SSSD is run with debug_level less than 9, everything is logged to a " "ring buffer in memory and flushed to a log file on any error up to and " @@ -264,15 +264,15 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:172 +#: sssd.conf.5.xml:171 msgid "" "Feature is only supported for `logger == files` (i.e. setting doesn't have " "effect for other logger types)." msgstr "" #. type: Content of: outside any tag (error?) -#: sssd.conf.5.xml:112 sssd.conf.5.xml:187 sssd-ldap.5.xml:1694 -#: sssd-ldap.5.xml:1900 sss-certmap.5.xml:645 sssd-systemtap.5.xml:82 +#: sssd.conf.5.xml:111 sssd.conf.5.xml:186 sssd-ldap.5.xml:1705 +#: sssd-ldap.5.xml:1911 sss-certmap.5.xml:645 sssd-systemtap.5.xml:82 #: sssd-systemtap.5.xml:143 sssd-systemtap.5.xml:236 sssd-systemtap.5.xml:274 #: sssd-systemtap.5.xml:330 sssd-ldap-attributes.5.xml:40 #: sssd-ldap-attributes.5.xml:661 sssd-ldap-attributes.5.xml:803 @@ -284,17 +284,17 @@ msgid "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:185 +#: sssd.conf.5.xml:184 msgid "Options usable in SERVICE and DOMAIN sections" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:189 +#: sssd.conf.5.xml:188 msgid "timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:192 +#: sssd.conf.5.xml:191 msgid "" "Timeout in seconds between heartbeats for this service. This is used to " "ensure that the process is alive and capable of answering requests. Note " @@ -302,33 +302,33 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:199 sssd.conf.5.xml:1261 sssd.conf.5.xml:1738 -#: sssd.conf.5.xml:4247 sssd-ldap.5.xml:766 include/ldap_id_mapping.xml:270 +#: sssd.conf.5.xml:198 sssd.conf.5.xml:1264 sssd.conf.5.xml:1741 +#: sssd.conf.5.xml:4250 sssd-ldap.5.xml:777 include/ldap_id_mapping.xml:270 msgid "Default: 10" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:209 +#: sssd.conf.5.xml:208 msgid "SPECIAL SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:212 +#: sssd.conf.5.xml:211 msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><title> -#: sssd.conf.5.xml:221 +#: sssd.conf.5.xml:220 msgid "Section parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:223 +#: sssd.conf.5.xml:222 msgid "services" msgstr "服务" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:226 +#: sssd.conf.5.xml:225 msgid "" "Comma separated list of services that are started when sssd itself starts. " "<phrase condition=\"have_systemd\"> The services' list is optional on " @@ -337,7 +337,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:235 +#: sssd.conf.5.xml:234 msgid "" "Supported services: nss, pam, ifp <phrase condition=\"with_sudo\">, sudo</" "phrase> <phrase condition=\"with_autofs\">, autofs</phrase> <phrase " @@ -346,7 +346,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:242 +#: sssd.conf.5.xml:241 msgid "" "<phrase condition=\"have_systemd\"> By default, all services are disabled " "and the administrator must enable the ones allowed to be used by executing: " @@ -354,12 +354,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:251 +#: sssd.conf.5.xml:250 msgid "domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:254 +#: sssd.conf.5.xml:253 msgid "" "A domain is a database containing user information. SSSD can use more " "domains at the same time, but at least one must be configured or SSSD won't " @@ -370,19 +370,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:267 sssd.conf.5.xml:3535 +#: sssd.conf.5.xml:266 sssd.conf.5.xml:3538 msgid "re_expression (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:270 +#: sssd.conf.5.xml:269 msgid "" "Default regular expression that describes how to parse the string containing " "user name and domain into these components." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:275 +#: sssd.conf.5.xml:274 msgid "" "Each domain can have an individual regular expression configured. For some " "ID providers there are also default regular expressions. See DOMAIN SECTIONS " @@ -390,12 +390,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:284 sssd.conf.5.xml:3592 +#: sssd.conf.5.xml:283 sssd.conf.5.xml:3595 msgid "full_name_format (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:287 sssd.conf.5.xml:3595 +#: sssd.conf.5.xml:286 sssd.conf.5.xml:3598 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> <manvolnum>3</" "manvolnum> </citerefentry>-compatible format that describes how to compose a " @@ -403,70 +403,70 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:298 sssd.conf.5.xml:3606 +#: sssd.conf.5.xml:297 sssd.conf.5.xml:3609 msgid "%1$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:299 sssd.conf.5.xml:3607 +#: sssd.conf.5.xml:298 sssd.conf.5.xml:3610 msgid "user name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:302 sssd.conf.5.xml:3610 +#: sssd.conf.5.xml:301 sssd.conf.5.xml:3613 msgid "%2$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:305 sssd.conf.5.xml:3613 +#: sssd.conf.5.xml:304 sssd.conf.5.xml:3616 msgid "domain name as specified in the SSSD config file." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:311 sssd.conf.5.xml:3619 +#: sssd.conf.5.xml:310 sssd.conf.5.xml:3622 msgid "%3$s" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:314 sssd.conf.5.xml:3622 +#: sssd.conf.5.xml:313 sssd.conf.5.xml:3625 msgid "" "domain flat name. Mostly usable for Active Directory domains, both directly " "configured or discovered via IPA trusts." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:295 sssd.conf.5.xml:3603 +#: sssd.conf.5.xml:294 sssd.conf.5.xml:3606 msgid "" "The following expansions are supported: <placeholder type=\"variablelist\" " "id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:324 +#: sssd.conf.5.xml:323 msgid "" "Each domain can have an individual format string configured. See DOMAIN " "SECTIONS for more info on this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:330 +#: sssd.conf.5.xml:329 msgid "monitor_resolv_conf (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:333 +#: sssd.conf.5.xml:332 msgid "" "Controls if SSSD should monitor the state of resolv.conf to identify when it " "needs to update its internal DNS resolver." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:343 +#: sssd.conf.5.xml:342 msgid "try_inotify (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:346 +#: sssd.conf.5.xml:345 msgid "" "By default, SSSD will attempt to use inotify to monitor configuration files " "changes and will fall back to polling every five seconds if inotify cannot " @@ -474,7 +474,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:352 +#: sssd.conf.5.xml:351 msgid "" "There are some limited situations where it is preferred that we should skip " "even trying to use inotify. In these rare cases, this option should be set " @@ -482,52 +482,52 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:358 +#: sssd.conf.5.xml:357 msgid "" "Default: true on platforms where inotify is supported. False on other " "platforms." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:362 +#: sssd.conf.5.xml:361 msgid "" "Note: this option will have no effect on platforms where inotify is " "unavailable. On these platforms, polling will always be used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:369 +#: sssd.conf.5.xml:368 msgid "krb5_rcache_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:372 +#: sssd.conf.5.xml:371 msgid "" "Directory on the filesystem where SSSD should store Kerberos replay cache " "files." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:376 +#: sssd.conf.5.xml:375 msgid "" "This option accepts a special value __LIBKRB5_DEFAULTS__ that will instruct " "SSSD to let libkrb5 decide the appropriate location for the replay cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:382 +#: sssd.conf.5.xml:381 msgid "" "Default: Distribution-specific and specified at build-time. " "(__LIBKRB5_DEFAULTS__ if not configured)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:389 +#: sssd.conf.5.xml:388 msgid "user (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:392 +#: sssd.conf.5.xml:391 msgid "" "A legacy (deprecated) method to configure the user to drop the privileges to " "where appropriate to avoid running as the root user. The only supported " @@ -535,14 +535,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:399 +#: sssd.conf.5.xml:398 msgid "" "This option is ignored if main SSSD process is started under non-root user " "initially (preferred method)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:404 +#: sssd.conf.5.xml:403 msgid "" "This option doesn't apply to socket activated services, as in this case the " "user to run the processes is configured in systemd service files. Keep in " @@ -552,17 +552,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:415 +#: sssd.conf.5.xml:414 msgid "Default: not set, process will run as root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:420 +#: sssd.conf.5.xml:419 msgid "default_domain_suffix (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:423 +#: sssd.conf.5.xml:422 +msgid "" +"Please note that this option is deprecated and domain_resolution_order " +"should be used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:426 msgid "" "This string will be used as a default domain name for all names without a " "domain name component. The main use case is environments where the primary " @@ -572,7 +579,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:433 +#: sssd.conf.5.xml:436 msgid "" "Please note that if this option is set all users from the primary domain " "have to use their fully qualified name, e.g. user@domain.name, to log in. " @@ -585,8 +592,8 @@ msgid "" msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:450 sssd-ldap.5.xml:878 sssd-ldap.5.xml:890 -#: sssd-ldap.5.xml:983 sssd-ad.5.xml:921 sssd-ad.5.xml:996 sssd-krb5.5.xml:468 +#: sssd.conf.5.xml:453 sssd-ldap.5.xml:889 sssd-ldap.5.xml:901 +#: sssd-ldap.5.xml:994 sssd-ad.5.xml:921 sssd-ad.5.xml:996 sssd-krb5.5.xml:468 #: sssd-ldap-attributes.5.xml:470 sssd-ldap-attributes.5.xml:978 #: include/ldap_id_mapping.xml:211 include/ldap_id_mapping.xml:222 #: include/krb5_options.xml:148 @@ -594,12 +601,12 @@ msgid "Default: not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:455 +#: sssd.conf.5.xml:458 msgid "override_space (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:458 +#: sssd.conf.5.xml:461 msgid "" "This parameter will replace spaces (space bar) with the given character for " "user and group names. e.g. (_). User name "john doe" will be " @@ -609,7 +616,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:467 +#: sssd.conf.5.xml:470 msgid "" "Please note it is a configuration error to use a replacement character that " "might be used in user or group names. If a name contains the replacement " @@ -618,22 +625,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:475 +#: sssd.conf.5.xml:478 msgid "Default: not set (spaces will not be replaced)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:480 +#: sssd.conf.5.xml:483 msgid "certificate_verification (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:488 +#: sssd.conf.5.xml:491 msgid "no_ocsp" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:490 +#: sssd.conf.5.xml:493 msgid "" "Disables Online Certificate Status Protocol (OCSP) checks. This might be " "needed if the OCSP servers defined in the certificate are not reachable from " @@ -641,12 +648,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:498 +#: sssd.conf.5.xml:501 msgid "soft_ocsp" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:500 +#: sssd.conf.5.xml:503 msgid "" "If a connection cannot be established to an OCSP responder the OCSP check is " "skipped. This option should be used to allow authentication when the system " @@ -654,61 +661,61 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:510 +#: sssd.conf.5.xml:513 msgid "ocsp_dgst" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:512 +#: sssd.conf.5.xml:515 msgid "" "Digest (hash) function used to create the certificate ID for the OCSP " "request. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:516 +#: sssd.conf.5.xml:519 msgid "sha1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:517 +#: sssd.conf.5.xml:520 msgid "sha256" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:518 +#: sssd.conf.5.xml:521 msgid "sha384" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:519 +#: sssd.conf.5.xml:522 msgid "sha512" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:522 +#: sssd.conf.5.xml:525 msgid "Default: sha1 (to allow compatibility with RFC5019-compliant responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:528 +#: sssd.conf.5.xml:531 msgid "no_verification" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:530 +#: sssd.conf.5.xml:533 msgid "" "Disables verification completely. This option should only be used for " "testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:536 +#: sssd.conf.5.xml:539 msgid "partial_chain" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:538 +#: sssd.conf.5.xml:541 msgid "" "Allow verification to succeed even if a <replaceable>complete</replaceable> " "chain cannot be built to a self-signed trust-anchor, provided it is possible " @@ -716,12 +723,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:547 +#: sssd.conf.5.xml:550 msgid "ocsp_default_responder=URL" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:549 +#: sssd.conf.5.xml:552 msgid "" "Sets the OCSP default responder which should be used instead of the one " "mentioned in the certificate. URL must be replaced with the URL of the OCSP " @@ -729,24 +736,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:559 +#: sssd.conf.5.xml:562 msgid "ocsp_default_responder_signing_cert=NAME" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:561 +#: sssd.conf.5.xml:564 msgid "" "This option is currently ignored. All needed certificates must be available " "in the PEM file given by pam_cert_db_path." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:569 +#: sssd.conf.5.xml:572 msgid "crl_file=/PATH/TO/CRL/FILE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:571 +#: sssd.conf.5.xml:574 msgid "" "Use the Certificate Revocation List (CRL) from the given file during the " "verification of the certificate. The CRL must be given in PEM format, see " @@ -755,12 +762,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:584 +#: sssd.conf.5.xml:587 msgid "soft_crl" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:587 +#: sssd.conf.5.xml:590 msgid "" "If a Certificate Revocation List (CRL) is expired ignore the expiration " "time of the CRL and check the related certificates with the expired CRL. " @@ -769,7 +776,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:483 +#: sssd.conf.5.xml:486 msgid "" "With this parameter the certificate verification can be tuned with a comma " "separated list of options. Supported options are: <placeholder " @@ -777,58 +784,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:600 +#: sssd.conf.5.xml:603 msgid "Unknown options are reported but ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:603 +#: sssd.conf.5.xml:606 msgid "Default: not set, i.e. do not restrict certificate verification" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:609 +#: sssd.conf.5.xml:612 msgid "disable_netlink (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:612 +#: sssd.conf.5.xml:615 msgid "" "SSSD hooks into the netlink interface to monitor changes to routes, " "addresses, links and trigger certain actions." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:617 +#: sssd.conf.5.xml:620 msgid "" "The SSSD state changes caused by netlink events may be undesirable and can " "be disabled by setting this option to 'true'" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:622 +#: sssd.conf.5.xml:625 msgid "Default: false (netlink changes are detected)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:627 +#: sssd.conf.5.xml:630 msgid "enable_files_domain (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:630 +#: sssd.conf.5.xml:633 msgid "" "When this option is enabled, SSSD prepends an implicit domain with " "<quote>id_provider=files</quote> before any explicitly configured domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:641 +#: sssd.conf.5.xml:644 msgid "domain_resolution_order" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:644 +#: sssd.conf.5.xml:647 msgid "" "Comma separated list of domains and subdomains representing the lookup order " "that will be followed. The list doesn't have to include all possible " @@ -839,7 +846,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:656 +#: sssd.conf.5.xml:659 msgid "" "Please, note that when this option is set the output format of all commands " "is always fully-qualified even when using short names for input <phrase " @@ -857,18 +864,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:684 sssd.conf.5.xml:1762 sssd.conf.5.xml:4297 +#: sssd.conf.5.xml:687 sssd.conf.5.xml:1765 sssd.conf.5.xml:4300 #: sssd-ad.5.xml:187 sssd-ad.5.xml:328 sssd-ad.5.xml:342 msgid "Default: Not set" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:689 +#: sssd.conf.5.xml:692 msgid "implicit_pac_responder (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:692 +#: sssd.conf.5.xml:695 msgid "" "The PAC responder is enabled automatically for the IPA and AD provider to " "evaluate and check the PAC. If it has to be disabled set this option to " @@ -876,12 +883,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:703 +#: sssd.conf.5.xml:706 msgid "core_dumpable (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:706 +#: sssd.conf.5.xml:709 msgid "" "This option can be used for general system hardening: setting it to 'false' " "forbids core dumps for all SSSD processes to avoid leaking plain text " @@ -889,24 +896,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:718 +#: sssd.conf.5.xml:721 msgid "passkey_verification (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:726 +#: sssd.conf.5.xml:729 msgid "user_verification (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:728 +#: sssd.conf.5.xml:731 msgid "" "Enable or disable the user verification (i.e. PIN, fingerprint) during " "authentication. If enabled, the PIN will always be requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:734 +#: sssd.conf.5.xml:737 msgid "" "The default is that the key settings decide what to do. In the IPA or " "kerberos pre-authentication case, this value will be overwritten by the " @@ -914,7 +921,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:721 +#: sssd.conf.5.xml:724 msgid "" "With this parameter the passkey verification can be tuned with a comma " "separated list of options. Supported options are: <placeholder " @@ -922,7 +929,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:214 +#: sssd.conf.5.xml:213 msgid "" "Individual pieces of SSSD functionality are provided by special SSSD " "services that are started and stopped together with SSSD. The services are " @@ -933,12 +940,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:753 +#: sssd.conf.5.xml:756 msgid "SERVICES SECTIONS" msgstr "服务部分" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:755 +#: sssd.conf.5.xml:758 msgid "" "Settings that can be used to configure different services are described in " "this section. They should reside in the [<replaceable>$NAME</replaceable>] " @@ -947,22 +954,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:762 +#: sssd.conf.5.xml:765 msgid "General service configuration options" msgstr "基本服务配置选项" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:764 +#: sssd.conf.5.xml:767 msgid "These options can be used to configure any service." msgstr "这些选项可被用于配置任何服务。" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:768 +#: sssd.conf.5.xml:771 msgid "fd_limit" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:771 +#: sssd.conf.5.xml:774 msgid "" "This option specifies the maximum number of file descriptors that may be " "opened at one time by this SSSD process. On systems where SSSD is granted " @@ -972,17 +979,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:780 +#: sssd.conf.5.xml:783 msgid "Default: 8192 (or limits.conf \"hard\" limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:785 +#: sssd.conf.5.xml:788 msgid "client_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:788 +#: sssd.conf.5.xml:791 msgid "" "This option specifies the number of seconds that a client of an SSSD process " "can hold onto a file descriptor without communicating on it. This value is " @@ -992,19 +999,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:797 +#: sssd.conf.5.xml:800 #, fuzzy #| msgid "Default: 3" msgid "Default: 60, KCM: 300" msgstr "默认: 3" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:802 +#: sssd.conf.5.xml:805 msgid "offline_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:805 +#: sssd.conf.5.xml:808 msgid "" "When SSSD switches to offline mode the amount of time before it tries to go " "back online will increase based upon the time spent disconnected. By " @@ -1015,14 +1022,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:816 sssd.conf.5.xml:872 +#: sssd.conf.5.xml:819 sssd.conf.5.xml:875 msgid "" "new_delay = Minimum(old_delay * 2, offline_timeout_max) + random[0..." "offline_timeout_random_offset]" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:819 +#: sssd.conf.5.xml:822 msgid "" "The offline_timeout default value is 60. The offline_timeout_max default " "value is 3600. The offline_timeout_random_offset default value is 30. The " @@ -1030,44 +1037,44 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:825 +#: sssd.conf.5.xml:828 msgid "" "Note that the maximum length of each interval is defined by " "offline_timeout_max (apart of random part)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:829 sssd.conf.5.xml:1172 sssd.conf.5.xml:1555 -#: sssd.conf.5.xml:1851 sssd-ldap.5.xml:495 +#: sssd.conf.5.xml:832 sssd.conf.5.xml:1175 sssd.conf.5.xml:1558 +#: sssd.conf.5.xml:1854 sssd-ldap.5.xml:506 msgid "Default: 60" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:834 +#: sssd.conf.5.xml:837 msgid "offline_timeout_max (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:837 +#: sssd.conf.5.xml:840 msgid "" "Controls by how much the time between attempts to go online can be " "incremented following unsuccessful attempts to go online." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:842 +#: sssd.conf.5.xml:845 msgid "A value of 0 disables the incrementing behaviour." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:845 +#: sssd.conf.5.xml:848 msgid "" "The value of this parameter should be set in correlation to offline_timeout " "parameter value." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:849 +#: sssd.conf.5.xml:852 msgid "" "With offline_timeout set to 60 (default value) there is no point in setting " "offlinet_timeout_max to less than 120 as it will saturate instantly. General " @@ -1076,62 +1083,62 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:858 msgid "" "Although a value between 0 and offline_timeout may be specified, it has the " "effect of overriding the offline_timeout value so is of little use." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:863 #, fuzzy #| msgid "Default: 3" msgid "Default: 3600" msgstr "默认: 3" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:865 +#: sssd.conf.5.xml:868 msgid "offline_timeout_random_offset (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:868 +#: sssd.conf.5.xml:871 msgid "" "When SSSD is in offline mode it keeps probing backend servers in specified " "time intervals:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:875 +#: sssd.conf.5.xml:878 msgid "" "This parameter controls the value of the random offset used for the above " "equation. Final random_offset value will be random number in range:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:880 +#: sssd.conf.5.xml:883 msgid "[0 - offline_timeout_random_offset]" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:883 +#: sssd.conf.5.xml:886 msgid "A value of 0 disables the random offset addition." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:886 +#: sssd.conf.5.xml:889 #, fuzzy #| msgid "Default: 3" msgid "Default: 30" msgstr "默认: 3" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:894 msgid "responder_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:894 +#: sssd.conf.5.xml:897 msgid "" "This option specifies the number of seconds that an SSSD responder process " "can be up without being used. This value is limited in order to avoid " @@ -1143,58 +1150,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:908 sssd.conf.5.xml:1185 sssd.conf.5.xml:2304 -#: sssd-ldap.5.xml:332 +#: sssd.conf.5.xml:911 sssd.conf.5.xml:1188 sssd.conf.5.xml:2307 +#: sssd-ldap.5.xml:343 msgid "Default: 300" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:913 +#: sssd.conf.5.xml:916 msgid "cache_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:916 +#: sssd.conf.5.xml:919 msgid "" "This option specifies whether the responder should query all caches before " "querying the Data Providers." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:931 +#: sssd.conf.5.xml:934 msgid "NSS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:933 +#: sssd.conf.5.xml:936 msgid "" "These options can be used to configure the Name Service Switch (NSS) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:938 +#: sssd.conf.5.xml:941 msgid "enum_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:941 +#: sssd.conf.5.xml:944 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:945 +#: sssd.conf.5.xml:948 msgid "Default: 120" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:950 +#: sssd.conf.5.xml:953 msgid "entry_cache_nowait_percentage (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:953 +#: sssd.conf.5.xml:956 msgid "" "The entry cache can be set to automatically update entries in the background " "if they are requested beyond a percentage of the entry_cache_timeout value " @@ -1202,7 +1209,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:959 +#: sssd.conf.5.xml:962 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " "entry_cache_nowait_percentage is set to 50 (percent), entries that come in " @@ -1212,7 +1219,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:969 +#: sssd.conf.5.xml:972 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " "entry_cache_timeout for each domain. For performance reasons, this " @@ -1221,17 +1228,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:977 sssd.conf.5.xml:2093 +#: sssd.conf.5.xml:980 sssd.conf.5.xml:2096 msgid "Default: 50" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:982 +#: sssd.conf.5.xml:985 msgid "entry_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:985 +#: sssd.conf.5.xml:988 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " "(that is, queries for invalid database entries, like nonexistent ones) " @@ -1239,17 +1246,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:991 sssd.conf.5.xml:1750 sssd.conf.5.xml:2117 +#: sssd.conf.5.xml:994 sssd.conf.5.xml:1753 sssd.conf.5.xml:2120 msgid "Default: 15" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:996 +#: sssd.conf.5.xml:999 msgid "local_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:999 +#: sssd.conf.5.xml:1002 msgid "" "Specifies for how many seconds nss_sss should keep local users and groups in " "negative cache before trying to look it up in the back end again. Setting " @@ -1257,17 +1264,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1005 +#: sssd.conf.5.xml:1008 msgid "Default: 14400 (4 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1010 +#: sssd.conf.5.xml:1013 msgid "filter_users, filter_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1013 +#: sssd.conf.5.xml:1016 msgid "" "Exclude certain users or groups from being fetched from the sss NSS " "database. This is particularly useful for system accounts. This option can " @@ -1276,7 +1283,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1021 +#: sssd.conf.5.xml:1024 msgid "" "NOTE: The filter_groups option doesn't affect inheritance of nested group " "members, since filtering happens after they are propagated for returning via " @@ -1285,41 +1292,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1029 +#: sssd.conf.5.xml:1032 msgid "Default: root" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1034 +#: sssd.conf.5.xml:1037 msgid "filter_users_in_groups (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1037 +#: sssd.conf.5.xml:1040 msgid "" "If you want filtered user still be group members set this option to false." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1048 +#: sssd.conf.5.xml:1051 msgid "fallback_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1051 +#: sssd.conf.5.xml:1054 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1056 +#: sssd.conf.5.xml:1059 msgid "" "The available values for this option are the same as for override_homedir." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1062 +#: sssd.conf.5.xml:1065 #, no-wrap msgid "" "fallback_homedir = /home/%u\n" @@ -1327,23 +1334,23 @@ msgid "" msgstr "" #. type: Content of: <varlistentry><listitem><para> -#: sssd.conf.5.xml:1060 sssd.conf.5.xml:1622 sssd.conf.5.xml:1641 -#: sssd.conf.5.xml:1718 sssd-krb5.5.xml:451 include/override_homedir.xml:66 +#: sssd.conf.5.xml:1063 sssd.conf.5.xml:1625 sssd.conf.5.xml:1644 +#: sssd.conf.5.xml:1721 sssd-krb5.5.xml:451 include/override_homedir.xml:66 msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 +#: sssd.conf.5.xml:1069 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1072 +#: sssd.conf.5.xml:1075 msgid "override_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1075 +#: sssd.conf.5.xml:1078 msgid "" "Override the login shell for all users. This option supersedes any other " "shell options if it takes effect and can be set either in the [nss] section " @@ -1351,47 +1358,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1084 msgid "Default: not set (SSSD will use the value retrieved from LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1087 +#: sssd.conf.5.xml:1090 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1090 +#: sssd.conf.5.xml:1093 msgid "" "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1093 +#: sssd.conf.5.xml:1096 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1097 +#: sssd.conf.5.xml:1100 msgid "" "2. If the shell is in the allowed_shells list but not in <quote>/etc/shells</" "quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1105 msgid "" "3. If the shell is not in the allowed_shells list and not in <quote>/etc/" "shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1107 +#: sssd.conf.5.xml:1110 msgid "The wildcard (*) can be used to allow any shell." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1110 +#: sssd.conf.5.xml:1113 msgid "" "The (*) is useful if you want to use shell_fallback in case that user's " "shell is not in <quote>/etc/shells</quote> and maintaining list of all " @@ -1399,113 +1406,113 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1117 +#: sssd.conf.5.xml:1120 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1123 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1124 +#: sssd.conf.5.xml:1127 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1129 +#: sssd.conf.5.xml:1132 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1132 +#: sssd.conf.5.xml:1135 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1137 +#: sssd.conf.5.xml:1140 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1140 +#: sssd.conf.5.xml:1143 msgid "" "The default shell to use if an allowed shell is not installed on the machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1147 msgid "Default: /bin/sh" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1149 +#: sssd.conf.5.xml:1152 msgid "default_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1152 +#: sssd.conf.5.xml:1155 msgid "" "The default shell to use if the provider does not return one during lookup. " "This option can be specified globally in the [nss] section or per-domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1158 +#: sssd.conf.5.xml:1161 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1165 sssd.conf.5.xml:1548 +#: sssd.conf.5.xml:1168 sssd.conf.5.xml:1551 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1168 sssd.conf.5.xml:1551 +#: sssd.conf.5.xml:1171 sssd.conf.5.xml:1554 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1177 +#: sssd.conf.5.xml:1180 msgid "memcache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1180 +#: sssd.conf.5.xml:1183 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid. Setting this option to zero will disable the in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1188 +#: sssd.conf.5.xml:1191 msgid "" "WARNING: Disabling the in-memory cache will have significant negative impact " "on SSSD's performance and should only be used for testing." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1194 sssd.conf.5.xml:1219 sssd.conf.5.xml:1244 -#: sssd.conf.5.xml:1269 sssd.conf.5.xml:1296 +#: sssd.conf.5.xml:1197 sssd.conf.5.xml:1222 sssd.conf.5.xml:1247 +#: sssd.conf.5.xml:1272 sssd.conf.5.xml:1299 msgid "" "NOTE: If the environment variable SSS_NSS_USE_MEMCACHE is set to \"NO\", " "client applications will not use the fast in-memory cache." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1202 +#: sssd.conf.5.xml:1205 msgid "memcache_size_passwd (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1205 +#: sssd.conf.5.xml:1208 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for passwd requests. Setting the size to 0 will disable the passwd in-" @@ -1513,25 +1520,25 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 sssd.conf.5.xml:2963 sssd-ldap.5.xml:549 +#: sssd.conf.5.xml:1214 sssd.conf.5.xml:2966 sssd-ldap.5.xml:560 msgid "Default: 8" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1214 sssd.conf.5.xml:1239 sssd.conf.5.xml:1264 -#: sssd.conf.5.xml:1291 +#: sssd.conf.5.xml:1217 sssd.conf.5.xml:1242 sssd.conf.5.xml:1267 +#: sssd.conf.5.xml:1294 msgid "" "WARNING: Disabled or too small in-memory cache can have significant negative " "impact on SSSD's performance." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1227 +#: sssd.conf.5.xml:1230 msgid "memcache_size_group (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1230 +#: sssd.conf.5.xml:1233 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for group requests. Setting the size to 0 will disable the group in-memory " @@ -1539,19 +1546,19 @@ msgid "" msgstr "" #. type: Content of: <variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1236 sssd.conf.5.xml:1288 sssd.conf.5.xml:3724 -#: sssd-ldap.5.xml:474 sssd-ldap.5.xml:526 include/failover.xml:116 +#: sssd.conf.5.xml:1239 sssd.conf.5.xml:1291 sssd.conf.5.xml:3727 +#: sssd-ldap.5.xml:485 sssd-ldap.5.xml:537 include/failover.xml:116 #: include/krb5_options.xml:11 msgid "Default: 6" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1252 +#: sssd.conf.5.xml:1255 msgid "memcache_size_initgroups (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1255 +#: sssd.conf.5.xml:1258 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for initgroups requests. Setting the size to 0 will disable the initgroups " @@ -1559,12 +1566,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1277 +#: sssd.conf.5.xml:1280 msgid "memcache_size_sid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1280 +#: sssd.conf.5.xml:1283 msgid "" "Size (in megabytes) of the data table allocated inside fast in-memory cache " "for SID related requests. Only SID-by-ID and ID-by-SID requests are " @@ -1573,12 +1580,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1304 sssd-ifp.5.xml:90 +#: sssd.conf.5.xml:1307 sssd-ifp.5.xml:90 msgid "user_attributes (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1307 +#: sssd.conf.5.xml:1310 msgid "" "Some of the additional NSS responder requests can return more attributes " "than just the POSIX ones defined by the NSS interface. The list of " @@ -1589,43 +1596,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1320 +#: sssd.conf.5.xml:1323 msgid "" "To make configuration more easy the NSS responder will check the InfoPipe " "option if it is not set for the NSS responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1325 +#: sssd.conf.5.xml:1328 msgid "Default: not set, fallback to InfoPipe option" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1330 +#: sssd.conf.5.xml:1333 msgid "pwfield (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1333 +#: sssd.conf.5.xml:1336 msgid "" "The value that NSS operations that return users or groups will return for " "the <quote>password</quote> field." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1338 +#: sssd.conf.5.xml:1341 msgid "Default: <quote>*</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1341 +#: sssd.conf.5.xml:1344 msgid "" "Note: This option can also be set per-domain which overwrites the value in " "[nss] section." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1345 +#: sssd.conf.5.xml:1348 msgid "" "Default: <quote>not set</quote> (remote domains), <phrase " "condition=\"with_files_provider\"> <quote>x</quote> (the files domain), </" @@ -1634,60 +1641,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1357 +#: sssd.conf.5.xml:1360 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1359 +#: sssd.conf.5.xml:1362 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1364 +#: sssd.conf.5.xml:1367 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1367 +#: sssd.conf.5.xml:1370 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1372 sssd.conf.5.xml:1385 +#: sssd.conf.5.xml:1375 sssd.conf.5.xml:1388 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1381 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1381 +#: sssd.conf.5.xml:1384 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1391 +#: sssd.conf.5.xml:1394 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1394 +#: sssd.conf.5.xml:1397 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1399 +#: sssd.conf.5.xml:1402 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -1695,59 +1702,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1405 sssd.conf.5.xml:1515 +#: sssd.conf.5.xml:1408 sssd.conf.5.xml:1518 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1411 +#: sssd.conf.5.xml:1414 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1414 +#: sssd.conf.5.xml:1417 msgid "" "Controls what kind of messages are shown to the user during authentication. " "The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1419 +#: sssd.conf.5.xml:1422 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1422 +#: sssd.conf.5.xml:1425 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1425 +#: sssd.conf.5.xml:1428 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1429 +#: sssd.conf.5.xml:1432 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1432 +#: sssd.conf.5.xml:1435 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1436 sssd.8.xml:63 +#: sssd.conf.5.xml:1439 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1442 +#: sssd.conf.5.xml:1445 msgid "pam_response_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1445 +#: sssd.conf.5.xml:1448 msgid "" "A comma separated list of strings which allows to remove (filter) data sent " "by the PAM responder to pam_sss PAM module. There are different kind of " @@ -1756,51 +1763,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1453 +#: sssd.conf.5.xml:1456 msgid "" "While messages already can be controlled with the help of the pam_verbosity " "option this option allows to filter out other kind of responses as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1460 +#: sssd.conf.5.xml:1463 msgid "ENV" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1461 +#: sssd.conf.5.xml:1464 msgid "Do not send any environment variables to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1464 +#: sssd.conf.5.xml:1467 msgid "ENV:var_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1465 +#: sssd.conf.5.xml:1468 msgid "Do not send environment variable var_name to any service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1469 +#: sssd.conf.5.xml:1472 msgid "ENV:var_name:service" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1470 +#: sssd.conf.5.xml:1473 msgid "Do not send environment variable var_name to service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1458 +#: sssd.conf.5.xml:1461 msgid "" "Currently the following filters are supported: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1477 +#: sssd.conf.5.xml:1480 msgid "" "The list of strings can either be the list of filters which would set this " "list of filters and overwrite the defaults. Or each element of the list can " @@ -1811,23 +1818,23 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1488 +#: sssd.conf.5.xml:1491 msgid "Default: ENV:KRB5CCNAME:sudo, ENV:KRB5CCNAME:sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1491 +#: sssd.conf.5.xml:1494 msgid "" "Example: -ENV:KRB5CCNAME:sudo-i will remove the filter from the default list" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1498 +#: sssd.conf.5.xml:1501 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1501 +#: sssd.conf.5.xml:1504 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -1835,7 +1842,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1507 +#: sssd.conf.5.xml:1510 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a per-" @@ -1844,17 +1851,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1521 +#: sssd.conf.5.xml:1524 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1524 sssd.conf.5.xml:2987 +#: sssd.conf.5.xml:1527 sssd.conf.5.xml:2990 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1527 +#: sssd.conf.5.xml:1530 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1862,32 +1869,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1533 sssd.conf.5.xml:2990 +#: sssd.conf.5.xml:1536 sssd.conf.5.xml:2993 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1538 +#: sssd.conf.5.xml:1541 msgid "" "This setting can be overridden by setting <emphasis>pwd_expiration_warning</" "emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1543 sssd.conf.5.xml:3990 sssd-ldap.5.xml:607 -#: sssd-ldap.5.xml:1673 sssd.8.xml:79 +#: sssd.conf.5.xml:1546 sssd.conf.5.xml:3993 sssd-ldap.5.xml:618 +#: sssd-ldap.5.xml:1684 sssd.8.xml:79 msgid "Default: 0" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1560 +#: sssd.conf.5.xml:1563 msgid "pam_trusted_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1563 +#: sssd.conf.5.xml:1566 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to run PAM conversations against trusted domains. Users not " @@ -1897,75 +1904,75 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1573 +#: sssd.conf.5.xml:1576 msgid "Default: All users are considered trusted by default" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1577 +#: sssd.conf.5.xml:1580 msgid "" "Please note that UID 0 is always allowed to access the PAM responder even in " "case it is not in the pam_trusted_users list." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1584 +#: sssd.conf.5.xml:1587 msgid "pam_public_domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1587 +#: sssd.conf.5.xml:1590 msgid "" "Specifies the comma-separated list of domain names that are accessible even " "to untrusted users." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1591 +#: sssd.conf.5.xml:1594 msgid "Two special values for pam_public_domains option are defined:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1595 +#: sssd.conf.5.xml:1598 msgid "" "all (Untrusted users are allowed to access all domains in PAM responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1599 +#: sssd.conf.5.xml:1602 msgid "" "none (Untrusted users are not allowed to access any domains PAM in " "responder.)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1603 sssd.conf.5.xml:1628 sssd.conf.5.xml:1647 -#: sssd.conf.5.xml:1884 sssd.conf.5.xml:2725 sssd.conf.5.xml:3919 -#: sssd-ldap.5.xml:1210 +#: sssd.conf.5.xml:1606 sssd.conf.5.xml:1631 sssd.conf.5.xml:1650 +#: sssd.conf.5.xml:1887 sssd.conf.5.xml:2728 sssd.conf.5.xml:3922 +#: sssd-ldap.5.xml:1221 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1608 +#: sssd.conf.5.xml:1611 msgid "pam_account_expired_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1611 +#: sssd.conf.5.xml:1614 msgid "" "Allows a custom expiration message to be set, replacing the default " "'Permission denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1616 +#: sssd.conf.5.xml:1619 msgid "" "Note: Please be aware that message is only printed for the SSH service " "unless pam_verbosity is set to 3 (show all messages and debug information)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1624 +#: sssd.conf.5.xml:1627 #, no-wrap msgid "" "pam_account_expired_message = Account expired, please contact help desk.\n" @@ -1973,19 +1980,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1633 +#: sssd.conf.5.xml:1636 msgid "pam_account_locked_message (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1636 +#: sssd.conf.5.xml:1639 msgid "" "Allows a custom lockout message to be set, replacing the default 'Permission " "denied' message." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1643 +#: sssd.conf.5.xml:1646 #, no-wrap msgid "" "pam_account_locked_message = Account locked, please contact help desk.\n" @@ -1993,46 +2000,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1652 +#: sssd.conf.5.xml:1655 msgid "pam_passkey_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1655 +#: sssd.conf.5.xml:1658 msgid "Enable passkey device based authentication." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1658 sssd.conf.5.xml:1970 sssd-ad.5.xml:1272 +#: sssd.conf.5.xml:1661 sssd.conf.5.xml:1973 sssd-ad.5.xml:1275 #: sss_rpcidmapd.5.xml:76 sssd-files.5.xml:145 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1663 +#: sssd.conf.5.xml:1666 msgid "passkey_debug_libfido2 (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1666 +#: sssd.conf.5.xml:1669 msgid "Enable libfido2 library debug messages." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1669 sssd.conf.5.xml:1683 sssd-ldap.5.xml:672 -#: sssd-ldap.5.xml:693 sssd-ldap.5.xml:789 sssd-ldap.5.xml:1296 -#: sssd-ad.5.xml:506 sssd-ad.5.xml:582 sssd-ad.5.xml:1127 sssd-ad.5.xml:1176 +#: sssd.conf.5.xml:1672 sssd.conf.5.xml:1686 sssd-ldap.5.xml:683 +#: sssd-ldap.5.xml:704 sssd-ldap.5.xml:800 sssd-ldap.5.xml:1307 +#: sssd-ad.5.xml:506 sssd-ad.5.xml:582 sssd-ad.5.xml:1127 sssd-ad.5.xml:1179 #: include/ldap_id_mapping.xml:250 msgid "Default: False" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1674 +#: sssd.conf.5.xml:1677 msgid "pam_cert_auth (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1677 +#: sssd.conf.5.xml:1680 msgid "" "Enable certificate based Smartcard authentication. Since this requires " "additional communication with the Smartcard which will delay the " @@ -2040,34 +2047,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1688 +#: sssd.conf.5.xml:1691 msgid "pam_cert_db_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1691 +#: sssd.conf.5.xml:1694 msgid "The path to the certificate database." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1694 sssd.conf.5.xml:2219 sssd.conf.5.xml:4411 +#: sssd.conf.5.xml:1697 sssd.conf.5.xml:2222 sssd.conf.5.xml:4414 msgid "Default:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1696 sssd.conf.5.xml:2221 +#: sssd.conf.5.xml:1699 sssd.conf.5.xml:2224 msgid "" "/etc/sssd/pki/sssd_auth_ca_db.pem (path to a file with trusted CA " "certificates in PEM format)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1706 +#: sssd.conf.5.xml:1709 msgid "pam_cert_verification (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1709 +#: sssd.conf.5.xml:1712 msgid "" "With this parameter the PAM certificate verification can be tuned with a " "comma separated list of options that override the " @@ -2077,7 +2084,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1720 +#: sssd.conf.5.xml:1723 #, no-wrap msgid "" "pam_cert_verification = partial_chain\n" @@ -2085,59 +2092,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1724 +#: sssd.conf.5.xml:1727 msgid "" "Default: not set, i.e. use default <quote>certificate_verification</quote> " "option defined in <quote>[sssd]</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1731 +#: sssd.conf.5.xml:1734 msgid "p11_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1734 +#: sssd.conf.5.xml:1737 msgid "How many seconds will pam_sss wait for p11_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1743 +#: sssd.conf.5.xml:1746 msgid "passkey_child_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1746 +#: sssd.conf.5.xml:1749 msgid "" "How many seconds will the PAM responder wait for passkey_child to finish." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1755 +#: sssd.conf.5.xml:1758 msgid "pam_app_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1758 +#: sssd.conf.5.xml:1761 msgid "" "Which PAM services are permitted to contact domains of type " "<quote>application</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1767 +#: sssd.conf.5.xml:1770 msgid "pam_p11_allowed_services (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1770 +#: sssd.conf.5.xml:1773 msgid "" "A comma-separated list of PAM service names for which it will be allowed to " "use Smartcards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1785 +#: sssd.conf.5.xml:1788 #, no-wrap msgid "" "pam_p11_allowed_services = +my_pam_service, -login\n" @@ -2145,7 +2152,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1774 +#: sssd.conf.5.xml:1777 msgid "" "It is possible to add another PAM service name to the default set by using " "<quote>+service_name</quote> or to explicitly remove a PAM service name from " @@ -2157,63 +2164,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1789 sssd-ad.5.xml:645 sssd-ad.5.xml:754 sssd-ad.5.xml:812 +#: sssd.conf.5.xml:1792 sssd-ad.5.xml:645 sssd-ad.5.xml:754 sssd-ad.5.xml:812 #: sssd-ad.5.xml:870 sssd-ad.5.xml:948 msgid "Default: the default set of PAM service names includes:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1794 sssd-ad.5.xml:649 +#: sssd.conf.5.xml:1797 sssd-ad.5.xml:649 msgid "login" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1799 sssd-ad.5.xml:654 +#: sssd.conf.5.xml:1802 sssd-ad.5.xml:654 msgid "su" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1804 sssd-ad.5.xml:659 +#: sssd.conf.5.xml:1807 sssd-ad.5.xml:659 msgid "su-l" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1809 sssd-ad.5.xml:674 +#: sssd.conf.5.xml:1812 sssd-ad.5.xml:674 msgid "gdm-smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1814 sssd-ad.5.xml:669 +#: sssd.conf.5.xml:1817 sssd-ad.5.xml:669 msgid "gdm-password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1819 sssd-ad.5.xml:679 +#: sssd.conf.5.xml:1822 sssd-ad.5.xml:679 msgid "kdm" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1824 sssd-ad.5.xml:957 +#: sssd.conf.5.xml:1827 sssd-ad.5.xml:957 msgid "sudo" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1829 sssd-ad.5.xml:962 +#: sssd.conf.5.xml:1832 sssd-ad.5.xml:962 msgid "sudo-i" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:1834 +#: sssd.conf.5.xml:1837 msgid "gnome-screensaver" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1842 +#: sssd.conf.5.xml:1845 msgid "p11_wait_for_card_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1845 +#: sssd.conf.5.xml:1848 msgid "" "If Smartcard authentication is required how many extra seconds in addition " "to p11_child_timeout should the PAM responder wait until a Smartcard is " @@ -2221,12 +2228,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1856 +#: sssd.conf.5.xml:1859 msgid "p11_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1859 +#: sssd.conf.5.xml:1862 msgid "" "PKCS#11 URI (see RFC-7512 for details) which can be used to restrict the " "selection of devices used for Smartcard authentication. By default SSSD's " @@ -2237,7 +2244,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1872 +#: sssd.conf.5.xml:1875 #, no-wrap msgid "" "p11_uri = pkcs11:slot-description=My%20Smartcard%20Reader\n" @@ -2245,7 +2252,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1876 +#: sssd.conf.5.xml:1879 #, no-wrap msgid "" "p11_uri = pkcs11:library-description=OpenSC%20smartcard%20framework;slot-id=2\n" @@ -2253,7 +2260,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1870 +#: sssd.conf.5.xml:1873 msgid "" "Example: <placeholder type=\"programlisting\" id=\"0\"/> or <placeholder " "type=\"programlisting\" id=\"1\"/> To find suitable URI please check the " @@ -2262,47 +2269,47 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1889 +#: sssd.conf.5.xml:1892 msgid "pam_initgroups_scheme" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1897 +#: sssd.conf.5.xml:1900 msgid "always" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1898 +#: sssd.conf.5.xml:1901 msgid "" "Always do an online lookup, please note that pam_id_timeout still applies" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1902 +#: sssd.conf.5.xml:1905 msgid "no_session" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1903 +#: sssd.conf.5.xml:1906 msgid "" "Only do an online lookup if there is no active session of the user, i.e. if " "the user is currently not logged in" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1908 +#: sssd.conf.5.xml:1911 msgid "never" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1909 +#: sssd.conf.5.xml:1912 msgid "" "Never force an online lookup, use the data from the cache as long as they " "are not expired" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1892 +#: sssd.conf.5.xml:1895 msgid "" "The PAM responder can force an online lookup to get the current group " "memberships of the user trying to log in. This option controls when this " @@ -2311,30 +2318,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1916 +#: sssd.conf.5.xml:1919 msgid "Default: no_session" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1921 sssd.conf.5.xml:4350 +#: sssd.conf.5.xml:1924 sssd.conf.5.xml:4353 msgid "pam_gssapi_services" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1924 +#: sssd.conf.5.xml:1927 msgid "" "Comma separated list of PAM services that are allowed to try GSSAPI " "authentication using pam_sss_gss.so module." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1929 +#: sssd.conf.5.xml:1932 msgid "" "To disable GSSAPI authentication, set this option to <quote>-</quote> (dash)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1933 sssd.conf.5.xml:1964 sssd.conf.5.xml:2002 +#: sssd.conf.5.xml:1936 sssd.conf.5.xml:1967 sssd.conf.5.xml:2005 msgid "" "Note: This option can also be set per-domain which overwrites the value in " "[pam] section. It can also be set for trusted domain which overwrites the " @@ -2342,7 +2349,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:1941 +#: sssd.conf.5.xml:1944 #, no-wrap msgid "" "pam_gssapi_services = sudo, sudo-i\n" @@ -2350,22 +2357,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1939 sssd.conf.5.xml:3913 +#: sssd.conf.5.xml:1942 sssd.conf.5.xml:3916 msgid "Example: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1945 +#: sssd.conf.5.xml:1948 msgid "Default: - (GSSAPI authentication is disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1950 sssd.conf.5.xml:4351 +#: sssd.conf.5.xml:1953 sssd.conf.5.xml:4354 msgid "pam_gssapi_check_upn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1953 +#: sssd.conf.5.xml:1956 msgid "" "If True, SSSD will require that the Kerberos user principal that " "successfully authenticated through GSSAPI can be associated with the user " @@ -2373,19 +2380,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1960 +#: sssd.conf.5.xml:1963 msgid "" "If False, every user that is able to obtained required service ticket will " "be authenticated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1975 +#: sssd.conf.5.xml:1978 msgid "pam_gssapi_indicators_map" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1978 +#: sssd.conf.5.xml:1981 msgid "" "Comma separated list of authentication indicators required to be present in " "a Kerberos ticket to access a PAM service that is allowed to try GSSAPI " @@ -2393,7 +2400,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1984 +#: sssd.conf.5.xml:1987 msgid "" "Each element of the list can be either an authentication indicator name or a " "pair <quote>service:indicator</quote>. Indicators not prefixed with the PAM " @@ -2408,7 +2415,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1997 +#: sssd.conf.5.xml:2000 msgid "" "To disable GSSAPI authentication indicator check, set this option to <quote>-" "</quote> (dash). To disable the check for a specific PAM service, add " @@ -2416,45 +2423,45 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2008 +#: sssd.conf.5.xml:2011 msgid "" "Following authentication indicators are supported by IPA Kerberos " "deployments:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2011 +#: sssd.conf.5.xml:2014 msgid "" "pkinit -- pre-authentication using X.509 certificates -- whether stored in " "files or on smart cards." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2014 +#: sssd.conf.5.xml:2017 msgid "" "hardened -- SPAKE pre-authentication or any pre-authentication wrapped in a " "FAST channel." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2017 +#: sssd.conf.5.xml:2020 msgid "radius -- pre-authentication with the help of a RADIUS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2020 +#: sssd.conf.5.xml:2023 msgid "" "otp -- pre-authentication using integrated two-factor authentication (2FA or " "one-time password, OTP) in IPA." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2023 +#: sssd.conf.5.xml:2026 msgid "idp -- pre-authentication using external identity provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:2033 +#: sssd.conf.5.xml:2036 #, no-wrap msgid "" "pam_gssapi_indicators_map = sudo:pkinit, sudo-i:pkinit\n" @@ -2462,7 +2469,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2028 +#: sssd.conf.5.xml:2031 msgid "" "Example: to require access to SUDO services only for users which obtained " "their Kerberos tickets with a X.509 certificate pre-authentication (PKINIT), " @@ -2470,17 +2477,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2037 +#: sssd.conf.5.xml:2040 msgid "Default: not set (use of authentication indicators is not required)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2045 +#: sssd.conf.5.xml:2048 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2047 +#: sssd.conf.5.xml:2050 msgid "" "These options can be used to configure the sudo service. The detailed " "instructions for configuration of <citerefentry> <refentrytitle>sudo</" @@ -2491,24 +2498,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2064 +#: sssd.conf.5.xml:2067 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2067 +#: sssd.conf.5.xml:2070 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2079 +#: sssd.conf.5.xml:2082 msgid "sudo_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2082 +#: sssd.conf.5.xml:2085 msgid "" "Maximum number of expired rules that can be refreshed at once. If number of " "expired rules is below threshold, those rules are refreshed with " @@ -2518,22 +2525,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2101 +#: sssd.conf.5.xml:2104 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2103 +#: sssd.conf.5.xml:2106 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2107 +#: sssd.conf.5.xml:2110 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2110 +#: sssd.conf.5.xml:2113 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -2541,51 +2548,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2126 +#: sssd.conf.5.xml:2129 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2128 +#: sssd.conf.5.xml:2131 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2132 +#: sssd.conf.5.xml:2135 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2135 +#: sssd.conf.5.xml:2138 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2144 +#: sssd.conf.5.xml:2147 msgid "ssh_known_hosts_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2147 +#: sssd.conf.5.xml:2150 msgid "" "How many seconds to keep a host in the managed known_hosts file after its " "host keys were requested." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2151 +#: sssd.conf.5.xml:2154 msgid "Default: 180" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2156 +#: sssd.conf.5.xml:2159 msgid "ssh_use_certificate_keys (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2159 +#: sssd.conf.5.xml:2162 msgid "" "If set to true the <command>sss_ssh_authorizedkeys</command> will return ssh " "keys derived from the public key of X.509 certificates stored in the user " @@ -2594,12 +2601,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2174 +#: sssd.conf.5.xml:2177 msgid "ssh_use_certificate_matching_rules (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2177 +#: sssd.conf.5.xml:2180 msgid "" "By default the ssh responder will use all available certificate matching " "rules to filter the certificates so that ssh keys are only derived from the " @@ -2609,7 +2616,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2186 +#: sssd.conf.5.xml:2189 msgid "" "There are two special key words 'all_rules' and 'no_rules' which will enable " "all or no rules, respectively. The latter means that no certificates will be " @@ -2617,7 +2624,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2193 +#: sssd.conf.5.xml:2196 msgid "" "If no rules are configured using 'all_rules' will enable a default rule " "which enables all certificates suitable for client authentication. This is " @@ -2626,38 +2633,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2200 +#: sssd.conf.5.xml:2203 msgid "" "A non-existing rule name is considered an error. If as a result no rule is " "selected all certificates will be ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2205 +#: sssd.conf.5.xml:2208 msgid "" "Default: not set, equivalent to 'all_rules', all found rules or the default " "rule are used" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2211 +#: sssd.conf.5.xml:2214 msgid "ca_db (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2214 +#: sssd.conf.5.xml:2217 msgid "" "Path to a storage of trusted CA certificates. The option is used to validate " "user certificates before deriving public ssh keys from them." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2234 +#: sssd.conf.5.xml:2237 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2236 +#: sssd.conf.5.xml:2239 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -2668,7 +2675,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2245 +#: sssd.conf.5.xml:2248 msgid "" "If the remote user does not exist in the cache, it is created. The UID is " "determined with the help of the SID, trusted domains will have UPGs and the " @@ -2679,24 +2686,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:2253 +#: sssd.conf.5.xml:2256 msgid "" "If there are SIDs of groups from domains sssd knows about, the user will be " "added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2259 +#: sssd.conf.5.xml:2262 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2263 sssd-ifp.5.xml:66 +#: sssd.conf.5.xml:2266 sssd-ifp.5.xml:66 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2266 +#: sssd.conf.5.xml:2269 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -2704,19 +2711,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2272 +#: sssd.conf.5.xml:2275 msgid "" "Default: 0, &sssd_user_name; (only root and SSSD service users are allowed " "to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2276 +#: sssd.conf.5.xml:2279 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2280 +#: sssd.conf.5.xml:2283 msgid "" "Please note that defaults will be overwritten with this option. If you still " "want to allow the root and/or '&sssd_user_name;' user to access the PAC " @@ -2725,7 +2732,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2287 +#: sssd.conf.5.xml:2290 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -2734,24 +2741,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2296 +#: sssd.conf.5.xml:2299 msgid "pac_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2299 +#: sssd.conf.5.xml:2302 msgid "" "Lifetime of the PAC entry in seconds. As long as the PAC is valid the PAC " "data can be used to determine the group memberships of a user." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2309 +#: sssd.conf.5.xml:2312 msgid "pac_check (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2312 +#: sssd.conf.5.xml:2315 msgid "" "Apply additional checks on the PAC of the Kerberos ticket which is available " "in Active Directory and FreeIPA domains, if configured. Please note that " @@ -2762,24 +2769,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2326 +#: sssd.conf.5.xml:2329 msgid "no_check" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2328 +#: sssd.conf.5.xml:2331 msgid "" "The PAC must not be present and even if it is present no additional checks " "will be done." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2334 +#: sssd.conf.5.xml:2337 msgid "pac_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2336 +#: sssd.conf.5.xml:2339 msgid "" "The PAC must be present in the service ticket which SSSD will request with " "the help of the user's TGT. If the PAC is not available the authentication " @@ -2787,24 +2794,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2344 +#: sssd.conf.5.xml:2347 msgid "check_upn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2346 +#: sssd.conf.5.xml:2349 msgid "" "If the PAC is present check if the user principal name (UPN) information is " "consistent." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2352 +#: sssd.conf.5.xml:2355 msgid "check_upn_allow_missing" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2354 +#: sssd.conf.5.xml:2357 msgid "" "This option should be used together with 'check_upn' and handles the case " "where a UPN is set on the server-side but is not read by SSSD. The typical " @@ -2816,7 +2823,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2366 +#: sssd.conf.5.xml:2369 msgid "" "Currently this option is set by default to avoid regressions in such " "environments. A log message will be added to the system log and SSSD's debug " @@ -2827,60 +2834,60 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2380 +#: sssd.conf.5.xml:2383 msgid "upn_dns_info_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2382 +#: sssd.conf.5.xml:2385 msgid "The PAC must contain the UPN-DNS-INFO buffer, implies 'check_upn'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2387 +#: sssd.conf.5.xml:2390 msgid "check_upn_dns_info_ex" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2389 +#: sssd.conf.5.xml:2392 msgid "" "If the PAC is present and the extension to the UPN-DNS-INFO buffer is " "available check if the information in the extension is consistent." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2396 +#: sssd.conf.5.xml:2399 msgid "upn_dns_info_ex_present" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2398 +#: sssd.conf.5.xml:2401 msgid "" "The PAC must contain the extension of the UPN-DNS-INFO buffer, implies " "'check_upn_dns_info_ex', 'upn_dns_info_present' and 'check_upn'." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2322 +#: sssd.conf.5.xml:2325 msgid "" "The following options can be used alone or in a comma-separated list: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2408 +#: sssd.conf.5.xml:2411 msgid "" "Default: no_check (AD and IPA provider 'check_upn, check_upn_allow_missing, " "check_upn_dns_info_ex')" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:2417 +#: sssd.conf.5.xml:2420 msgid "Session recording configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2419 +#: sssd.conf.5.xml:2422 msgid "" "Session recording works in conjunction with <citerefentry> " "<refentrytitle>tlog-rec-session</refentrytitle> <manvolnum>8</manvolnum> </" @@ -2890,66 +2897,66 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:2432 +#: sssd.conf.5.xml:2435 msgid "These options can be used to configure session recording." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2436 sssd-session-recording.5.xml:64 +#: sssd.conf.5.xml:2439 sssd-session-recording.5.xml:64 msgid "scope (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2443 sssd-session-recording.5.xml:71 +#: sssd.conf.5.xml:2446 sssd-session-recording.5.xml:71 msgid "\"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2446 sssd-session-recording.5.xml:74 +#: sssd.conf.5.xml:2449 sssd-session-recording.5.xml:74 msgid "No users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2451 sssd-session-recording.5.xml:79 +#: sssd.conf.5.xml:2454 sssd-session-recording.5.xml:79 msgid "\"some\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2454 sssd-session-recording.5.xml:82 +#: sssd.conf.5.xml:2457 sssd-session-recording.5.xml:82 msgid "" "Users/groups specified by <replaceable>users</replaceable> and " "<replaceable>groups</replaceable> options are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2463 sssd-session-recording.5.xml:91 +#: sssd.conf.5.xml:2466 sssd-session-recording.5.xml:91 msgid "\"all\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2466 sssd-session-recording.5.xml:94 +#: sssd.conf.5.xml:2469 sssd-session-recording.5.xml:94 msgid "All users are recorded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2439 sssd-session-recording.5.xml:67 +#: sssd.conf.5.xml:2442 sssd-session-recording.5.xml:67 msgid "" "One of the following strings specifying the scope of session recording: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2473 sssd-session-recording.5.xml:101 +#: sssd.conf.5.xml:2476 sssd-session-recording.5.xml:101 msgid "Default: \"none\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2478 sssd-session-recording.5.xml:106 +#: sssd.conf.5.xml:2481 sssd-session-recording.5.xml:106 msgid "users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2481 sssd-session-recording.5.xml:109 +#: sssd.conf.5.xml:2484 sssd-session-recording.5.xml:109 msgid "" "A comma-separated list of users which should have session recording enabled. " "Matches user names as returned by NSS. I.e. after the possible space " @@ -2957,17 +2964,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2487 sssd-session-recording.5.xml:115 +#: sssd.conf.5.xml:2490 sssd-session-recording.5.xml:115 msgid "Default: Empty. Matches no users." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2492 sssd-session-recording.5.xml:120 +#: sssd.conf.5.xml:2495 sssd-session-recording.5.xml:120 msgid "groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2495 sssd-session-recording.5.xml:123 +#: sssd.conf.5.xml:2498 sssd-session-recording.5.xml:123 msgid "" "A comma-separated list of groups, members of which should have session " "recording enabled. Matches group names as returned by NSS. I.e. after the " @@ -2975,7 +2982,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2501 sssd.conf.5.xml:2533 sssd-session-recording.5.xml:129 +#: sssd.conf.5.xml:2504 sssd.conf.5.xml:2536 sssd-session-recording.5.xml:129 #: sssd-session-recording.5.xml:161 msgid "" "NOTE: using this option (having it set to anything) has a considerable " @@ -2984,57 +2991,57 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2508 sssd-session-recording.5.xml:136 +#: sssd.conf.5.xml:2511 sssd-session-recording.5.xml:136 msgid "Default: Empty. Matches no groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2513 sssd-session-recording.5.xml:141 +#: sssd.conf.5.xml:2516 sssd-session-recording.5.xml:141 msgid "exclude_users (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2516 sssd-session-recording.5.xml:144 +#: sssd.conf.5.xml:2519 sssd-session-recording.5.xml:144 msgid "" "A comma-separated list of users to be excluded from recording, only " "applicable with 'scope=all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2520 sssd-session-recording.5.xml:148 +#: sssd.conf.5.xml:2523 sssd-session-recording.5.xml:148 msgid "Default: Empty. No users excluded." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2525 sssd-session-recording.5.xml:153 +#: sssd.conf.5.xml:2528 sssd-session-recording.5.xml:153 msgid "exclude_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2528 sssd-session-recording.5.xml:156 +#: sssd.conf.5.xml:2531 sssd-session-recording.5.xml:156 msgid "" "A comma-separated list of groups, members of which should be excluded from " "recording. Only applicable with 'scope=all'." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2540 sssd-session-recording.5.xml:168 +#: sssd.conf.5.xml:2543 sssd-session-recording.5.xml:168 msgid "Default: Empty. No groups excluded." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:2550 +#: sssd.conf.5.xml:2553 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para> -#: sssd.conf.5.xml:2557 sssd.conf.5.xml:4041 sssd.conf.5.xml:4042 -#: sssd.conf.5.xml:4045 +#: sssd.conf.5.xml:2560 sssd.conf.5.xml:4044 sssd.conf.5.xml:4045 +#: sssd.conf.5.xml:4048 msgid "enabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2560 +#: sssd.conf.5.xml:2563 msgid "" "Explicitly enable or disable the domain. If <quote>true</quote>, the domain " "is always <quote>enabled</quote>. If <quote>false</quote>, the domain is " @@ -3044,12 +3051,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2572 +#: sssd.conf.5.xml:2575 msgid "domain_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2575 +#: sssd.conf.5.xml:2578 msgid "" "Specifies whether the domain is meant to be used by POSIX-aware clients such " "as the Name Service Switch or by applications that do not need POSIX data to " @@ -3058,14 +3065,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2583 +#: sssd.conf.5.xml:2586 msgid "" "Allowed values for this option are <quote>posix</quote> and " "<quote>application</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2587 +#: sssd.conf.5.xml:2590 msgid "" "POSIX domains are reachable by all services. Application domains are only " "reachable from the InfoPipe responder (see <citerefentry> " @@ -3074,38 +3081,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2595 +#: sssd.conf.5.xml:2598 msgid "" "NOTE: The application domains are currently well tested with " "<quote>id_provider=ldap</quote> only." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2599 +#: sssd.conf.5.xml:2602 msgid "" "For an easy way to configure a non-POSIX domains, please see the " "<quote>Application domains</quote> section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2603 +#: sssd.conf.5.xml:2606 msgid "Default: posix" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2609 +#: sssd.conf.5.xml:2612 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2612 +#: sssd.conf.5.xml:2615 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2617 +#: sssd.conf.5.xml:2620 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For non-" @@ -3114,24 +3121,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2624 +#: sssd.conf.5.xml:2627 msgid "" "These ID limits affect even saving entries to cache, not only returning them " "by name or ID." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2628 +#: sssd.conf.5.xml:2631 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2634 +#: sssd.conf.5.xml:2637 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2637 +#: sssd.conf.5.xml:2640 msgid "" "Determines if a domain can be enumerated, that is, whether the domain can " "list all the users and group it contains. Note that it is not required to " @@ -3140,36 +3147,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2645 +#: sssd.conf.5.xml:2648 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2648 +#: sssd.conf.5.xml:2651 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2651 sssd.conf.5.xml:2942 sssd.conf.5.xml:3119 +#: sssd.conf.5.xml:2654 sssd.conf.5.xml:2945 sssd.conf.5.xml:3122 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2654 +#: sssd.conf.5.xml:2657 msgid "" "Enumerating a domain requires SSSD to download and store ALL user and group " "entries from the remote server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2659 +#: sssd.conf.5.xml:2662 msgid "" "Feature is only supported for domains with id_provider = ldap or id_provider " "= proxy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2663 +#: sssd.conf.5.xml:2666 msgid "" "Note: Enabling enumeration has a severe performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -3183,14 +3190,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2678 +#: sssd.conf.5.xml:2681 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2683 +#: sssd.conf.5.xml:2686 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -3199,14 +3206,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2691 +#: sssd.conf.5.xml:2694 msgid "" "For the reasons cited above, enabling enumeration is not recommended, " "especially in large environments." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2696 +#: sssd.conf.5.xml:2699 msgid "" "Note: the proxy provider is tested with open source modules like " "'libnss_files' and 'libnss_ldap'. 3rd party modules must follow the " @@ -3214,32 +3221,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2705 +#: sssd.conf.5.xml:2708 msgid "subdomain_enumerate (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2712 +#: sssd.conf.5.xml:2715 msgid "all" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2713 +#: sssd.conf.5.xml:2716 msgid "All discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2716 +#: sssd.conf.5.xml:2719 msgid "none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2717 +#: sssd.conf.5.xml:2720 msgid "No discovered trusted domains will be enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2708 +#: sssd.conf.5.xml:2711 msgid "" "Whether any of autodetected trusted domains should be enumerated. The " "supported values are: <placeholder type=\"variablelist\" id=\"0\"/> " @@ -3248,19 +3255,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2731 +#: sssd.conf.5.xml:2734 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2734 +#: sssd.conf.5.xml:2737 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2738 +#: sssd.conf.5.xml:2741 msgid "" "The cache expiration timestamps are stored as attributes of individual " "objects in the cache. Therefore, changing the cache timeout only has effect " @@ -3271,139 +3278,139 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2751 +#: sssd.conf.5.xml:2754 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2757 +#: sssd.conf.5.xml:2760 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2760 +#: sssd.conf.5.xml:2763 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2764 sssd.conf.5.xml:2777 sssd.conf.5.xml:2790 -#: sssd.conf.5.xml:2803 sssd.conf.5.xml:2817 sssd.conf.5.xml:2830 -#: sssd.conf.5.xml:2844 sssd.conf.5.xml:2858 sssd.conf.5.xml:2871 +#: sssd.conf.5.xml:2767 sssd.conf.5.xml:2780 sssd.conf.5.xml:2793 +#: sssd.conf.5.xml:2806 sssd.conf.5.xml:2820 sssd.conf.5.xml:2833 +#: sssd.conf.5.xml:2847 sssd.conf.5.xml:2861 sssd.conf.5.xml:2874 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2770 +#: sssd.conf.5.xml:2773 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2773 +#: sssd.conf.5.xml:2776 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2783 +#: sssd.conf.5.xml:2786 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2786 +#: sssd.conf.5.xml:2789 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2796 +#: sssd.conf.5.xml:2799 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2799 +#: sssd.conf.5.xml:2802 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2809 +#: sssd.conf.5.xml:2812 msgid "entry_cache_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2812 +#: sssd.conf.5.xml:2815 msgid "" "How many seconds should nss_sss consider hosts and networks entries valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2823 +#: sssd.conf.5.xml:2826 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2826 +#: sssd.conf.5.xml:2829 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2836 +#: sssd.conf.5.xml:2839 msgid "entry_cache_autofs_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2839 +#: sssd.conf.5.xml:2842 msgid "" "How many seconds should the autofs service consider automounter maps valid " "before asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2850 +#: sssd.conf.5.xml:2853 msgid "entry_cache_ssh_host_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2853 +#: sssd.conf.5.xml:2856 msgid "" "How many seconds to keep a host ssh key after refresh. IE how long to cache " "the host key for." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2864 +#: sssd.conf.5.xml:2867 msgid "entry_cache_computer_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2867 +#: sssd.conf.5.xml:2870 msgid "" "How many seconds to keep the local computer entry before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2877 +#: sssd.conf.5.xml:2880 msgid "refresh_expired_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2880 +#: sssd.conf.5.xml:2883 msgid "" "Specifies how many seconds SSSD has to wait before triggering a background " "refresh task which will refresh all expired or nearly expired records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2885 +#: sssd.conf.5.xml:2888 msgid "" "The background refresh will process users, groups and netgroups in the " "cache. For users who have performed the initgroups (get group membership for " @@ -3412,17 +3419,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2893 +#: sssd.conf.5.xml:2896 msgid "This option is automatically inherited for all trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2897 +#: sssd.conf.5.xml:2900 msgid "You can consider setting this value to 3/4 * entry_cache_timeout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2901 +#: sssd.conf.5.xml:2904 msgid "" "Cache entry will be refreshed by background task when 2/3 of cache timeout " "has already passed. If there are existing cached entries, the background " @@ -3434,18 +3441,18 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2914 sssd-ldap.5.xml:361 sssd-ldap.5.xml:1774 +#: sssd.conf.5.xml:2917 sssd-ldap.5.xml:372 sssd-ldap.5.xml:1785 #: sssd-ipa.5.xml:270 msgid "Default: 0 (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2920 +#: sssd.conf.5.xml:2923 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2923 +#: sssd.conf.5.xml:2926 msgid "" "Determines if user credentials are also cached in the local LDB cache. The " "cached credentials refer to passwords, which includes the first (long term) " @@ -3456,7 +3463,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2934 +#: sssd.conf.5.xml:2937 msgid "" "Take a note that while credentials are stored as a salted SHA512 hash, this " "still potentially poses some security risk in case an attacker manages to " @@ -3465,12 +3472,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2948 +#: sssd.conf.5.xml:2951 msgid "cache_credentials_minimal_first_factor_length (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2951 +#: sssd.conf.5.xml:2954 msgid "" "If 2-Factor-Authentication (2FA) is used and credentials should be saved " "this value determines the minimal length the first authentication factor " @@ -3478,19 +3485,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2958 +#: sssd.conf.5.xml:2961 msgid "" "This should avoid that the short PINs of a PIN based 2FA scheme are saved in " "the cache which would make them easy targets for brute-force attacks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2969 +#: sssd.conf.5.xml:2972 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2972 +#: sssd.conf.5.xml:2975 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -3499,17 +3506,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2979 +#: sssd.conf.5.xml:2982 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:2984 +#: sssd.conf.5.xml:2987 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:2995 +#: sssd.conf.5.xml:2998 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -3518,28 +3525,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3002 +#: sssd.conf.5.xml:3005 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3008 +#: sssd.conf.5.xml:3011 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3011 +#: sssd.conf.5.xml:3014 msgid "" "The identification provider used for the domain. Supported ID providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3015 +#: sssd.conf.5.xml:3018 msgid "<quote>proxy</quote>: Support a legacy NSS provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3018 +#: sssd.conf.5.xml:3021 msgid "" "<quote>files</quote>: FILES provider. See <citerefentry> <refentrytitle>sssd-" "files</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3547,7 +3554,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3026 +#: sssd.conf.5.xml:3029 msgid "" "<quote>ldap</quote>: LDAP provider. See <citerefentry> <refentrytitle>sssd-" "ldap</refentrytitle> <manvolnum>5</manvolnum> </citerefentry> for more " @@ -3555,8 +3562,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3034 sssd.conf.5.xml:3145 sssd.conf.5.xml:3196 -#: sssd.conf.5.xml:3259 +#: sssd.conf.5.xml:3037 sssd.conf.5.xml:3148 sssd.conf.5.xml:3199 +#: sssd.conf.5.xml:3262 msgid "" "<quote>ipa</quote>: FreeIPA and Red Hat Identity Management provider. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3564,8 +3571,8 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3043 sssd.conf.5.xml:3154 sssd.conf.5.xml:3205 -#: sssd.conf.5.xml:3268 +#: sssd.conf.5.xml:3046 sssd.conf.5.xml:3157 sssd.conf.5.xml:3208 +#: sssd.conf.5.xml:3271 msgid "" "<quote>ad</quote>: Active Directory provider. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3573,19 +3580,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3054 +#: sssd.conf.5.xml:3057 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3057 +#: sssd.conf.5.xml:3060 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3062 +#: sssd.conf.5.xml:3065 msgid "" "If set to TRUE, all requests to this domain must use fully qualified names. " "For example, if used in LOCAL domain that contains a \"test\" user, " @@ -3594,7 +3601,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3070 +#: sssd.conf.5.xml:3073 msgid "" "NOTE: This option has no effect on netgroup lookups due to their tendency to " "include nested netgroups without qualified names. For netgroups, all domains " @@ -3602,24 +3609,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3077 +#: sssd.conf.5.xml:3080 msgid "" "Default: FALSE (TRUE for trusted domain/sub-domains or if " "default_domain_suffix is used)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3084 +#: sssd.conf.5.xml:3087 msgid "ignore_group_members (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3087 +#: sssd.conf.5.xml:3090 msgid "Do not return group members for group lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3090 +#: sssd.conf.5.xml:3093 msgid "" "If set to TRUE, the group membership attribute is not requested from the " "ldap server, and group members are not returned when processing group lookup " @@ -3631,7 +3638,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3108 +#: sssd.conf.5.xml:3111 msgid "" "Enabling this option can also make access provider checks for group " "membership significantly faster, especially for groups containing many " @@ -3639,30 +3646,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3114 sssd.conf.5.xml:3835 sssd-ldap.5.xml:327 -#: sssd-ldap.5.xml:356 sssd-ldap.5.xml:409 sssd-ldap.5.xml:469 -#: sssd-ldap.5.xml:490 sssd-ldap.5.xml:521 sssd-ldap.5.xml:544 -#: sssd-ldap.5.xml:583 sssd-ldap.5.xml:602 sssd-ldap.5.xml:626 -#: sssd-ldap.5.xml:1054 sssd-ldap.5.xml:1087 +#: sssd.conf.5.xml:3117 sssd.conf.5.xml:3838 sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:367 sssd-ldap.5.xml:420 sssd-ldap.5.xml:480 +#: sssd-ldap.5.xml:501 sssd-ldap.5.xml:532 sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:594 sssd-ldap.5.xml:613 sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:1065 sssd-ldap.5.xml:1098 msgid "" "This option can be also set per subdomain or inherited via " "<emphasis>subdomain_inherit</emphasis>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3124 +#: sssd.conf.5.xml:3127 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3127 +#: sssd.conf.5.xml:3130 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3131 sssd.conf.5.xml:3189 +#: sssd.conf.5.xml:3134 sssd.conf.5.xml:3192 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3670,7 +3677,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3138 +#: sssd.conf.5.xml:3141 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3678,30 +3685,30 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3162 +#: sssd.conf.5.xml:3165 msgid "" "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3165 +#: sssd.conf.5.xml:3168 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3168 +#: sssd.conf.5.xml:3171 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3174 +#: sssd.conf.5.xml:3177 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3177 +#: sssd.conf.5.xml:3180 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -3709,19 +3716,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3183 +#: sssd.conf.5.xml:3186 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3186 +#: sssd.conf.5.xml:3189 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3213 +#: sssd.conf.5.xml:3216 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> <manvolnum>5</" @@ -3730,7 +3737,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3220 +#: sssd.conf.5.xml:3223 msgid "" "<quote>krb5</quote>: .k5login based access control. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum></" @@ -3738,29 +3745,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3227 +#: sssd.conf.5.xml:3230 msgid "<quote>proxy</quote> for relaying access control to another PAM module." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3230 +#: sssd.conf.5.xml:3233 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3235 +#: sssd.conf.5.xml:3238 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3238 +#: sssd.conf.5.xml:3241 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3243 +#: sssd.conf.5.xml:3246 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -3768,7 +3775,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3251 +#: sssd.conf.5.xml:3254 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3776,35 +3783,35 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3276 +#: sssd.conf.5.xml:3279 msgid "" "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3280 +#: sssd.conf.5.xml:3283 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3283 +#: sssd.conf.5.xml:3286 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3290 +#: sssd.conf.5.xml:3293 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3293 +#: sssd.conf.5.xml:3296 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3297 +#: sssd.conf.5.xml:3300 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3812,32 +3819,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3305 +#: sssd.conf.5.xml:3308 msgid "" "<quote>ipa</quote> the same as <quote>ldap</quote> but with IPA default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3309 +#: sssd.conf.5.xml:3312 msgid "" "<quote>ad</quote> the same as <quote>ldap</quote> but with AD default " "settings." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3313 +#: sssd.conf.5.xml:3316 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3316 sssd.conf.5.xml:3402 sssd.conf.5.xml:3467 -#: sssd.conf.5.xml:3492 sssd.conf.5.xml:3528 +#: sssd.conf.5.xml:3319 sssd.conf.5.xml:3405 sssd.conf.5.xml:3470 +#: sssd.conf.5.xml:3495 sssd.conf.5.xml:3531 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3320 +#: sssd.conf.5.xml:3323 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -3848,7 +3855,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3335 +#: sssd.conf.5.xml:3338 msgid "" "<emphasis>NOTE:</emphasis> Sudo rules are periodically downloaded in the " "background unless the sudo provider is explicitly disabled. Set " @@ -3857,12 +3864,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3345 +#: sssd.conf.5.xml:3348 msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3348 +#: sssd.conf.5.xml:3351 msgid "" "The provider which should handle loading of selinux settings. Note that this " "provider will be called right after access provider ends. Supported selinux " @@ -3870,7 +3877,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3354 +#: sssd.conf.5.xml:3357 msgid "" "<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3878,31 +3885,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3362 +#: sssd.conf.5.xml:3365 msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3365 +#: sssd.conf.5.xml:3368 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3371 +#: sssd.conf.5.xml:3374 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3374 +#: sssd.conf.5.xml:3377 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3380 +#: sssd.conf.5.xml:3383 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -3910,7 +3917,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3389 +#: sssd.conf.5.xml:3392 msgid "" "<quote>ad</quote> to load a list of subdomains from an Active Directory " "server. See <citerefentry> <refentrytitle>sssd-ad</refentrytitle> " @@ -3919,17 +3926,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3398 +#: sssd.conf.5.xml:3401 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3408 +#: sssd.conf.5.xml:3411 msgid "session_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3411 +#: sssd.conf.5.xml:3414 msgid "" "The provider which configures and manages user session related tasks. The " "only user session task currently provided is the integration with Fleet " @@ -3937,36 +3944,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3418 +#: sssd.conf.5.xml:3421 msgid "<quote>ipa</quote> to allow performing user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3422 +#: sssd.conf.5.xml:3425 msgid "" "<quote>none</quote> does not perform any kind of user session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3426 +#: sssd.conf.5.xml:3429 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can perform " "session related tasks." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3433 +#: sssd.conf.5.xml:3436 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3436 +#: sssd.conf.5.xml:3439 msgid "" "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3440 +#: sssd.conf.5.xml:3443 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3974,7 +3981,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3447 +#: sssd.conf.5.xml:3450 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3982,7 +3989,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3455 +#: sssd.conf.5.xml:3458 msgid "" "<quote>ad</quote> to load maps stored in an AD server. See <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> </" @@ -3990,24 +3997,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3464 +#: sssd.conf.5.xml:3467 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3474 +#: sssd.conf.5.xml:3477 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3477 +#: sssd.conf.5.xml:3480 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3481 +#: sssd.conf.5.xml:3484 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</" @@ -4015,31 +4022,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3489 +#: sssd.conf.5.xml:3492 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3499 +#: sssd.conf.5.xml:3502 msgid "resolver_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3502 +#: sssd.conf.5.xml:3505 msgid "" "The provider which should handle hosts and networks lookups. Supported " "resolver providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3506 +#: sssd.conf.5.xml:3509 msgid "" "<quote>proxy</quote> to forward lookups to another NSS library. See " "<quote>proxy_resolver_lib_name</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3510 +#: sssd.conf.5.xml:3513 msgid "" "<quote>ldap</quote> to fetch hosts and networks stored in LDAP. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</" @@ -4047,7 +4054,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3517 +#: sssd.conf.5.xml:3520 msgid "" "<quote>ad</quote> to fetch hosts and networks stored in AD. See " "<citerefentry> <refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</" @@ -4056,12 +4063,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3525 +#: sssd.conf.5.xml:3528 msgid "<quote>none</quote> disallows fetching hosts and networks explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3538 +#: sssd.conf.5.xml:3541 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components. The \"domain\" can " @@ -4071,24 +4078,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3547 +#: sssd.conf.5.xml:3550 msgid "" "Default: <quote>^((?P<name>.+)@(?P<domain>[^@]*)|(?P<name>" "[^@]+))$</quote> which allows two different styles for user names:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3552 sssd.conf.5.xml:3566 +#: sssd.conf.5.xml:3555 sssd.conf.5.xml:3569 msgid "username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3555 sssd.conf.5.xml:3569 +#: sssd.conf.5.xml:3558 sssd.conf.5.xml:3572 msgid "username@domain.name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3560 +#: sssd.conf.5.xml:3563 msgid "" "Default for the AD and IPA provider: <quote>^(((?P<domain>[^\\\\]+)\\" "\\(?P<name>.+))|((?P<name>.+)@(?P<domain>[^@]+))|((?P<" @@ -4097,19 +4104,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:3572 +#: sssd.conf.5.xml:3575 msgid "domain\\username" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3575 +#: sssd.conf.5.xml:3578 msgid "" "While the first two correspond to the general default the third one is " "introduced to allow easy integration of users from Windows domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3580 +#: sssd.conf.5.xml:3583 msgid "" "The default re_expression uses the <quote>@</quote> character as a separator " "between the name and the domain. As a result of this setting the default " @@ -4119,89 +4126,89 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3632 +#: sssd.conf.5.xml:3635 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3638 +#: sssd.conf.5.xml:3641 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3641 +#: sssd.conf.5.xml:3644 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3645 +#: sssd.conf.5.xml:3648 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3648 +#: sssd.conf.5.xml:3651 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3651 +#: sssd.conf.5.xml:3654 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3654 +#: sssd.conf.5.xml:3657 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3657 +#: sssd.conf.5.xml:3660 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3660 +#: sssd.conf.5.xml:3663 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3666 +#: sssd.conf.5.xml:3669 msgid "dns_resolver_server_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3669 +#: sssd.conf.5.xml:3672 msgid "" "Defines the amount of time (in milliseconds) SSSD would try to talk to DNS " "server before trying next DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3674 +#: sssd.conf.5.xml:3677 msgid "" "The AD provider will use this option for the CLDAP ping timeouts as well." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3678 sssd.conf.5.xml:3698 sssd.conf.5.xml:3719 +#: sssd.conf.5.xml:3681 sssd.conf.5.xml:3701 sssd.conf.5.xml:3722 msgid "" "Please see the section <quote>FAILOVER</quote> for more information about " "the service resolution." msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3683 sssd-ldap.5.xml:645 include/failover.xml:84 +#: sssd.conf.5.xml:3686 sssd-ldap.5.xml:656 include/failover.xml:84 msgid "Default: 1000" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3689 +#: sssd.conf.5.xml:3692 msgid "dns_resolver_op_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3692 +#: sssd.conf.5.xml:3695 msgid "" "Defines the amount of time (in seconds) to wait to resolve single DNS query " "(e.g. resolution of a hostname or an SRV record) before trying the next " @@ -4209,17 +4216,17 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3703 include/failover.xml:100 +#: sssd.conf.5.xml:3706 include/failover.xml:100 msgid "Default: 3" msgstr "默认: 3" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3709 +#: sssd.conf.5.xml:3712 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3712 +#: sssd.conf.5.xml:3715 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the " "internal fail over service before assuming that the service is unreachable. " @@ -4228,12 +4235,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3730 +#: sssd.conf.5.xml:3733 msgid "dns_resolver_use_search_list (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3733 +#: sssd.conf.5.xml:3736 msgid "" "Normally, the DNS resolver searches the domain list defined in the " "\"search\" directive from the resolv.conf file. This can lead to delays in " @@ -4241,7 +4248,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3739 +#: sssd.conf.5.xml:3742 msgid "" "If fully qualified domain names (or _srv_) are used in the SSSD " "configuration, setting this option to FALSE can prevent unnecessary DNS " @@ -4249,36 +4256,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3745 +#: sssd.conf.5.xml:3748 #, fuzzy #| msgid "Default: 3" msgid "Default: TRUE" msgstr "默认: 3" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3751 +#: sssd.conf.5.xml:3754 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3754 +#: sssd.conf.5.xml:3757 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3758 +#: sssd.conf.5.xml:3761 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3764 +#: sssd.conf.5.xml:3767 msgid "failover_primary_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3767 +#: sssd.conf.5.xml:3770 msgid "" "When no primary server is available, SSSD fails over to a backup server. " "This option defines the number of seconds SSSD waits before attempting to " @@ -4286,59 +4293,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3774 +#: sssd.conf.5.xml:3777 msgid "Note: The minimum value is 31." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3777 +#: sssd.conf.5.xml:3780 #, fuzzy #| msgid "Default: 3" msgid "Default: 31" msgstr "默认: 3" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3783 +#: sssd.conf.5.xml:3786 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3786 +#: sssd.conf.5.xml:3789 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3792 +#: sssd.conf.5.xml:3795 msgid "case_sensitive (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3799 +#: sssd.conf.5.xml:3802 msgid "True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3802 +#: sssd.conf.5.xml:3805 msgid "Case sensitive. This value is invalid for AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3808 +#: sssd.conf.5.xml:3811 msgid "False" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3810 +#: sssd.conf.5.xml:3813 msgid "Case insensitive." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3814 +#: sssd.conf.5.xml:3817 msgid "Preserving" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3817 +#: sssd.conf.5.xml:3820 msgid "" "Same as False (case insensitive), but does not lowercase names in the result " "of NSS operations. Note that name aliases (and in case of services also " @@ -4346,31 +4353,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3825 +#: sssd.conf.5.xml:3828 msgid "" "If you want to set this value for trusted domain with IPA provider, you need " "to set it on both the client and SSSD on the server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3795 +#: sssd.conf.5.xml:3798 msgid "" "Treat user and group names as case sensitive. Possible option values are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3840 +#: sssd.conf.5.xml:3843 msgid "Default: True (False for AD provider)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3846 +#: sssd.conf.5.xml:3849 msgid "subdomain_inherit (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3849 +#: sssd.conf.5.xml:3852 msgid "" "Specifies a list of configuration parameters that should be inherited by a " "subdomain. Please note that only selected parameters can be inherited. " @@ -4378,104 +4385,104 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3855 +#: sssd.conf.5.xml:3858 msgid "ldap_search_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3858 +#: sssd.conf.5.xml:3861 msgid "ldap_network_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3861 +#: sssd.conf.5.xml:3864 msgid "ldap_opt_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3864 +#: sssd.conf.5.xml:3867 msgid "ldap_offline_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3867 +#: sssd.conf.5.xml:3870 msgid "ldap_enumeration_refresh_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3870 +#: sssd.conf.5.xml:3873 msgid "ldap_enumeration_refresh_offset" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3873 +#: sssd.conf.5.xml:3876 msgid "ldap_purge_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3876 +#: sssd.conf.5.xml:3879 msgid "ldap_purge_cache_offset" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3879 +#: sssd.conf.5.xml:3882 msgid "" "ldap_krb5_keytab (the value of krb5_keytab will be used if ldap_krb5_keytab " "is not set explicitly)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3883 +#: sssd.conf.5.xml:3886 msgid "ldap_krb5_ticket_lifetime" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3886 +#: sssd.conf.5.xml:3889 msgid "ldap_enumeration_search_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3889 +#: sssd.conf.5.xml:3892 msgid "ldap_connection_expire_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3892 +#: sssd.conf.5.xml:3895 msgid "ldap_connection_expire_offset" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3895 +#: sssd.conf.5.xml:3898 msgid "ldap_connection_idle_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3898 sssd-ldap.5.xml:401 +#: sssd.conf.5.xml:3901 sssd-ldap.5.xml:412 msgid "ldap_use_tokengroups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3901 +#: sssd.conf.5.xml:3904 msgid "ldap_user_principal" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3904 +#: sssd.conf.5.xml:3907 msgid "ignore_group_members" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3907 +#: sssd.conf.5.xml:3910 msgid "auto_private_groups" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3910 +#: sssd.conf.5.xml:3913 msgid "case_sensitive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:3915 +#: sssd.conf.5.xml:3918 #, no-wrap msgid "" "subdomain_inherit = ldap_purge_cache_timeout\n" @@ -4483,27 +4490,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3922 +#: sssd.conf.5.xml:3925 msgid "Note: This option only works with the IPA and AD provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3929 +#: sssd.conf.5.xml:3932 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3940 +#: sssd.conf.5.xml:3943 msgid "%F" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3941 +#: sssd.conf.5.xml:3944 msgid "flat (NetBIOS) name of a subdomain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3932 +#: sssd.conf.5.xml:3935 msgid "" "Use this homedir as default value for all subdomains within this domain in " "IPA AD trust. See <emphasis>override_homedir</emphasis> for info about " @@ -4513,34 +4520,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3946 +#: sssd.conf.5.xml:3949 msgid "" "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3950 +#: sssd.conf.5.xml:3953 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3955 +#: sssd.conf.5.xml:3958 msgid "realmd_tags (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3958 +#: sssd.conf.5.xml:3961 msgid "" "Various tags stored by the realmd configuration service for this domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3964 +#: sssd.conf.5.xml:3967 msgid "cached_auth_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3967 +#: sssd.conf.5.xml:3970 msgid "" "Specifies time in seconds since last successful online authentication for " "which user will be authenticated using cached credentials while SSSD is in " @@ -4549,19 +4556,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3975 +#: sssd.conf.5.xml:3978 msgid "" "This option's value is inherited by all trusted domains. At the moment it is " "not possible to set a different value per trusted domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3980 +#: sssd.conf.5.xml:3983 msgid "Special value 0 implies that this feature is disabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3984 +#: sssd.conf.5.xml:3987 msgid "" "Please note that if <quote>cached_auth_timeout</quote> is longer than " "<quote>pam_id_timeout</quote> then the back end could be called to handle " @@ -4569,12 +4576,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:3995 +#: sssd.conf.5.xml:3998 msgid "local_auth_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:3998 +#: sssd.conf.5.xml:4001 msgid "" "Local authentication methods policy. Some backends (i.e. LDAP, proxy " "provider) only support a password based authentication, while others can " @@ -4586,7 +4593,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4010 +#: sssd.conf.5.xml:4013 msgid "" "There are three possible values for this option: match, only, enable. " "<quote>match</quote> is used to match offline and online states for Kerberos " @@ -4598,7 +4605,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4023 +#: sssd.conf.5.xml:4026 msgid "" "The following table shows which authentication methods, if configured " "properly, are currently enabled or disabled for each backend, with the " @@ -4606,42 +4613,42 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4036 +#: sssd.conf.5.xml:4039 msgid "local_auth_policy = match (default)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4037 +#: sssd.conf.5.xml:4040 msgid "Passkey" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><thead><row><entry> -#: sssd.conf.5.xml:4038 +#: sssd.conf.5.xml:4041 msgid "Smartcard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4041 sssd-ldap.5.xml:189 +#: sssd.conf.5.xml:4044 sssd-ldap.5.xml:189 msgid "IPA" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4044 sssd-ldap.5.xml:194 +#: sssd.conf.5.xml:4047 sssd-ldap.5.xml:194 msgid "AD" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry><para> -#: sssd.conf.5.xml:4044 sssd.conf.5.xml:4047 sssd.conf.5.xml:4048 +#: sssd.conf.5.xml:4047 sssd.conf.5.xml:4050 sssd.conf.5.xml:4051 msgid "disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><informaltable><tgroup><tbody><row><entry> -#: sssd.conf.5.xml:4047 +#: sssd.conf.5.xml:4050 msgid "LDAP" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4052 +#: sssd.conf.5.xml:4055 msgid "" "Please note that if local Smartcard authentication is enabled and a " "Smartcard is present, Smartcard authentication will be preferred over the " @@ -4650,7 +4657,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4064 +#: sssd.conf.5.xml:4067 #, no-wrap msgid "" "[domain/shadowutils]\n" @@ -4661,7 +4668,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4060 +#: sssd.conf.5.xml:4063 msgid "" "The following configuration example allows local users to authenticate " "locally using any enabled method (i.e. smartcard, passkey). <placeholder " @@ -4669,38 +4676,38 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4072 +#: sssd.conf.5.xml:4075 msgid "" "It is expected that the <quote>files</quote> provider ignores the " "local_auth_policy option and supports Smartcard authentication by default." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4077 +#: sssd.conf.5.xml:4080 #, fuzzy #| msgid "Default: 3" msgid "Default: match" msgstr "默认: 3" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4082 +#: sssd.conf.5.xml:4085 msgid "auto_private_groups (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4088 +#: sssd.conf.5.xml:4091 msgid "true" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4091 +#: sssd.conf.5.xml:4094 msgid "" "Create user's private group unconditionally from user's UID number. The GID " "number is ignored in this case." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4095 +#: sssd.conf.5.xml:4098 msgid "" "NOTE: Because the GID number and the user private group are inferred from " "the UID number, it is not supported to have multiple entries with the same " @@ -4709,24 +4716,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4104 +#: sssd.conf.5.xml:4107 msgid "false" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4107 +#: sssd.conf.5.xml:4110 msgid "" "Always use the user's primary GID number. The GID number must refer to a " "group object in the LDAP database." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4113 +#: sssd.conf.5.xml:4116 msgid "hybrid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4116 +#: sssd.conf.5.xml:4119 msgid "" "A primary group is autogenerated for user entries whose UID and GID numbers " "have the same value and at the same time the GID number does not correspond " @@ -4736,14 +4743,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4129 +#: sssd.conf.5.xml:4132 msgid "" "If the UID and GID of a user are different, then the GID must correspond to " "a group entry, otherwise the GID is simply not resolvable." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4136 +#: sssd.conf.5.xml:4139 msgid "" "This feature is useful for environments that wish to stop maintaining a " "separate group objects for the user private groups, but also wish to retain " @@ -4751,21 +4758,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4085 +#: sssd.conf.5.xml:4088 msgid "" "This option takes any of three available values: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4148 +#: sssd.conf.5.xml:4151 msgid "" "For subdomains, the default value is False for subdomains that use assigned " "POSIX IDs and True for subdomains that use automatic ID-mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4156 +#: sssd.conf.5.xml:4159 #, no-wrap msgid "" "[domain/forest.domain/sub.domain]\n" @@ -4773,7 +4780,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd.conf.5.xml:4162 +#: sssd.conf.5.xml:4165 #, no-wrap msgid "" "[domain/forest.domain]\n" @@ -4782,7 +4789,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4153 +#: sssd.conf.5.xml:4156 msgid "" "The value of auto_private_groups can either be set per subdomains in a " "subsection, for example: <placeholder type=\"programlisting\" id=\"0\"/> or " @@ -4791,7 +4798,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:2552 +#: sssd.conf.5.xml:2555 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called <quote>[domain/<replaceable>NAME</" @@ -4799,17 +4806,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4177 +#: sssd.conf.5.xml:4180 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4180 +#: sssd.conf.5.xml:4183 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4183 +#: sssd.conf.5.xml:4186 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here. As an alternative you can " @@ -4817,12 +4824,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4193 +#: sssd.conf.5.xml:4196 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4196 +#: sssd.conf.5.xml:4199 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -4830,12 +4837,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4206 +#: sssd.conf.5.xml:4209 msgid "proxy_resolver_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4209 +#: sssd.conf.5.xml:4212 msgid "" "The name of the NSS library to use for hosts and networks lookups in proxy " "domains. The NSS functions searched for in the library are in the form of " @@ -4843,12 +4850,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4220 +#: sssd.conf.5.xml:4223 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4223 +#: sssd.conf.5.xml:4226 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -4857,12 +4864,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4237 +#: sssd.conf.5.xml:4240 msgid "proxy_max_children (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4240 +#: sssd.conf.5.xml:4243 msgid "" "This option specifies the number of pre-forked proxy children. It is useful " "for high-load SSSD environments where sssd may run out of available child " @@ -4870,19 +4877,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4173 +#: sssd.conf.5.xml:4176 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" " "id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:4256 +#: sssd.conf.5.xml:4259 msgid "Application domains" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4258 +#: sssd.conf.5.xml:4261 msgid "" "SSSD, with its D-Bus interface (see <citerefentry> <refentrytitle>sssd-ifp</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry>) is appealing to " @@ -4899,7 +4906,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4278 +#: sssd.conf.5.xml:4281 msgid "" "Please note that the application domain must still be explicitly enabled in " "the <quote>domains</quote> parameter so that the lookup order between the " @@ -4907,17 +4914,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:4284 +#: sssd.conf.5.xml:4287 msgid "Application domain parameters" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4286 +#: sssd.conf.5.xml:4289 msgid "inherit_from (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4289 +#: sssd.conf.5.xml:4292 msgid "" "The SSSD POSIX-type domain the application domain inherits all settings " "from. The application domain can moreover add its own settings to the " @@ -4926,7 +4933,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:4303 +#: sssd.conf.5.xml:4306 msgid "" "The following example illustrates the use of an application domain. In this " "setup, the POSIX domain is connected to an LDAP server and is used by the OS " @@ -4936,7 +4943,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><programlisting> -#: sssd.conf.5.xml:4311 +#: sssd.conf.5.xml:4314 #, no-wrap msgid "" "[sssd]\n" @@ -4956,12 +4963,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4331 +#: sssd.conf.5.xml:4334 msgid "TRUSTED DOMAIN SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4333 +#: sssd.conf.5.xml:4336 msgid "" "Some options used in the domain section can also be used in the trusted " "domain section, that is, in a section called <quote>[domain/" @@ -4972,69 +4979,69 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4340 +#: sssd.conf.5.xml:4343 msgid "ldap_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4341 +#: sssd.conf.5.xml:4344 msgid "ldap_user_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4342 +#: sssd.conf.5.xml:4345 msgid "ldap_group_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4343 +#: sssd.conf.5.xml:4346 msgid "ldap_netgroup_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4344 +#: sssd.conf.5.xml:4347 msgid "ldap_service_search_base," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4345 +#: sssd.conf.5.xml:4348 msgid "ldap_sasl_mech," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4346 +#: sssd.conf.5.xml:4349 msgid "ad_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4347 +#: sssd.conf.5.xml:4350 msgid "ad_backup_server," msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4348 +#: sssd.conf.5.xml:4351 msgid "ad_site," msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4349 sssd-ipa.5.xml:884 +#: sssd.conf.5.xml:4352 sssd-ipa.5.xml:948 msgid "use_fully_qualified_names" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4353 +#: sssd.conf.5.xml:4356 msgid "" "For more details about these options see their individual description in the " "manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4359 +#: sssd.conf.5.xml:4362 msgid "CERTIFICATE MAPPING SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4361 +#: sssd.conf.5.xml:4364 msgid "" "To allow authentication with Smartcards and certificates SSSD must be able " "to map certificates to users. This can be done by adding the full " @@ -5047,7 +5054,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4375 +#: sssd.conf.5.xml:4378 msgid "" "To make the mapping more flexible mapping and matching rules were added to " "SSSD (see <citerefentry> <refentrytitle>sss-certmap</refentrytitle> " @@ -5055,7 +5062,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4384 +#: sssd.conf.5.xml:4387 msgid "" "A mapping and matching rule can be added to the SSSD configuration in a " "section on its own with a name like <quote>[certmap/" @@ -5064,55 +5071,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4391 +#: sssd.conf.5.xml:4394 msgid "matchrule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4394 +#: sssd.conf.5.xml:4397 msgid "" "Only certificates from the Smartcard which matches this rule will be " "processed, all others are ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4398 +#: sssd.conf.5.xml:4401 msgid "" "Default: KRB5:<EKU>clientAuth, i.e. only certificates which have the " "Extended Key Usage <quote>clientAuth</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4405 +#: sssd.conf.5.xml:4408 msgid "maprule (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4408 +#: sssd.conf.5.xml:4411 msgid "Defines how the user is found for a given certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4414 +#: sssd.conf.5.xml:4417 msgid "" "LDAP:(userCertificate;binary={cert!bin}) for LDAP based providers like " "<quote>ldap</quote>, <quote>AD</quote> or <quote>ipa</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4420 +#: sssd.conf.5.xml:4423 msgid "" -"The RULE_NAME for the <quote>files</quote> provider which tries to find a " -"user with the same name." +"If maprule is not set and provider is <quote>proxy</quote><phrase " +"condition=\"with_files_provider\">  or <quote>files</quote></phrase>, " +"the RULE_NAME name is assumed to be the name of the matching user." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4429 +#: sssd.conf.5.xml:4434 msgid "domains (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4432 +#: sssd.conf.5.xml:4437 msgid "" "Comma separated list of domain names the rule should be applied. By default " "a rule is only valid in the domain configured in sssd.conf. If the provider " @@ -5121,17 +5129,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4439 +#: sssd.conf.5.xml:4444 msgid "Default: the configured domain in sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4444 +#: sssd.conf.5.xml:4449 msgid "priority (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4447 +#: sssd.conf.5.xml:4452 msgid "" "Unsigned integer value defining the priority of the rule. The higher the " "number the lower the priority. <quote>0</quote> stands for the highest " @@ -5139,26 +5147,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4453 +#: sssd.conf.5.xml:4458 msgid "Default: the lowest priority" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4459 +#: sssd.conf.5.xml:4464 msgid "" "To make the configuration simple and reduce the amount of configuration " "options the <quote>files</quote> provider has some special properties:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4465 +#: sssd.conf.5.xml:4470 msgid "" "if maprule is not set the RULE_NAME name is assumed to be the name of the " "matching user" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4471 +#: sssd.conf.5.xml:4476 msgid "" "if a maprule is used both a single user name or a template like " "<quote>{subject_rfc822_name.short_name}</quote> must be in braces like e.g. " @@ -5167,17 +5175,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4480 +#: sssd.conf.5.xml:4485 msgid "the <quote>domains</quote> option is ignored" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4488 +#: sssd.conf.5.xml:4493 msgid "PROMPTING CONFIGURATION SECTION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4490 +#: sssd.conf.5.xml:4495 msgid "" "If a special file (<filename>/var/lib/sss/pubconf/pam_preauth_available</" "filename>) exists SSSD's PAM module pam_sss will ask SSSD to figure out " @@ -5187,7 +5195,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4498 +#: sssd.conf.5.xml:4503 msgid "" "With the growing number of authentication methods and the possibility that " "there are multiple ones for a single user the heuristic used by pam_sss to " @@ -5196,59 +5204,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4510 +#: sssd.conf.5.xml:4515 msgid "[prompting/password]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4513 +#: sssd.conf.5.xml:4518 msgid "password_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4514 +#: sssd.conf.5.xml:4519 msgid "to change the string of the password prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4512 +#: sssd.conf.5.xml:4517 msgid "" "to configure password prompting, allowed options are: <placeholder " "type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4522 +#: sssd.conf.5.xml:4527 msgid "[prompting/2fa]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4526 +#: sssd.conf.5.xml:4531 msgid "first_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4527 +#: sssd.conf.5.xml:4532 msgid "to change the string of the prompt for the first factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4530 +#: sssd.conf.5.xml:4535 msgid "second_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4531 +#: sssd.conf.5.xml:4536 msgid "to change the string of the prompt for the second factor" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4534 +#: sssd.conf.5.xml:4539 msgid "single_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4535 +#: sssd.conf.5.xml:4540 msgid "" "boolean value, if True there will be only a single prompt using the value of " "first_prompt where it is expected that both factors are entered as a single " @@ -5257,7 +5265,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4524 +#: sssd.conf.5.xml:4529 msgid "" "to configure two-factor authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/> If the second factor is " @@ -5266,7 +5274,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4548 +#: sssd.conf.5.xml:4553 msgid "" "Some clients, such as SSH with 'PasswordAuthentication yes', generate their " "own prompts and do not use prompts provided by SSSD or other PAM modules. " @@ -5277,17 +5285,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4563 +#: sssd.conf.5.xml:4568 msgid "[prompting/passkey]" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:4569 sssd-ad.5.xml:1022 +#: sssd.conf.5.xml:4574 sssd-ad.5.xml:1022 msgid "interactive" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4571 +#: sssd.conf.5.xml:4576 msgid "" "boolean value, if True prompt a message and wait before testing the presence " "of a passkey device. Recommended if your device doesn’t have a tactile " @@ -5295,46 +5303,46 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4579 +#: sssd.conf.5.xml:4584 msgid "interactive_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4581 +#: sssd.conf.5.xml:4586 msgid "to change the message of the interactive prompt." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4586 +#: sssd.conf.5.xml:4591 msgid "touch" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4588 +#: sssd.conf.5.xml:4593 msgid "" "boolean value, if True prompt a message to remind the user to touch the " "device." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:4594 +#: sssd.conf.5.xml:4599 msgid "touch_prompt" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4596 +#: sssd.conf.5.xml:4601 msgid "to change the message of the touch prompt." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:4565 +#: sssd.conf.5.xml:4570 msgid "" "to configure passkey authentication prompting, allowed options are: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4505 +#: sssd.conf.5.xml:4510 msgid "" "Each supported authentication method has its own configuration subsection " "under <quote>[prompting/...]</quote>. Currently there are: <placeholder " @@ -5343,7 +5351,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4607 +#: sssd.conf.5.xml:4612 msgid "" "It is possible to add a subsection for specific PAM services, e.g. " "<quote>[prompting/password/sshd]</quote> to individual change the prompting " @@ -5351,12 +5359,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:4614 pam_sss_gss.8.xml:157 idmap_sss.8.xml:43 +#: sssd.conf.5.xml:4619 pam_sss_gss.8.xml:157 idmap_sss.8.xml:43 msgid "EXAMPLES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4620 +#: sssd.conf.5.xml:4625 #, no-wrap msgid "" "[sssd]\n" @@ -5385,7 +5393,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4616 +#: sssd.conf.5.xml:4621 msgid "" "1. The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -5394,7 +5402,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4652 +#: sssd.conf.5.xml:4657 #, no-wrap msgid "" "[domain/ipa.com/child.ad.com]\n" @@ -5402,7 +5410,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4646 +#: sssd.conf.5.xml:4651 msgid "" "2. The following example shows configuration of IPA AD trust where the AD " "forest consists of two domains in a parent-child structure. Suppose IPA " @@ -5413,7 +5421,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:4663 +#: sssd.conf.5.xml:4668 #, no-wrap msgid "" "[certmap/my.domain/rule_name]\n" @@ -5424,7 +5432,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:4657 +#: sssd.conf.5.xml:4662 msgid "" "3. The following example shows the configuration of a certificate mapping " "rule. It is valid for the configured domain <quote>my.domain</quote> and " @@ -5694,8 +5702,17 @@ msgstr "" msgid "ldap_modify - Direct modification of userPassword (not recommended)." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> +#: sssd-ldap.5.xml:239 +msgid "" +"exop_force - Try Password Modify Extended Operation (RFC 3062) even if there " +"are no grace logins left. Depending on the type and configuration of the " +"LDAP server the password change might fail because an authenticated bind is " +"not possible." +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:240 +#: sssd-ldap.5.xml:251 msgid "" "Note: First, a new connection is established to verify current password by " "binding as the user that requested password change. If successful, this " @@ -5704,74 +5721,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:248 +#: sssd-ldap.5.xml:259 msgid "Default: exop" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:254 +#: sssd-ldap.5.xml:265 msgid "ldap_default_bind_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:257 +#: sssd-ldap.5.xml:268 msgid "The default bind DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:264 +#: sssd-ldap.5.xml:275 msgid "ldap_default_authtok_type (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:267 +#: sssd-ldap.5.xml:278 msgid "The type of the authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:271 +#: sssd-ldap.5.xml:282 msgid "The two mechanisms currently supported are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:274 +#: sssd-ldap.5.xml:285 msgid "password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:277 +#: sssd-ldap.5.xml:288 msgid "obfuscated_password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#: sssd-ldap.5.xml:291 msgid "Default: password" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:283 +#: sssd-ldap.5.xml:294 msgid "" "See the <citerefentry> <refentrytitle>sss_obfuscate</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> manual page for more information." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:294 +#: sssd-ldap.5.xml:305 msgid "ldap_default_authtok (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:297 +#: sssd-ldap.5.xml:308 msgid "The authentication token of the default bind DN." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:303 +#: sssd-ldap.5.xml:314 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:306 +#: sssd-ldap.5.xml:317 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -5780,24 +5797,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:319 +#: sssd-ldap.5.xml:330 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:322 +#: sssd-ldap.5.xml:333 msgid "" "Specifies how many seconds SSSD has to wait before refreshing its cache of " "enumerated records." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:338 +#: sssd-ldap.5.xml:349 msgid "ldap_purge_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:341 +#: sssd-ldap.5.xml:352 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " @@ -5805,7 +5822,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:347 +#: sssd-ldap.5.xml:358 msgid "" "Setting this option to zero will disable the cache cleanup operation. Please " "note that if enumeration is enabled, the cleanup task is required in order " @@ -5814,12 +5831,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:367 +#: sssd-ldap.5.xml:378 msgid "ldap_group_nesting_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:370 +#: sssd-ldap.5.xml:381 msgid "" "If ldap_schema is set to a schema format that supports nested groups (e.g. " "RFC2307bis), then this option controls how many levels of nesting SSSD will " @@ -5827,7 +5844,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:377 +#: sssd-ldap.5.xml:388 msgid "" "Note: This option specifies the guaranteed level of nested groups to be " "processed for any lookup. However, nested groups beyond this limit " @@ -5837,7 +5854,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:386 +#: sssd-ldap.5.xml:397 msgid "" "If ldap_group_nesting_level is set to 0 then no nested groups are processed " "at all. However, when connected to Active-Directory Server 2008 and later " @@ -5847,67 +5864,67 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:395 +#: sssd-ldap.5.xml:406 msgid "Default: 2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:404 +#: sssd-ldap.5.xml:415 msgid "" "This options enables or disables use of Token-Groups attribute when " "performing initgroup for users from Active Directory Server 2008 and later." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:414 +#: sssd-ldap.5.xml:425 msgid "Default: True for AD and IPA otherwise False." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:420 +#: sssd-ldap.5.xml:431 msgid "ldap_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:423 +#: sssd-ldap.5.xml:434 msgid "Optional. Use the given string as search base for host objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:427 sssd-ipa.5.xml:462 sssd-ipa.5.xml:481 sssd-ipa.5.xml:500 -#: sssd-ipa.5.xml:519 +#: sssd-ldap.5.xml:438 sssd-ipa.5.xml:526 sssd-ipa.5.xml:545 sssd-ipa.5.xml:564 +#: sssd-ipa.5.xml:583 msgid "" "See <quote>ldap_search_base</quote> for information about configuring " "multiple search bases." msgstr "" #. type: Content of: <listitem><para> -#: sssd-ldap.5.xml:432 sssd-ipa.5.xml:467 include/ldap_search_bases.xml:27 +#: sssd-ldap.5.xml:443 sssd-ipa.5.xml:531 include/ldap_search_bases.xml:27 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:439 +#: sssd-ldap.5.xml:450 msgid "ldap_service_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:444 +#: sssd-ldap.5.xml:455 msgid "ldap_iphost_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:449 +#: sssd-ldap.5.xml:460 msgid "ldap_ipnetwork_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:454 +#: sssd-ldap.5.xml:465 msgid "ldap_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:457 +#: sssd-ldap.5.xml:468 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -5915,7 +5932,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:463 +#: sssd-ldap.5.xml:474 msgid "" "Note: this option is subject to change in future versions of the SSSD. It " "will likely be replaced at some point by a series of timeouts for specific " @@ -5923,12 +5940,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:480 +#: sssd-ldap.5.xml:491 msgid "ldap_enumeration_search_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:483 +#: sssd-ldap.5.xml:494 msgid "" "Specifies the timeout (in seconds) that ldap searches for user and group " "enumerations are allowed to run before they are cancelled and cached results " @@ -5936,12 +5953,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:501 +#: sssd-ldap.5.xml:512 msgid "ldap_network_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:504 +#: sssd-ldap.5.xml:515 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> </citerefentry>/" @@ -5952,12 +5969,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:532 +#: sssd-ldap.5.xml:543 msgid "ldap_opt_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:535 +#: sssd-ldap.5.xml:546 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " @@ -5966,12 +5983,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:555 +#: sssd-ldap.5.xml:566 msgid "ldap_connection_expire_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:558 +#: sssd-ldap.5.xml:569 msgid "" "Specifies a timeout (in seconds) that a connection to an LDAP server will be " "maintained. After this time, the connection will be re-established. If used " @@ -5980,7 +5997,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:566 +#: sssd-ldap.5.xml:577 msgid "" "If the connection is idle (not actively running an operation) within " "<emphasis>ldap_opt_timeout</emphasis> seconds of expiration, then it will be " @@ -5991,36 +6008,36 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:578 +#: sssd-ldap.5.xml:589 msgid "" "This timeout can be extended of a random value specified by " "<emphasis>ldap_connection_expire_offset</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:588 sssd-ldap.5.xml:631 sssd-ldap.5.xml:1749 +#: sssd-ldap.5.xml:599 sssd-ldap.5.xml:642 sssd-ldap.5.xml:1760 msgid "Default: 900 (15 minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:594 +#: sssd-ldap.5.xml:605 msgid "ldap_connection_expire_offset (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:597 +#: sssd-ldap.5.xml:608 msgid "" "Random offset between 0 and configured value is added to " "<emphasis>ldap_connection_expire_timeout</emphasis>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:613 +#: sssd-ldap.5.xml:624 msgid "ldap_connection_idle_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:616 +#: sssd-ldap.5.xml:627 msgid "" "Specifies a timeout (in seconds) that an idle connection to an LDAP server " "will be maintained. If the connection is idle for more than this time then " @@ -6028,29 +6045,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:622 +#: sssd-ldap.5.xml:633 msgid "You can disable this timeout by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#: sssd-ldap.5.xml:648 msgid "ldap_page_size (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#: sssd-ldap.5.xml:651 msgid "" "Specify the number of records to retrieve from LDAP in a single request. " "Some LDAP servers enforce a maximum limit per-request." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:651 +#: sssd-ldap.5.xml:662 msgid "ldap_disable_paging (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:654 +#: sssd-ldap.5.xml:665 msgid "" "Disable the LDAP paging control. This option should be used if the LDAP " "server reports that it supports the LDAP paging control in its RootDSE but " @@ -6058,14 +6075,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:660 +#: sssd-ldap.5.xml:671 msgid "" "Example: OpenLDAP servers with the paging control module installed on the " "server but not enabled will report it in the RootDSE but be unable to use it." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:666 +#: sssd-ldap.5.xml:677 msgid "" "Example: 389 DS has a bug where it can only support a one paging control at " "a time on a single connection. On busy clients, this can result in some " @@ -6073,17 +6090,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:678 +#: sssd-ldap.5.xml:689 msgid "ldap_disable_range_retrieval (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:681 +#: sssd-ldap.5.xml:692 msgid "Disable Active Directory range retrieval." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:684 +#: sssd-ldap.5.xml:695 msgid "" "Active Directory limits the number of members to be retrieved in a single " "lookup using the MaxValRange policy (which defaults to 1500 members). If a " @@ -6093,12 +6110,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:699 +#: sssd-ldap.5.xml:710 msgid "ldap_sasl_minssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:702 +#: sssd-ldap.5.xml:713 msgid "" "When communicating with an LDAP server using SASL, specify the minimum " "security level necessary to establish the connection. The values of this " @@ -6106,17 +6123,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:708 sssd-ldap.5.xml:724 +#: sssd-ldap.5.xml:719 sssd-ldap.5.xml:735 msgid "Default: Use the system default (usually specified by ldap.conf)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:715 +#: sssd-ldap.5.xml:726 msgid "ldap_sasl_maxssf (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:718 +#: sssd-ldap.5.xml:729 msgid "" "When communicating with an LDAP server using SASL, specify the maximal " "security level necessary to establish the connection. The values of this " @@ -6124,12 +6141,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:731 +#: sssd-ldap.5.xml:742 msgid "ldap_deref_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:734 +#: sssd-ldap.5.xml:745 msgid "" "Specify the number of group members that must be missing from the internal " "cache in order to trigger a dereference lookup. If less members are missing, " @@ -6137,7 +6154,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:740 +#: sssd-ldap.5.xml:751 msgid "" "You can turn off dereference lookups completely by setting the value to 0. " "Please note that there are some codepaths in SSSD, like the IPA HBAC " @@ -6148,7 +6165,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:751 +#: sssd-ldap.5.xml:762 msgid "" "A dereference lookup is a means of fetching all group members in a single " "LDAP call. Different LDAP servers may implement different dereference " @@ -6157,7 +6174,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:759 +#: sssd-ldap.5.xml:770 msgid "" "<emphasis>Note:</emphasis> If any of the search bases specifies a search " "filter, then the dereference lookup performance enhancement will be disabled " @@ -6165,12 +6182,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:772 +#: sssd-ldap.5.xml:783 msgid "ldap_ignore_unreadable_references (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:775 +#: sssd-ldap.5.xml:786 msgid "" "Ignore unreadable LDAP entries referenced in group's member attribute. If " "this parameter is set to false an error will be returned and the operation " @@ -6178,7 +6195,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:782 +#: sssd-ldap.5.xml:793 msgid "" "This parameter may be useful when using the AD provider and the computer " "account that sssd uses to connect to AD does not have access to a particular " @@ -6186,26 +6203,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:795 +#: sssd-ldap.5.xml:806 msgid "ldap_tls_reqcert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:798 +#: sssd-ldap.5.xml:809 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:804 +#: sssd-ldap.5.xml:815 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:808 +#: sssd-ldap.5.xml:819 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6213,7 +6230,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:815 +#: sssd-ldap.5.xml:826 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " @@ -6221,7 +6238,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:821 +#: sssd-ldap.5.xml:832 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " @@ -6229,41 +6246,41 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#: sssd-ldap.5.xml:838 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:831 +#: sssd-ldap.5.xml:842 msgid "Default: hard" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:837 +#: sssd-ldap.5.xml:848 msgid "ldap_tls_cacert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:840 +#: sssd-ldap.5.xml:851 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 sssd-ldap.5.xml:864 sssd-ldap.5.xml:905 +#: sssd-ldap.5.xml:856 sssd-ldap.5.xml:875 sssd-ldap.5.xml:916 msgid "" "Default: use OpenLDAP defaults, typically in <filename>/etc/openldap/ldap." "conf</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:852 +#: sssd-ldap.5.xml:863 msgid "ldap_tls_cacertdir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:855 +#: sssd-ldap.5.xml:866 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -6273,32 +6290,32 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:871 +#: sssd-ldap.5.xml:882 msgid "ldap_tls_cert (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:874 +#: sssd-ldap.5.xml:885 msgid "Specifies the file that contains the certificate for the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:884 +#: sssd-ldap.5.xml:895 msgid "ldap_tls_key (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:887 +#: sssd-ldap.5.xml:898 msgid "Specifies the file that contains the client's key." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:896 +#: sssd-ldap.5.xml:907 msgid "ldap_tls_cipher_suite (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:899 +#: sssd-ldap.5.xml:910 msgid "" "Specifies acceptable cipher suites. Typically this is a colon separated " "list. See <citerefentry><refentrytitle>ldap.conf</refentrytitle> " @@ -6306,12 +6323,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:912 +#: sssd-ldap.5.xml:923 msgid "ldap_id_use_start_tls (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#: sssd-ldap.5.xml:926 msgid "" "Specifies that the id_provider connection must also use <systemitem " "class=\"protocol\">tls</systemitem> to protect the channel. <emphasis>true</" @@ -6319,12 +6336,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:926 +#: sssd-ldap.5.xml:937 msgid "ldap_id_mapping (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#: sssd-ldap.5.xml:940 msgid "" "Specifies that SSSD should attempt to map user and group IDs from the " "ldap_user_objectsid and ldap_group_objectsid attributes instead of relying " @@ -6332,17 +6349,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:935 +#: sssd-ldap.5.xml:946 msgid "Currently this feature supports only ActiveDirectory objectSID mapping." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:945 +#: sssd-ldap.5.xml:956 msgid "ldap_min_id, ldap_max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:948 +#: sssd-ldap.5.xml:959 msgid "" "In contrast to the SID based ID mapping which is used if ldap_id_mapping is " "set to true the allowed ID range for ldap_user_uid_number and " @@ -6353,24 +6370,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:960 +#: sssd-ldap.5.xml:971 msgid "Default: not set (both options are set to 0)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:966 +#: sssd-ldap.5.xml:977 msgid "ldap_sasl_mech (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:969 +#: sssd-ldap.5.xml:980 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI and GSS-SPNEGO are " "tested and supported." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:973 +#: sssd-ldap.5.xml:984 msgid "" "If the backend supports sub-domains the value of ldap_sasl_mech is " "automatically inherited to the sub-domains. If a different value is needed " @@ -6381,12 +6398,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:989 +#: sssd-ldap.5.xml:1000 msgid "ldap_sasl_authid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> -#: sssd-ldap.5.xml:1001 +#: sssd-ldap.5.xml:1012 #, no-wrap msgid "" "hostname@REALM\n" @@ -6399,7 +6416,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:992 +#: sssd-ldap.5.xml:1003 msgid "" "Specify the SASL authorization id to use. When GSSAPI/GSS-SPNEGO are used, " "this represents the Kerberos principal used for authentication to the " @@ -6411,17 +6428,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1012 +#: sssd-ldap.5.xml:1023 msgid "Default: host/hostname@REALM" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1018 +#: sssd-ldap.5.xml:1029 msgid "ldap_sasl_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1021 +#: sssd-ldap.5.xml:1032 msgid "" "Specify the SASL realm to use. When not specified, this option defaults to " "the value of krb5_realm. If the ldap_sasl_authid contains the realm as " @@ -6429,49 +6446,49 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1027 +#: sssd-ldap.5.xml:1038 msgid "Default: the value of krb5_realm." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1033 +#: sssd-ldap.5.xml:1044 msgid "ldap_sasl_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 +#: sssd-ldap.5.xml:1047 msgid "" "If set to true, the LDAP library would perform a reverse lookup to " "canonicalize the host name during a SASL bind." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1041 +#: sssd-ldap.5.xml:1052 msgid "Default: false;" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1047 +#: sssd-ldap.5.xml:1058 msgid "ldap_krb5_keytab (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1050 +#: sssd-ldap.5.xml:1061 msgid "Specify the keytab to use when using SASL/GSSAPI/GSS-SPNEGO." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1059 sssd-krb5.5.xml:247 +#: sssd-ldap.5.xml:1070 sssd-krb5.5.xml:247 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1065 +#: sssd-ldap.5.xml:1076 msgid "ldap_krb5_init_creds (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1068 +#: sssd-ldap.5.xml:1079 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " @@ -6479,28 +6496,28 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1080 +#: sssd-ldap.5.xml:1091 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1083 +#: sssd-ldap.5.xml:1094 msgid "" "Specifies the lifetime in seconds of the TGT if GSSAPI or GSS-SPNEGO is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1092 sssd-ad.5.xml:1253 +#: sssd-ldap.5.xml:1103 sssd-ad.5.xml:1256 msgid "Default: 86400 (24 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1098 sssd-krb5.5.xml:74 +#: sssd-ldap.5.xml:1109 sssd-krb5.5.xml:74 msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1101 +#: sssd-ldap.5.xml:1112 msgid "" "Specifies the comma-separated list of IP addresses or hostnames of the " "Kerberos servers to which SSSD should connect in the order of preference. " @@ -6512,7 +6529,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1113 sssd-krb5.5.xml:89 +#: sssd-ldap.5.xml:1124 sssd-krb5.5.xml:89 msgid "" "When using service discovery for KDC or kpasswd servers, SSSD first searches " "for DNS entries that specify _udp as the protocol and falls back to _tcp if " @@ -6520,7 +6537,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1118 sssd-krb5.5.xml:94 +#: sssd-ldap.5.xml:1129 sssd-krb5.5.xml:94 msgid "" "This option was named <quote>krb5_kdcip</quote> in earlier releases of SSSD. " "While the legacy name is recognized for the time being, users are advised to " @@ -6528,39 +6545,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1127 sssd-ipa.5.xml:531 sssd-krb5.5.xml:103 +#: sssd-ldap.5.xml:1138 sssd-ipa.5.xml:595 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1130 +#: sssd-ldap.5.xml:1141 msgid "Specify the Kerberos REALM (for SASL/GSSAPI/GSS-SPNEGO auth)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1134 +#: sssd-ldap.5.xml:1145 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" #. type: Content of: <variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1140 include/krb5_options.xml:154 +#: sssd-ldap.5.xml:1151 include/krb5_options.xml:154 msgid "krb5_canonicalize (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1143 +#: sssd-ldap.5.xml:1154 msgid "" "Specifies if the host principal should be canonicalized when connecting to " "LDAP server. This feature is available with MIT Kerberos >= 1.7" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1155 sssd-krb5.5.xml:336 +#: sssd-ldap.5.xml:1166 sssd-krb5.5.xml:336 msgid "krb5_use_kdcinfo (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1158 sssd-krb5.5.xml:339 +#: sssd-ldap.5.xml:1169 sssd-krb5.5.xml:339 msgid "" "Specifies if the SSSD should instruct the Kerberos libraries what realm and " "which KDCs to use. This option is on by default, if you disable it, you need " @@ -6570,7 +6587,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1169 sssd-krb5.5.xml:350 +#: sssd-ldap.5.xml:1180 sssd-krb5.5.xml:350 msgid "" "See the <citerefentry> <refentrytitle>sssd_krb5_locator_plugin</" "refentrytitle> <manvolnum>8</manvolnum> </citerefentry> manual page for more " @@ -6578,26 +6595,26 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1183 +#: sssd-ldap.5.xml:1194 msgid "ldap_pwd_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1186 +#: sssd-ldap.5.xml:1197 msgid "" "Select the policy to evaluate the password expiration on the client side. " "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1191 +#: sssd-ldap.5.xml:1202 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1196 +#: sssd-ldap.5.xml:1207 msgid "" "<emphasis>shadow</emphasis> - Use <citerefentry><refentrytitle>shadow</" "refentrytitle> <manvolnum>5</manvolnum></citerefentry> style attributes to " @@ -6606,7 +6623,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1204 +#: sssd-ldap.5.xml:1215 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " @@ -6614,31 +6631,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1213 +#: sssd-ldap.5.xml:1224 msgid "" "<emphasis>Note</emphasis>: if a password policy is configured on server " "side, it always takes precedence over policy set with this option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1221 +#: sssd-ldap.5.xml:1232 msgid "ldap_referrals (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1224 +#: sssd-ldap.5.xml:1235 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1228 +#: sssd-ldap.5.xml:1239 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1233 +#: sssd-ldap.5.xml:1244 msgid "" "Chasing referrals may incur a performance penalty in environments that use " "them heavily, a notable example is Microsoft Active Directory. If your setup " @@ -6651,51 +6668,51 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1252 +#: sssd-ldap.5.xml:1263 msgid "ldap_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1255 +#: sssd-ldap.5.xml:1266 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1259 +#: sssd-ldap.5.xml:1270 msgid "Default: ldap" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1265 +#: sssd-ldap.5.xml:1276 msgid "ldap_chpass_dns_service_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1268 +#: sssd-ldap.5.xml:1279 msgid "" "Specifies the service name to use to find an LDAP server which allows " "password changes when service discovery is enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1273 +#: sssd-ldap.5.xml:1284 msgid "Default: not set, i.e. service discovery is disabled" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1279 +#: sssd-ldap.5.xml:1290 msgid "ldap_chpass_update_last_change (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1282 +#: sssd-ldap.5.xml:1293 msgid "" "Specifies whether to update the ldap_user_shadow_last_change attribute with " "days since the Epoch after a password change operation." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1288 +#: sssd-ldap.5.xml:1299 msgid "" "It is recommend to set this option explicitly if \"ldap_pwd_policy = " "shadow\" is used to let SSSD know if the LDAP server will update " @@ -6704,12 +6721,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1302 +#: sssd-ldap.5.xml:1313 msgid "ldap_access_filter (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1305 +#: sssd-ldap.5.xml:1316 msgid "" "If using access_provider = ldap and ldap_access_order = filter (default), " "this option is mandatory. It specifies an LDAP search filter criteria that " @@ -6725,12 +6742,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1325 +#: sssd-ldap.5.xml:1336 msgid "Example:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1328 +#: sssd-ldap.5.xml:1339 #, no-wrap msgid "" "access_provider = ldap\n" @@ -6739,14 +6756,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1332 +#: sssd-ldap.5.xml:1343 msgid "" "This example means that access to this host is restricted to users whose " "employeeType attribute is set to \"admin\"." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1337 +#: sssd-ldap.5.xml:1348 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -6755,24 +6772,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1345 sssd-ldap.5.xml:1401 +#: sssd-ldap.5.xml:1356 sssd-ldap.5.xml:1412 msgid "Default: Empty" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1351 +#: sssd-ldap.5.xml:1362 msgid "ldap_account_expire_policy (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1354 +#: sssd-ldap.5.xml:1365 msgid "" "With this option a client side evaluation of access control attributes can " "be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1358 +#: sssd-ldap.5.xml:1369 msgid "" "Please note that it is always recommended to use server side access control, " "i.e. the LDAP server should deny the bind request with a suitable error code " @@ -6780,19 +6797,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1365 +#: sssd-ldap.5.xml:1376 msgid "The following values are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1368 +#: sssd-ldap.5.xml:1379 msgid "" "<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " "determine if the account is expired." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1373 +#: sssd-ldap.5.xml:1384 msgid "" "<emphasis>ad</emphasis>: use the value of the 32bit field " "ldap_user_ad_user_account_control and allow access if the second bit is not " @@ -6801,7 +6818,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1380 +#: sssd-ldap.5.xml:1391 msgid "" "<emphasis>rhds</emphasis>, <emphasis>ipa</emphasis>, <emphasis>389ds</" "emphasis>: use the value of ldap_ns_account_lock to check if access is " @@ -6809,7 +6826,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1386 +#: sssd-ldap.5.xml:1397 msgid "" "<emphasis>nds</emphasis>: the values of " "ldap_user_nds_login_allowed_time_map, ldap_user_nds_login_disabled and " @@ -6818,7 +6835,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1394 +#: sssd-ldap.5.xml:1405 msgid "" "Please note that the ldap_access_order configuration option <emphasis>must</" "emphasis> include <quote>expire</quote> in order for the " @@ -6826,22 +6843,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1407 +#: sssd-ldap.5.xml:1418 msgid "ldap_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1410 sssd-ipa.5.xml:356 +#: sssd-ldap.5.xml:1421 sssd-ipa.5.xml:420 msgid "Comma separated list of access control options. Allowed values are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1414 +#: sssd-ldap.5.xml:1425 msgid "<emphasis>filter</emphasis>: use ldap_access_filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1417 +#: sssd-ldap.5.xml:1428 msgid "" "<emphasis>lockout</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6851,14 +6868,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1427 +#: sssd-ldap.5.xml:1438 msgid "" "<emphasis> Please note that this option is superseded by the <quote>ppolicy</" "quote> option and might be removed in a future release. </emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1434 +#: sssd-ldap.5.xml:1445 msgid "" "<emphasis>ppolicy</emphasis>: use account locking. If set, this option " "denies access in case that ldap attribute 'pwdAccountLockedTime' is present " @@ -6871,12 +6888,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1451 +#: sssd-ldap.5.xml:1462 msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1455 sssd-ipa.5.xml:364 +#: sssd-ldap.5.xml:1466 sssd-ipa.5.xml:428 msgid "" "<emphasis>pwd_expire_policy_reject, pwd_expire_policy_warn, " "pwd_expire_policy_renew: </emphasis> These options are useful if users are " @@ -6886,31 +6903,31 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1465 sssd-ipa.5.xml:374 +#: sssd-ldap.5.xml:1476 sssd-ipa.5.xml:438 msgid "" "The difference between these options is the action taken if user password is " "expired:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1470 sssd-ipa.5.xml:379 +#: sssd-ldap.5.xml:1481 sssd-ipa.5.xml:443 msgid "pwd_expire_policy_reject - user is denied to log in," msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1476 sssd-ipa.5.xml:385 +#: sssd-ldap.5.xml:1487 sssd-ipa.5.xml:449 msgid "pwd_expire_policy_warn - user is still able to log in," msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ldap.5.xml:1482 sssd-ipa.5.xml:391 +#: sssd-ldap.5.xml:1493 sssd-ipa.5.xml:455 msgid "" "pwd_expire_policy_renew - user is prompted to change their password " "immediately." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1490 +#: sssd-ldap.5.xml:1501 msgid "" "Please note that 'access_provider = ldap' must be set for this feature to " "work. Also 'ldap_pwd_policy' must be set to shadow or mit_kerberos, these " @@ -6918,50 +6935,50 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1496 +#: sssd-ldap.5.xml:1507 msgid "" "<emphasis>authorized_service</emphasis>: use the authorizedService attribute " "to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1501 +#: sssd-ldap.5.xml:1512 msgid "<emphasis>host</emphasis>: use the host attribute to determine access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1505 +#: sssd-ldap.5.xml:1516 msgid "" "<emphasis>rhost</emphasis>: use the rhost attribute to determine whether " "remote host can access" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1509 +#: sssd-ldap.5.xml:1520 msgid "" "Please note, rhost field in pam is set by application, it is better to check " "what the application sends to pam, before enabling this access control option" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1514 +#: sssd-ldap.5.xml:1525 msgid "Default: filter" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1517 +#: sssd-ldap.5.xml:1528 msgid "" "Please note that it is a configuration error if a value is used more than " "once." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1524 +#: sssd-ldap.5.xml:1535 msgid "ldap_pwdlockout_dn (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1527 +#: sssd-ldap.5.xml:1538 msgid "" "This option specifies the DN of password policy entry on LDAP server. Please " "note that absence of this option in sssd.conf in case of enabled account " @@ -6970,74 +6987,74 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1535 +#: sssd-ldap.5.xml:1546 msgid "Example: cn=ppolicy,ou=policies,dc=example,dc=com" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1538 +#: sssd-ldap.5.xml:1549 msgid "Default: cn=ppolicy,ou=policies,$ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1544 +#: sssd-ldap.5.xml:1555 msgid "ldap_deref (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1547 +#: sssd-ldap.5.xml:1558 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1552 +#: sssd-ldap.5.xml:1563 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1556 +#: sssd-ldap.5.xml:1567 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1561 +#: sssd-ldap.5.xml:1572 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1566 +#: sssd-ldap.5.xml:1577 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1571 +#: sssd-ldap.5.xml:1582 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1579 +#: sssd-ldap.5.xml:1590 msgid "ldap_rfc2307_fallback_to_local_users (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1582 +#: sssd-ldap.5.xml:1593 msgid "" "Allows to retain local users as members of an LDAP group for servers that " "use the RFC2307 schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1586 +#: sssd-ldap.5.xml:1597 msgid "" "In some environments where the RFC2307 schema is used, local users are made " "members of LDAP groups by adding their names to the memberUid attribute. " @@ -7048,7 +7065,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1597 +#: sssd-ldap.5.xml:1608 msgid "" "This option falls back to checking if local users are referenced, and caches " "them so that later initgroups() calls will augment the local users with the " @@ -7056,58 +7073,58 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1609 sssd-ifp.5.xml:152 +#: sssd-ldap.5.xml:1620 sssd-ifp.5.xml:152 msgid "wildcard_limit (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1612 +#: sssd-ldap.5.xml:1623 msgid "" "Specifies an upper limit on the number of entries that are downloaded during " "a wildcard lookup." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1616 +#: sssd-ldap.5.xml:1627 msgid "At the moment, only the InfoPipe responder supports wildcard lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1620 +#: sssd-ldap.5.xml:1631 msgid "Default: 1000 (often the size of one page)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1626 +#: sssd-ldap.5.xml:1637 msgid "ldap_library_debug_level (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1629 +#: sssd-ldap.5.xml:1640 msgid "" "Switches on libldap debugging with the given level. The libldap debug " "messages will be written independent of the general debug_level." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1634 +#: sssd-ldap.5.xml:1645 msgid "" "OpenLDAP uses a bitmap to enable debugging for specific components, -1 will " "enable full debug output." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1639 +#: sssd-ldap.5.xml:1650 msgid "Default: 0 (libldap debugging disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1645 +#: sssd-ldap.5.xml:1656 msgid "ldap_use_ppolicy (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1648 +#: sssd-ldap.5.xml:1659 msgid "" "Turns on requesting and relying on the server-side password policy controls. " "Disabling this allows interacting with services which send back invalid " @@ -7115,12 +7132,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1660 +#: sssd-ldap.5.xml:1671 msgid "ldap_ppolicy_pwd_change_threshold (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1663 +#: sssd-ldap.5.xml:1674 msgid "" "Forces a password change when server side password policy controls are " "enabled and remaining grace logins returned by the server after the " @@ -7143,12 +7160,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1683 +#: sssd-ldap.5.xml:1694 msgid "SUDO OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1685 +#: sssd-ldap.5.xml:1696 msgid "" "The detailed instructions for configuration of sudo_provider are in the " "manual page <citerefentry> <refentrytitle>sssd-sudo</refentrytitle> " @@ -7156,43 +7173,43 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1696 +#: sssd-ldap.5.xml:1707 msgid "ldap_sudo_full_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1699 +#: sssd-ldap.5.xml:1710 msgid "" "How many seconds SSSD will wait between executing a full refresh of sudo " "rules (which downloads all rules that are stored on the server)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1704 +#: sssd-ldap.5.xml:1715 msgid "" "The value must be greater than <emphasis>ldap_sudo_smart_refresh_interval </" "emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1709 +#: sssd-ldap.5.xml:1720 msgid "" "You can disable full refresh by setting this option to 0. However, either " "smart or full refresh must be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1714 +#: sssd-ldap.5.xml:1725 msgid "Default: 21600 (6 hours)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1720 +#: sssd-ldap.5.xml:1731 msgid "ldap_sudo_smart_refresh_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1723 +#: sssd-ldap.5.xml:1734 msgid "" "How many seconds SSSD has to wait before executing a smart refresh of sudo " "rules (which downloads all rules that have USN higher than the highest " @@ -7200,14 +7217,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1729 +#: sssd-ldap.5.xml:1740 msgid "" "If USN attributes are not supported by the server, the modifyTimestamp " "attribute is used instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1733 +#: sssd-ldap.5.xml:1744 msgid "" "<emphasis>Note:</emphasis> the highest USN value can be updated by three " "tasks: 1) By sudo full and smart refresh (if updated rules are found), 2) by " @@ -7217,19 +7234,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1744 +#: sssd-ldap.5.xml:1755 msgid "" "You can disable smart refresh by setting this option to 0. However, either " "smart or full refresh must be enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1755 +#: sssd-ldap.5.xml:1766 msgid "ldap_sudo_random_offset (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1758 +#: sssd-ldap.5.xml:1769 msgid "" "Random offset between 0 and configured value is added to smart and full " "refresh periods each time the periodic task is scheduled. The value is in " @@ -7237,7 +7254,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1764 +#: sssd-ldap.5.xml:1775 msgid "" "Note that this random offset is also applied on the first SSSD start which " "delays the first sudo rules refresh. This prolongs the time when the sudo " @@ -7245,106 +7262,106 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1770 +#: sssd-ldap.5.xml:1781 msgid "You can disable this offset by setting the value to 0." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1780 +#: sssd-ldap.5.xml:1791 msgid "ldap_sudo_use_host_filter (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1783 +#: sssd-ldap.5.xml:1794 msgid "" "If true, SSSD will download only rules that are applicable to this machine " "(using the IPv4 or IPv6 host/network addresses and hostnames)." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1794 +#: sssd-ldap.5.xml:1805 msgid "ldap_sudo_hostnames (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1797 +#: sssd-ldap.5.xml:1808 msgid "" "Space separated list of hostnames or fully qualified domain names that " "should be used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1802 +#: sssd-ldap.5.xml:1813 msgid "" "If this option is empty, SSSD will try to discover the hostname and the " "fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1807 sssd-ldap.5.xml:1830 sssd-ldap.5.xml:1848 -#: sssd-ldap.5.xml:1866 +#: sssd-ldap.5.xml:1818 sssd-ldap.5.xml:1841 sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1877 msgid "" "If <emphasis>ldap_sudo_use_host_filter</emphasis> is <emphasis>false</" "emphasis> then this option has no effect." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1812 sssd-ldap.5.xml:1835 +#: sssd-ldap.5.xml:1823 sssd-ldap.5.xml:1846 msgid "Default: not specified" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1818 +#: sssd-ldap.5.xml:1829 msgid "ldap_sudo_ip (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1821 +#: sssd-ldap.5.xml:1832 msgid "" "Space separated list of IPv4 or IPv6 host/network addresses that should be " "used to filter the rules." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1826 +#: sssd-ldap.5.xml:1837 msgid "" "If this option is empty, SSSD will try to discover the addresses " "automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1841 +#: sssd-ldap.5.xml:1852 msgid "ldap_sudo_include_netgroups (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1844 +#: sssd-ldap.5.xml:1855 msgid "" "If true then SSSD will download every rule that contains a netgroup in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1859 +#: sssd-ldap.5.xml:1870 msgid "ldap_sudo_include_regexp (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1862 +#: sssd-ldap.5.xml:1873 msgid "" "If true then SSSD will download every rule that contains a wildcard in " "sudoHost attribute." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><note><para> -#: sssd-ldap.5.xml:1872 +#: sssd-ldap.5.xml:1883 msgid "" "Using wildcard is an operation that is very costly to evaluate on the LDAP " "server side!" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1884 +#: sssd-ldap.5.xml:1895 msgid "" "This manual page only describes attribute name mapping. For detailed " "explanation of sudo related attribute semantics, see <citerefentry> " @@ -7353,59 +7370,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1894 +#: sssd-ldap.5.xml:1905 msgid "AUTOFS OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1896 +#: sssd-ldap.5.xml:1907 msgid "" "Some of the defaults for the parameters below are dependent on the LDAP " "schema." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1902 +#: sssd-ldap.5.xml:1913 msgid "ldap_autofs_map_master_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1905 +#: sssd-ldap.5.xml:1916 msgid "The name of the automount master map in LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1908 +#: sssd-ldap.5.xml:1919 msgid "Default: auto.master" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1919 +#: sssd-ldap.5.xml:1930 msgid "ADVANCED OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1926 +#: sssd-ldap.5.xml:1937 msgid "ldap_netgroup_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1931 +#: sssd-ldap.5.xml:1942 msgid "ldap_user_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1936 +#: sssd-ldap.5.xml:1947 msgid "ldap_group_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note> -#: sssd-ldap.5.xml:1941 +#: sssd-ldap.5.xml:1952 msgid "<note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><note><para> -#: sssd-ldap.5.xml:1943 +#: sssd-ldap.5.xml:1954 msgid "" "If the option <quote>ldap_use_tokengroups</quote> is enabled, the searches " "against Active Directory will not be restricted and return all groups " @@ -7414,22 +7431,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist> -#: sssd-ldap.5.xml:1950 +#: sssd-ldap.5.xml:1961 msgid "</note>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1952 +#: sssd-ldap.5.xml:1963 msgid "ldap_sudo_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1957 +#: sssd-ldap.5.xml:1968 msgid "ldap_autofs_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1921 +#: sssd-ldap.5.xml:1932 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " @@ -7438,14 +7455,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1972 sssd-simple.5.xml:131 sssd-ipa.5.xml:930 -#: sssd-ad.5.xml:1392 sssd-krb5.5.xml:483 sss_rpcidmapd.5.xml:98 +#: sssd-ldap.5.xml:1983 sssd-simple.5.xml:131 sssd-ipa.5.xml:994 +#: sssd-ad.5.xml:1459 sssd-krb5.5.xml:483 sss_rpcidmapd.5.xml:98 #: sssd-files.5.xml:155 sssd-session-recording.5.xml:176 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1974 +#: sssd-ldap.5.xml:1985 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " @@ -7453,7 +7470,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1980 +#: sssd-ldap.5.xml:1991 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7466,27 +7483,27 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:1979 sssd-ldap.5.xml:1997 sssd-simple.5.xml:139 -#: sssd-ipa.5.xml:938 sssd-ad.5.xml:1400 sssd-sudo.5.xml:56 sssd-krb5.5.xml:492 -#: sssd-files.5.xml:162 sssd-files.5.xml:173 sssd-session-recording.5.xml:182 -#: include/ldap_id_mapping.xml:105 +#: sssd-ldap.5.xml:1990 sssd-ldap.5.xml:2008 sssd-simple.5.xml:139 +#: sssd-ipa.5.xml:1002 sssd-ad.5.xml:1467 sssd-sudo.5.xml:56 +#: sssd-krb5.5.xml:492 sssd-files.5.xml:162 sssd-files.5.xml:173 +#: sssd-session-recording.5.xml:182 include/ldap_id_mapping.xml:105 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1991 +#: sssd-ldap.5.xml:2002 msgid "LDAP ACCESS FILTER EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1993 +#: sssd-ldap.5.xml:2004 msgid "" "The following example assumes that SSSD is correctly configured and to use " "the ldap_access_order=lockout." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1998 +#: sssd-ldap.5.xml:2009 #, no-wrap msgid "" "[domain/LDAP]\n" @@ -7502,13 +7519,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:2013 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 -#: sssd-ad.5.xml:1415 sssd.8.xml:270 sss_seed.8.xml:163 +#: sssd-ldap.5.xml:2024 sssd_krb5_locator_plugin.8.xml:83 sssd-simple.5.xml:148 +#: sssd-ad.5.xml:1482 sssd.8.xml:270 sss_seed.8.xml:163 msgid "NOTES" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:2015 +#: sssd-ldap.5.xml:2026 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -9747,7 +9764,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:129 sssd-ad.5.xml:1182 +#: sssd-ipa.5.xml:129 sssd-ad.5.xml:1185 msgid "dyndns_update (boolean)" msgstr "" @@ -9762,7 +9779,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:141 sssd-ad.5.xml:1196 +#: sssd-ipa.5.xml:141 sssd-ad.5.xml:1199 msgid "" "NOTE: On older systems (such as RHEL 5), for this behavior to work reliably, " "the default Kerberos realm must be set properly in /etc/krb5.conf" @@ -9777,12 +9794,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:158 sssd-ad.5.xml:1207 +#: sssd-ipa.5.xml:158 sssd-ad.5.xml:1210 msgid "dyndns_ttl (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:161 sssd-ad.5.xml:1210 +#: sssd-ipa.5.xml:161 sssd-ad.5.xml:1213 msgid "" "The TTL to apply to the client DNS record when updating it. If " "dyndns_update is false this has no effect. This will override the TTL " @@ -9803,12 +9820,12 @@ msgid "Default: 1200 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:178 sssd-ad.5.xml:1221 +#: sssd-ipa.5.xml:178 sssd-ad.5.xml:1224 msgid "dyndns_iface (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:181 sssd-ad.5.xml:1224 +#: sssd-ipa.5.xml:181 sssd-ad.5.xml:1227 msgid "" "Optional. Applicable only when dyndns_update is true. Choose the interface " "or a list of interfaces whose IP addresses should be used for dynamic DNS " @@ -9832,17 +9849,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:198 sssd-ad.5.xml:1235 +#: sssd-ipa.5.xml:198 sssd-ad.5.xml:1238 msgid "Example: dyndns_iface = em1, vnet1, vnet2" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:204 sssd-ad.5.xml:1291 +#: sssd-ipa.5.xml:204 sssd-ad.5.xml:1294 msgid "dyndns_auth (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:207 sssd-ad.5.xml:1294 +#: sssd-ipa.5.xml:207 sssd-ad.5.xml:1297 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "updates with the DNS server, insecure updates can be sent by setting this " @@ -9850,17 +9867,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:213 sssd-ad.5.xml:1300 +#: sssd-ipa.5.xml:213 sssd-ad.5.xml:1303 msgid "Default: GSS-TSIG" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:219 sssd-ad.5.xml:1306 +#: sssd-ipa.5.xml:219 sssd-ad.5.xml:1309 msgid "dyndns_auth_ptr (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:222 sssd-ad.5.xml:1309 +#: sssd-ipa.5.xml:222 sssd-ad.5.xml:1312 msgid "" "Whether the nsupdate utility should use GSS-TSIG authentication for secure " "PTR updates with the DNS server, insecure updates can be sent by setting " @@ -9868,7 +9885,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:228 sssd-ad.5.xml:1315 +#: sssd-ipa.5.xml:228 sssd-ad.5.xml:1318 msgid "Default: Same as dyndns_auth" msgstr "" @@ -9895,7 +9912,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1241 +#: sssd-ipa.5.xml:260 sssd-ad.5.xml:1244 msgid "dyndns_refresh_interval (integer)" msgstr "" @@ -9908,12 +9925,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:276 sssd-ad.5.xml:1259 +#: sssd-ipa.5.xml:276 sssd-ad.5.xml:1262 msgid "dyndns_update_ptr (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:279 sssd-ad.5.xml:1262 +#: sssd-ipa.5.xml:279 sssd-ad.5.xml:1265 msgid "" "Whether the PTR record should also be explicitly updated when updating the " "client's DNS records. Applicable only when dyndns_update is true." @@ -9927,7 +9944,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:290 sssd-ad.5.xml:1267 +#: sssd-ipa.5.xml:290 sssd-ad.5.xml:1270 msgid "" "Note that <emphasis>dyndns_update_per_family</emphasis> parameter does not " "apply for PTR record updates. Those updates are always sent separately." @@ -9939,60 +9956,77 @@ msgid "Default: False (disabled)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1278 +#: sssd-ipa.5.xml:301 sssd-ad.5.xml:1281 msgid "dyndns_force_tcp (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:304 sssd-ad.5.xml:1281 +#: sssd-ipa.5.xml:304 sssd-ad.5.xml:1284 msgid "" "Whether the nsupdate utility should default to using TCP for communicating " "with the DNS server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:308 sssd-ad.5.xml:1285 +#: sssd-ipa.5.xml:308 sssd-ad.5.xml:1288 msgid "Default: False (let nsupdate choose the protocol)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:314 sssd-ad.5.xml:1321 +#: sssd-ipa.5.xml:314 sssd-ad.5.xml:1324 msgid "dyndns_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1324 +#: sssd-ipa.5.xml:317 sssd-ad.5.xml:1327 msgid "" "The DNS server to use when performing a DNS update. In most setups, it's " "recommended to leave this option unset." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:322 sssd-ad.5.xml:1329 +#: sssd-ipa.5.xml:322 sssd-ad.5.xml:1332 msgid "" "Setting this option makes sense for environments where the DNS server is " -"different from the identity server." +"different from the identity server or when we use encrypted DNS." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:327 sssd-ad.5.xml:1337 +msgid "" +"The parameter can be a simple string containing DNS name or IP address. It " +"can also be an URI. The URI can look like <emphasis>dns://servername/</" +"emphasis> or <emphasis>dns+tls://1.2.3.4:853#servername/</emphasis>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:334 sssd-ad.5.xml:1344 +msgid "" +"The second example enables DNS-over-TLS protocol for DNS updates. The " +"nsupdate utility must support DoT - check the <emphasis>man nsupdate</" +"emphasis> before enabling it in SSSD." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:327 sssd-ad.5.xml:1334 +#: sssd-ipa.5.xml:340 sssd-ad.5.xml:1350 msgid "" "Please note that this option will be only used in fallback attempt when " -"previous attempt using autodetected settings failed." +"previous attempt using autodetected settings failed or when DNS-over-TLS is " +"enabled." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:332 sssd-ad.5.xml:1339 +#: sssd-ipa.5.xml:346 sssd-ad.5.xml:1356 msgid "Default: None (let nsupdate choose the server)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:338 sssd-ad.5.xml:1345 +#: sssd-ipa.5.xml:352 sssd-ad.5.xml:1362 msgid "dyndns_update_per_family (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:341 sssd-ad.5.xml:1348 +#: sssd-ipa.5.xml:355 sssd-ad.5.xml:1365 msgid "" "DNS update is by default performed in two steps - IPv4 update and then IPv6 " "update. In some cases it might be desirable to perform IPv4 and IPv6 update " @@ -10000,177 +10034,233 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:353 +#: sssd-ipa.5.xml:367 sssd-ad.5.xml:1377 +msgid "dyndns_dot_cacert (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:370 sssd-ad.5.xml:1380 +msgid "" +"This option specifies the file of the certificate authorities certificates " +"(in PEM format) in order to verify the remote server TLS certificate when " +"using DoT." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:376 sssd-ad.5.xml:1386 +msgid "Default: None (use global certificate store)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:382 sssd-ad.5.xml:1392 +msgid "dyndns_dot_cert (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:385 sssd-ad.5.xml:1395 +msgid "" +"This option sets the certificate(s) file for authentication for the DoT " +"transport to the remote server. The certificate chain file is expected to be " +"in PEM format." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:391 sssd-ad.5.xml:1401 +msgid "" +"The <emphasis>dyndns_dot_cert</emphasis> and <emphasis>dyndns_dot_key</" +"emphasis> options must be both set to achieve mutual TLS authentication." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:396 sssd-ipa.5.xml:411 sssd-ad.5.xml:1406 sssd-ad.5.xml:1421 +msgid "Default: None (Do not use TLS authentication)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:402 sssd-ad.5.xml:1412 +msgid "dyndns_dot_key (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:405 sssd-ad.5.xml:1415 +msgid "" +"This option sets the key file for authenticated encryption for the DoT " +"transport to the remote server. The private key file is expected to be in " +"PEM format." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:417 msgid "ipa_access_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:360 +#: sssd-ipa.5.xml:424 msgid "<emphasis>expire</emphasis>: use IPA's account expiration policy." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:399 +#: sssd-ipa.5.xml:463 msgid "" "Please note that 'access_provider = ipa' must be set for this feature to " "work." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:406 +#: sssd-ipa.5.xml:470 msgid "ipa_deskprofile_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:409 +#: sssd-ipa.5.xml:473 msgid "" "Optional. Use the given string as search base for Desktop Profile related " "objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:413 sssd-ipa.5.xml:440 +#: sssd-ipa.5.xml:477 sssd-ipa.5.xml:504 msgid "Default: Use base DN" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:419 +#: sssd-ipa.5.xml:483 msgid "ipa_subid_ranges_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:422 +#: sssd-ipa.5.xml:486 msgid "" "Optional. Use the given string as search base for subordinate ranges related " "objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:426 +#: sssd-ipa.5.xml:490 msgid "Default: the value of <emphasis>cn=subids,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:433 +#: sssd-ipa.5.xml:497 msgid "ipa_hbac_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:436 +#: sssd-ipa.5.xml:500 msgid "Optional. Use the given string as search base for HBAC related objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:446 +#: sssd-ipa.5.xml:510 msgid "ipa_host_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:449 +#: sssd-ipa.5.xml:513 msgid "Deprecated. Use ldap_host_search_base instead." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:455 +#: sssd-ipa.5.xml:519 msgid "ipa_selinux_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:458 +#: sssd-ipa.5.xml:522 msgid "Optional. Use the given string as search base for SELinux user maps." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:474 +#: sssd-ipa.5.xml:538 msgid "ipa_subdomains_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:477 +#: sssd-ipa.5.xml:541 msgid "Optional. Use the given string as search base for trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:486 +#: sssd-ipa.5.xml:550 msgid "Default: the value of <emphasis>cn=trusts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:493 +#: sssd-ipa.5.xml:557 msgid "ipa_master_domain_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:496 +#: sssd-ipa.5.xml:560 msgid "Optional. Use the given string as search base for master domain object." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:505 +#: sssd-ipa.5.xml:569 msgid "Default: the value of <emphasis>cn=ad,cn=etc,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:512 +#: sssd-ipa.5.xml:576 msgid "ipa_views_search_base (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:515 +#: sssd-ipa.5.xml:579 msgid "Optional. Use the given string as search base for views containers." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:524 +#: sssd-ipa.5.xml:588 msgid "Default: the value of <emphasis>cn=views,cn=accounts,%basedn</emphasis>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:534 +#: sssd-ipa.5.xml:598 msgid "" "The name of the Kerberos realm. This is optional and defaults to the value " "of <quote>ipa_domain</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:538 +#: sssd-ipa.5.xml:602 msgid "" "The name of the Kerberos realm has a special meaning in IPA - it is " "converted into the base DN to use for performing LDAP operations." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:546 sssd-ad.5.xml:1363 +#: sssd-ipa.5.xml:610 sssd-ad.5.xml:1430 msgid "krb5_confd_path (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:549 sssd-ad.5.xml:1366 +#: sssd-ipa.5.xml:613 sssd-ad.5.xml:1433 msgid "" "Absolute path of a directory where SSSD should place Kerberos configuration " "snippets." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:553 sssd-ad.5.xml:1370 +#: sssd-ipa.5.xml:617 sssd-ad.5.xml:1437 msgid "" "To disable the creation of the configuration snippets set the parameter to " "'none'." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:557 sssd-ad.5.xml:1374 +#: sssd-ipa.5.xml:621 sssd-ad.5.xml:1441 msgid "" "Default: not set (krb5.include.d subdirectory of SSSD's pubconf directory)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:564 +#: sssd-ipa.5.xml:628 msgid "ipa_deskprofile_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:567 +#: sssd-ipa.5.xml:631 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server. This will reduce the latency and load on the IPA server if there " @@ -10178,34 +10268,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:574 sssd-ipa.5.xml:604 sssd-ipa.5.xml:620 sssd-ad.5.xml:600 +#: sssd-ipa.5.xml:638 sssd-ipa.5.xml:668 sssd-ipa.5.xml:684 sssd-ad.5.xml:600 msgid "Default: 5 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:580 +#: sssd-ipa.5.xml:644 msgid "ipa_deskprofile_request_interval (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:583 +#: sssd-ipa.5.xml:647 msgid "" "The amount of time between lookups of the Desktop Profile rules against the " "IPA server in case the last request did not return any rule." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:588 +#: sssd-ipa.5.xml:652 msgid "Default: 60 (minutes)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:594 +#: sssd-ipa.5.xml:658 msgid "ipa_hbac_refresh (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:597 +#: sssd-ipa.5.xml:661 msgid "" "The amount of time between lookups of the HBAC rules against the IPA server. " "This will reduce the latency and load on the IPA server if there are many " @@ -10213,12 +10303,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:610 +#: sssd-ipa.5.xml:674 msgid "ipa_hbac_selinux (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:613 +#: sssd-ipa.5.xml:677 msgid "" "The amount of time between lookups of the SELinux maps against the IPA " "server. This will reduce the latency and load on the IPA server if there are " @@ -10226,33 +10316,33 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:626 +#: sssd-ipa.5.xml:690 msgid "ipa_server_mode (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:629 +#: sssd-ipa.5.xml:693 msgid "" "This option will be set by the IPA installer (ipa-server-install) " "automatically and denotes if SSSD is running on an IPA server or not." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:634 +#: sssd-ipa.5.xml:698 msgid "" "On an IPA server SSSD will lookup users and groups from trusted domains " "directly while on a client it will ask an IPA server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:639 +#: sssd-ipa.5.xml:703 msgid "" "NOTE: There are currently some assumptions that must be met when SSSD is " "running on an IPA server." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:644 +#: sssd-ipa.5.xml:708 msgid "" "The <quote>ipa_server</quote> option must be configured to point to the IPA " "server itself. This is already the default set by the IPA installer, so no " @@ -10260,59 +10350,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:653 +#: sssd-ipa.5.xml:717 msgid "" "The <quote>full_name_format</quote> option must not be tweaked to only print " "short names for users from trusted domains." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:668 +#: sssd-ipa.5.xml:732 msgid "ipa_automount_location (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:671 +#: sssd-ipa.5.xml:735 msgid "The automounter location this IPA client will be using" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:674 +#: sssd-ipa.5.xml:738 msgid "Default: The location named \"default\"" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:682 +#: sssd-ipa.5.xml:746 msgid "VIEWS AND OVERRIDES" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:691 +#: sssd-ipa.5.xml:755 msgid "ipa_view_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:694 +#: sssd-ipa.5.xml:758 msgid "Objectclass of the view container." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:697 +#: sssd-ipa.5.xml:761 msgid "Default: nsContainer" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:703 +#: sssd-ipa.5.xml:767 msgid "ipa_view_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:706 +#: sssd-ipa.5.xml:770 msgid "Name of the attribute holding the name of the view." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:710 sssd-ldap-attributes.5.xml:496 +#: sssd-ipa.5.xml:774 sssd-ldap-attributes.5.xml:496 #: sssd-ldap-attributes.5.xml:832 sssd-ldap-attributes.5.xml:913 #: sssd-ldap-attributes.5.xml:1010 sssd-ldap-attributes.5.xml:1068 #: sssd-ldap-attributes.5.xml:1226 sssd-ldap-attributes.5.xml:1271 @@ -10320,128 +10410,128 @@ msgid "Default: cn" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:716 +#: sssd-ipa.5.xml:780 msgid "ipa_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:719 +#: sssd-ipa.5.xml:783 msgid "Objectclass of the override objects." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:722 +#: sssd-ipa.5.xml:786 msgid "Default: ipaOverrideAnchor" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:728 +#: sssd-ipa.5.xml:792 msgid "ipa_anchor_uuid (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:731 +#: sssd-ipa.5.xml:795 msgid "" "Name of the attribute containing the reference to the original object in a " "remote domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:735 +#: sssd-ipa.5.xml:799 msgid "Default: ipaAnchorUUID" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:741 +#: sssd-ipa.5.xml:805 msgid "ipa_user_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:744 +#: sssd-ipa.5.xml:808 msgid "" "Name of the objectclass for user overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:749 +#: sssd-ipa.5.xml:813 msgid "User overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:752 +#: sssd-ipa.5.xml:816 msgid "ldap_user_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:755 +#: sssd-ipa.5.xml:819 msgid "ldap_user_uid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:758 +#: sssd-ipa.5.xml:822 msgid "ldap_user_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:761 +#: sssd-ipa.5.xml:825 msgid "ldap_user_gecos" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:764 +#: sssd-ipa.5.xml:828 msgid "ldap_user_home_directory" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:767 +#: sssd-ipa.5.xml:831 msgid "ldap_user_shell" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:770 +#: sssd-ipa.5.xml:834 msgid "ldap_user_ssh_public_key" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:775 +#: sssd-ipa.5.xml:839 msgid "Default: ipaUserOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:781 +#: sssd-ipa.5.xml:845 msgid "ipa_group_override_object_class (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:784 +#: sssd-ipa.5.xml:848 msgid "" "Name of the objectclass for group overrides. It is used to determine if the " "found override object is related to a user or a group." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:789 +#: sssd-ipa.5.xml:853 msgid "Group overrides can contain attributes given by" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:792 +#: sssd-ipa.5.xml:856 msgid "ldap_group_name" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:795 +#: sssd-ipa.5.xml:859 msgid "ldap_group_gid_number" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:800 +#: sssd-ipa.5.xml:864 msgid "Default: ipaGroupOverride" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:684 +#: sssd-ipa.5.xml:748 msgid "" "SSSD can handle views and overrides which are offered by FreeIPA 4.1 and " "later version. Since all paths and objectclasses are fixed on the server " @@ -10451,19 +10541,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:812 +#: sssd-ipa.5.xml:876 msgid "SUBDOMAINS PROVIDER" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:814 +#: sssd-ipa.5.xml:878 msgid "" "The IPA subdomains provider behaves slightly differently if it is configured " "explicitly or implicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:818 +#: sssd-ipa.5.xml:882 msgid "" "If the option 'subdomains_provider = ipa' is found in the domain section of " "sssd.conf, the IPA subdomains provider is configured explicitly, and all " @@ -10471,7 +10561,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:824 +#: sssd-ipa.5.xml:888 msgid "" "If the option 'subdomains_provider' is not set in the domain section of sssd." "conf but there is the option 'id_provider = ipa', the IPA subdomains " @@ -10483,12 +10573,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ipa.5.xml:835 +#: sssd-ipa.5.xml:899 msgid "TRUSTED DOMAINS CONFIGURATION" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:843 +#: sssd-ipa.5.xml:907 #, no-wrap msgid "" "[domain/ipa.domain.com/ad.domain.com]\n" @@ -10496,7 +10586,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:837 +#: sssd-ipa.5.xml:901 msgid "" "Some configuration options can also be set for a trusted domain. A trusted " "domain configuration can be set using the trusted domain subsection as shown " @@ -10506,80 +10596,80 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:848 +#: sssd-ipa.5.xml:912 msgid "" "For more details, see the <citerefentry> <refentrytitle>sssd.conf</" "refentrytitle> <manvolnum>5</manvolnum> </citerefentry> manual page." msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:855 +#: sssd-ipa.5.xml:919 msgid "" "Different configuration options are tunable for a trusted domain depending " "on whether you are configuring SSSD on an IPA server or an IPA client." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:860 +#: sssd-ipa.5.xml:924 msgid "OPTIONS TUNABLE ON IPA MASTERS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:862 +#: sssd-ipa.5.xml:926 msgid "" "The following options can be set in a subdomain section on an IPA master:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:866 sssd-ipa.5.xml:896 +#: sssd-ipa.5.xml:930 sssd-ipa.5.xml:960 msgid "ad_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:869 +#: sssd-ipa.5.xml:933 msgid "ad_backup_server" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:872 sssd-ipa.5.xml:899 +#: sssd-ipa.5.xml:936 sssd-ipa.5.xml:963 msgid "ad_site" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:875 +#: sssd-ipa.5.xml:939 msgid "ldap_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:878 +#: sssd-ipa.5.xml:942 msgid "ldap_user_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd-ipa.5.xml:881 +#: sssd-ipa.5.xml:945 msgid "ldap_group_search_base" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd-ipa.5.xml:890 +#: sssd-ipa.5.xml:954 msgid "OPTIONS TUNABLE ON IPA CLIENTS" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:892 +#: sssd-ipa.5.xml:956 msgid "" "The following options can be set in a subdomain section on an IPA client:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:904 +#: sssd-ipa.5.xml:968 msgid "" "Note that if both options are set, only <quote>ad_server</quote> is " "evaluated." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd-ipa.5.xml:908 +#: sssd-ipa.5.xml:972 msgid "" "Since any request for a user or a group identity from a trusted domain " "triggered from an IPA client is resolved by the IPA server, the " @@ -10593,7 +10683,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ipa.5.xml:932 +#: sssd-ipa.5.xml:996 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -10601,7 +10691,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ipa.5.xml:939 +#: sssd-ipa.5.xml:1003 #, no-wrap msgid "" "[domain/example.com]\n" @@ -11727,6 +11817,11 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ad.5.xml:1136 +msgid "This option is deprecated." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ad.5.xml:1139 msgid "" "If this option is set to <quote>true</quote> SSSD will not filter out Domain " "Local groups from remote domains in the AD forest. By default they are " @@ -11737,7 +11832,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1146 +#: sssd-ad.5.xml:1149 msgid "" "Please note that setting this option to <quote>true</quote> will be against " "the intention of Domain Local group in Active Directory and <emphasis>SHOULD " @@ -11752,7 +11847,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1162 +#: sssd-ad.5.xml:1165 msgid "" "Given the comments above, if this option is set to <quote>true</quote> the " "tokenGroups request must be disabled by setting <quote>ldap_use_tokengroups</" @@ -11764,7 +11859,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1185 +#: sssd-ad.5.xml:1188 msgid "" "Optional. This option tells SSSD to automatically update the Active " "Directory DNS server with the IP address of this client. The update is " @@ -11775,19 +11870,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1215 +#: sssd-ad.5.xml:1218 msgid "Default: 3600 (seconds)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1231 +#: sssd-ad.5.xml:1234 msgid "" "Default: Use the IP addresses of the interface which is used for AD LDAP " "connection" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:1244 +#: sssd-ad.5.xml:1247 msgid "" "How often should the back end perform periodic DNS update in addition to the " "automatic update performed when the back end goes online. This option is " @@ -11797,7 +11892,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1394 +#: sssd-ad.5.xml:1461 msgid "" "The following example assumes that SSSD is correctly configured and example." "com is one of the domains in the <replaceable>[sssd]</replaceable> section. " @@ -11805,7 +11900,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1401 +#: sssd-ad.5.xml:1468 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -11820,7 +11915,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:1421 +#: sssd-ad.5.xml:1488 #, no-wrap msgid "" "access_provider = ldap\n" @@ -11829,7 +11924,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1417 +#: sssd-ad.5.xml:1484 msgid "" "The AD access control provider checks if the account is expired. It has the " "same effect as the following configuration of the LDAP provider: " @@ -11837,7 +11932,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1427 +#: sssd-ad.5.xml:1494 msgid "" "However, unless the <quote>ad</quote> access control provider is explicitly " "configured, the default access provider is <quote>permit</quote>. Please " @@ -11847,7 +11942,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:1435 +#: sssd-ad.5.xml:1502 msgid "" "When the autofs provider is set to <quote>ad</quote>, the RFC2307 schema " "attribute mapping (nisMap, nisObject, ...) is used, because these attributes " @@ -17408,7 +17503,7 @@ msgstr "" #: include/ldap_id_mapping.xml:67 msgid "" "The SSSD ID-mapping algorithm takes a range of available UIDs and divides it " -"into equally-sized component sections - called \"slices\"-. Each slice " +"into equally-sized component sections - called \"slices\". Each slice " "represents the space available to an Active Directory domain." msgstr "" @@ -17553,7 +17648,7 @@ msgid "" "For example, if your most recently-added Active Directory user has " "objectSid=S-1-5-21-2153326666-2176343378-3404031434-1107, " "<quote>ldap_idmap_range_size</quote> must be at least 1108 as range size is " -"equal to maximal SID minus minimal SID plus one (e.g. 1108 = 1107 - 0 + 1)." +"equal to maximal RID minus minimal RID plus one (e.g. 1108 = 1107 - 0 + 1)." msgstr "" #. type: Content of: <refsect1><refsect2><refsect3><variablelist><varlistentry><listitem><para>